Problem solve Get help with specific problems with your technologies, process and projects.

The road from network administrator to information security professional

Recently, a young network administrator told Mike Chapple, "I really want to channel my efforts to become an information security professional. What steps do you recommend?" Chapple explains the type of experience needed to make the transition.

I have two years experience as a network administrator, but I really want to channel my efforts to become an information security professional. What steps do you recommend? What should I study or get certified in?
First, congratulations on choosing an exciting field! Almost every security practitioner I know came into security through the "back door." There simply aren't very many kids out there saying "Daddy, I want to be an information security professional when I grow up!" Rather, most of us start out doing something else and wind up gradually becoming security professionals.

As a network administrator, you have a strong start down the security career path. It's essential that you have...

a strong technical background to gain "street cred" in the security profession. My first recommendation would be to get as much exposure to the concepts and technologies of network security as you possibly can. Such experience should be a natural extension of your existing position, so the task shouldn't be too hard to accomplish. Learn about firewalls, intrusion prevention systems, network authentication and any other technologies you can get your hands on.

You don't mention anything about your educational background in your question. If you don't already have a bachelor's degree, take the time to earn one. I don't know many people in our field (although there are some) who don't have at least an undergraduate degree.

Finally, you'll need to get a broad exposure to information security practices and principles. There are many ways to gain this exposure, either through classroom training, self-study or hands-on job experience. Do whatever's available to you. The Certified Information Systems Security Professional (CISSP) curriculum is a great way to get a well-rounded exposure to our field.

Good luck in your career development!

For more information:

  • Security certifications can be one way to evaluate security consultants, but opinions vary as to their value.
  • Visit SearchSecurity.com's CISSP Certification Training School.
  • This was last published in January 2008

    Dig Deeper on Information security certifications, training and jobs

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.