How to Become an Information Security

Steps to a Career in Information Security

In order to pursue a career in information security, it is imperative to earn a degree in a technology related field. There are now a variety of schools offering information security specific degrees that will provide you with a very solid foundation for success in this field.

Typically information security is not something people are able to land jobs in immediately following college graduation. Most security analysts need to have a solid understanding of the organization and general systems environment in order to apply security skills appropriately. Many larger companies do not bring in people straight to the security field but instead hire them as regular IT analysts before offering a development path to move to an ISS specific position. So donít hesitate to get your feet wet by starting in a more general IT role but it is also important to ask during the interview process if the company has a security specific path or role available. Asking if the company has a CSO who can provide a career path for someone seeking out ISS opportunities can also be beneficial.

Once you have a degree and are employed in an IT capacity, seek out opportunities to work with security specific tools or services. You can also pursue security specific certifications and training to help show understanding of the principles behind systems security.

What types of employment options are available for ISS Professionals?

Mainly large organizations employ technical analysts who are strictly focused on security. That is why so many security professionals have broad backgrounds in general IT work. Many of them have worked in general IT roles and gained their experience or focus by being asked to accept or support security specific tools or applications. These large corporations can include hospitals, financial institutions, and universities. Information systems security professionals also work for government and military institutions to protect their secure data and prevent the theft of intellectual property.

Many small- to mid-sized companies do not have the organizational capacity to segregate security work from other general IT work. Most of these companies have specific individuals within the IT department who are asked to include security as part of their duties but maintain other responsibilities as well. Some mid-sized companies hire security professionals to lead their organizationís security program but typically there are not entire teams focused on security.

There are also ISS freelance opportunities available. Many companies hire security specialists only as needed and outsource as necessary. Also systems auditing, compliance evaluations and vulnerability assessments are often hired from outside the company to ensure there is no influence from within the organization on the results.

Other Information Security Categories
To learn more about Information Security careers, degrees, schools, and salaries, visit the following links/pages.