I'm a student with some practical experience, and I'd like to become an information security expert. Where should I start?
Great question! Information security is a fantastic career choice. It's one of the hottest fields in information technology and shows great potential for future growth. I know quite a few infosec folks and have yet to come across anyone who has been unemployed for more than a few weeks.
There are two critical factors to landing your first job in information security: education and experience. On the education front, consider a technical degree program. Most security professionals come out of computer science and MIS programs. It's really important to have a solid, well-rounded IT background. Fields you should specifically explore in your studies include networking, databases and application development.
On the experience front, you're faced with the classic conundrum: you can't get experience without a job but you can't get a job without experience. My advice? Knock on doors until you can find some opportunity to get some hands-on security experience. Many large firms offer summer internship programs and seek out students interested in information security careers. What about finding a part-time job with the information security department at your college? They're often in need of extra help. Alternatively, you might be able to find volunteer opportunities to help local nonprofits in securing their systems. Any of these would make great resume fodder.
Good luck with your search!
- The SearchSecurity editorial team (aka The Security Squad) recently discussed how the poor economy will affect security pros.
- Get more sharp career advice from SearchSecurity.com's Information Security Careers, Training and Certifications Resource Center.
Dig deeper on Information Security Jobs and Training
Related Q&A from Mike Chapple, Enterprise Compliance
The HHS security risk assessment tool is designed to help healthcare providers meet the HIPAA security requirement. Expert Mike Chapple explains how ...continue reading
PCI DSS requirement 6.6 demands application security compliance through one of two options: an application firewall or a code review. Expert Mike ...continue reading
Are HIPAA-compliant hosting services a better option for compliance than a secure storage API? Expert Mike Chapple analyzes.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.