Secure Reads: InfoSec Career Hacking

Read a review of the security book: "InfoSec Career Hacking: Sell Your Skillz, Not Your Soul"

This article can also be found in the Premium Editorial Download: Information Security magazine: Security 7 Award winners unmasked:

InfoSec Career Hacking:
Sell Your Skillz, Not Your Soul

By Aaron W. Bayles, Ed Brindley, James C. Foster, Chris Hurley and Johnny Long
Syngress, www.syngress.com, 441 pages, $39.95

A surprising number of security pros enter the corporate world each year with little to no idea how it works. Drop them at any shell prompt, and they'll quickly master an unfamiliar operating system, but ask them to write an effective rÉsumÉ or plan a meeting, and suddenly they're alone in the dark. InfoSec Career Hacking: Sell Your Skillz, Not Your Soul is like a corporate GPS to successfully navigate the hazards of an infosecurity career.

@exb

InfoSec Career Hacking: Sell Your Skillz, Not Your Soul
@exe This is a book for geeks, and if that term sounds insulting, find another book. The authors make it no secret that the intended audience revels in their geekdom. Most concepts are expressed in terms calculated to put fledgling light-side hackers at ease, like the "don't trip the sensors" method of blending in with a professional environment; mostly they're gimmicks that help set the tone of the advice.

And the book does contain a lot of advice. The authors' goal is not only to help the readers get their first infosecurity jobs, but also orient them to the professional world so that the job turns into a successful career. Much of the book is devoted to practical matters like building a quality test lab at home on the cheap, or hot-button issues like vulnerability disclosure models and their effects on the security community. They're not only timely, but also "big-picture" philosophical items that can add a bit of polish to a candidate's interview.

Not all of this discussion is interesting, however. The authors spend a lot of time on things you'd already expect people interested in security to know. For example, the "Laws of Security" chapter states that firewalls by themselves aren't sufficient to guard against all classes of attacks. This should not be a surprise to anyone with even a little security experience. Some of the information comes perilously close to stating the obvious, and most employers would think twice about hiring anyone for a security position who had to learn it this way.

The transition from hard-core geek to hard-core employed geek is often seen as a set of bizarre restrictions and protocols calculated to ensure they never get any "real work" done. InfoSec Career Hacking is essentially a geek-to-geek "brain dump" on corporate survival skills with an emphasis on technical security careers. Geeks with good technical skills but no corporate experience will appreciate this book's accessible approach to corporate mysteries.

--David Bianco

Top Shelf
Visit SearchSecurity.com's Information Security Bookshelf for chapter downloads from these books and more.

Curing the Patch Management Headache
By Felicia M. Nicastro
Auerbach Publications

Information Nation Warrior: Information Management Compliance Boot Camp
By Randolph Kahn
Aiim International

Spies Among Us
By Ira Winkler
Wiley

Silence On The Wire
By Michal Zalewski
No Starch Press

Information Security Policies Made Easy, Version 10
By Charles Cresson Wood
Information Shield

Cybercrime: Incident Response and Digital Forensics
By Robert Schperberg
Information Systems Audit and Control Association

Web Feedback
Tell us what you think of our book reviews or the titles on our online bookshelf. Send your comments to feedback@infosecuritymag.com or enter your thoughts on SearchSecurity.com's Sound Off.

"Ed Skoudis makes reading about malware, viruses, worms and Trojans a joy. Malware: Fighting Malicious Code is fresh and easy to read, even fun at some times -- a highly recommendable reading for someone trying to learn a lot about malware."
-HUGO KONCKE, IT manager, Montevideo Stock Exchange
Download Chapter 6 from SearchSecurity.com's Information Security Bookshelf.

This was first published in September 2005

Dig deeper on Security Resources

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close