I'm a student with some practical experience, and I'd like to become an information security expert. Where should I start?
Great question! Information security is a fantastic career choice. It's one of the hottest fields in information technology and shows great potential for future growth. I know quite a few infosec folks and have yet to come across anyone who has been unemployed for more than a few weeks.
There are two critical factors to landing your first job in information security: education and experience. On the education front, consider a technical degree program. Most security professionals come out of computer science and MIS programs. It's really important to have a solid, well-rounded IT background. Fields you should specifically explore in your studies include networking, databases and application development.
On the experience front, you're faced with the classic conundrum: you can't get experience without a job but you can't get a job without experience. My advice? Knock on doors until you can find some opportunity to get some hands-on security experience. Many large firms offer summer internship programs and seek out students interested in information security careers. What about finding a part-time job with the information security department at your college? They're often in need of extra help. Alternatively, you might be able to find volunteer opportunities to help local nonprofits in securing their systems. Any of these would make great resume fodder.
Good luck with your search!
- The SearchSecurity editorial team (aka The Security Squad) recently discussed how the poor economy will affect security pros.
- Get more sharp career advice from SearchSecurity.com's Information Security Careers, Training and Certifications Resource Center.
Dig Deeper on Information security certifications, training and jobs
Related Q&A from Mike Chapple
Explore the differences between wired and wireless network security, and read up on best practices to ensure security with or without wires. Continue Reading
Choosing to encrypt confidential data with AES or DES encryption is an important cybersecurity matter. Learn about the important differences between ... Continue Reading
It's not possible to eradicate the risk of DoS attacks, but there are steps infosec pros can take to reduce their impact. Mike Chapple shares ... Continue Reading