How do I transition to a career in IT security?

Looking to move into a career in IT security? Network security expert Mike Chapple how to take a business or sales background and turn it into just that.

Mike Chapple, University of Notre Dame

I have been out of college for five years, but have decided to make a career change. I was a business major and had a career in IT sales at a software company selling BI software. I have always been interested in IT/network security, so I have registered for certification classes, starting with Network+. How hard of a career change is this going to be due to the fact that I did not major in computer science? And what other classes and certifications should I consider?

I don't think it will be a difficult career change at all. In fact, when I counsel computer science majors on pursuing...

Step 2 of 2:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please log in.

You have exceeded the maximum character limit.

Please provide a Corporate Email Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

an information security career, the first thing I tell them is that they need to take some business courses to gain an understanding of how the business operates. You're simply approaching it from the opposite point of view: You have the business education and experience and need to gain technical skills.

Networking is a good start, as it's an important part of the foundational knowledge for any security professional. I'd also recommend a good, broad introduction to the information security field. You can achieve that by pursuing either the Security+ or Associate of (ISC)2 certification. Once you've gained some experience, you'll definitely want to pursue the industry standard CISSP certification.

With that basic foundation, the next step is choosing an area of specialization. Information security is an extremely broad field: You can choose to focus on network security, security policy, application security or many other areas. When you find one that appeals to you (and your employer, if you're looking for an internal move), take some specialized courses to learn the ropes of that field and get some hands-on experience.

For more information:

Get information on how to become a security expert.
Are security certifications worth the trouble? Read more.

This was last published in March 2009

Tips to prepare for Google Cloud Architect certification

Getting started with a career in IT infrastructure: A brief guide

CompTIA Network+

CS degrees vs. cloud certifications: Compare the pros and cons

Dig Deeper on Information security certifications, training and jobs

Tips to prepare for Google Cloud Architect certification

Getting started with a career in IT infrastructure: A brief guide

CompTIA Network+

CS degrees vs. cloud certifications: Compare the pros and cons

Related Q&A from Mike Chapple

Stateful vs. stateless firewalls: Understanding the differences

Wired vs. wireless network security: Best practices

The difference between AES and DES encryption