The Catch-22 of infosec employment

The Catch-22 of infosec employment

The field of computer use is extremely dynamic, such that all aspects are changing at a rapid rate. How does an individual, new to this field, avoid the Catch-22 to be employed? Employers want experienced workers, yet people cannot gain true experience without OTJ work (outside training courses are very expensive to pay out of pocket and only concentrate on certs). Also, because the field is changing rapidly and certs are harder to come by (since many companies no longer pay for the training) how does a NEW individual comfortably enter this field?


    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

I don't think the process is necessarily comfortable, unless you're working at something else already. For someone truly new, I'm guessing this means going for a first job. In that case, I recommend that people investi- gate one of multiple paths to gain experience while seeking permanent, meaningful employment, as follows:

  • Volunteer work: local churches, schools and charities often need IT help and because they can't pay, and they can't be that picky about who works for them, either. By combining such work with study for certification you can get hands-on experience that counts and do some good for your community at the same time.

  • Grunt work: If you know somebody in IT, you can often talk yourself into part-time, temporary work to help out with upgrades, migrations and other periodic tasks that require extra hands to complete. By joining a local user's group (for Windows, NetWare, Cisco or whatever interests you most) you can often find out about such opportunities.

  • Temporary work: Although the down economy means you'll be competing with more experienced people for temp jobs, once you get certified, you'll find yourself occasionally eligible for lower-paying, on-again, off-again temporary IT work. It may not pay as well as a real job, but it will help you post some real experience on your resume.

    I hope you find these suggestions helpful. If you do have another job, I encourage you to concentrate on volunteer work while you pursue certification at the same time. You can then garner experience and obtain some credentials before trying to make a career move. Good luck.

    For more information on this topic, visit these other SearchSecurity resources:
    Best Web Links: Infosec Career Information
    Ask the Expert: Certs that don't require experience
    Ask the Expert: Experience vs. certification in today's job market


    This was first published in April 2002