Ask the Expert

The road from network administrator to information security professional

I have two years experience as a network administrator, but I really want to channel my efforts to become an information security professional. What steps do you recommend? What should I study or get certified in?

    Requires Free Membership to View

First, congratulations on choosing an exciting field! Almost every security practitioner I know came into security through the "back door." There simply aren't very many kids out there saying "Daddy, I want to be an information security professional when I grow up!" Rather, most of us start out doing something else and wind up gradually becoming security professionals.

As a network administrator, you have a strong start down the security career path. It's essential that you have a strong technical background to gain "street cred" in the security profession. My first recommendation would be to get as much exposure to the concepts and technologies of network security as you possibly can. Such experience should be a natural extension of your existing position, so the task shouldn't be too hard to accomplish. Learn about firewalls, intrusion prevention systems, network authentication and any other technologies you can get your hands on.

You don't mention anything about your educational background in your question. If you don't already have a bachelor's degree, take the time to earn one. I don't know many people in our field (although there are some) who don't have at least an undergraduate degree.

Finally, you'll need to get a broad exposure to information security practices and principles. There are many ways to gain this exposure, either through classroom training, self-study or hands-on job experience. Do whatever's available to you. The Certified Information Systems Security Professional (CISSP) curriculum is a great way to get a well-rounded exposure to our field.

Good luck in your career development!

For more information:

  • Security certifications can be one way to evaluate security consultants, but opinions vary as to their value.
  • Visit's CISSP Certification Training School.
  • This was first published in January 2008

    There are Comments. Add yours.

    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: