Think Information Security for Job Security
Gaining expertise in security is likely to require a distinctly proactive effort on your part. Sure, you may luck out and find yourself on a security-related project, but that's not the only way to develop expertise. "Nobody's going to drop this in your lap," Linde says. "You're going to have to seek it out on your own." Consider these routes to security specialisation:
Self-Styled Security Guru
Well, guru may be an exaggeration, but lots of organisations or teams have one person who knows more about the security issues behind a technology than anyone else. You can make it your goal to become that person. How? If you work with a software development package, for instance, this may mean learning about its security implementations and capabilities. "Once you gain that expertise," says Linde, "knowledge of it and how it works will give you a leg up in generic discussions of anything you're building."
Educational Programs
Organisations for security professionals, such as the Computer Security Institute and the Information Systems Security Association, offer programs for IT professionals interested in information security. The Computer Security Institute, for instance, offers Introduction to Computer and Network Security, a course for people new to the field.
Certification
As in other areas of IT, certification is one way to demonstrate expertise. The International Information Systems Security Certification Consortium offers a respected certification, the Certified Information Systems Security Professional (CISSP), for security pros. The exam tests professionals in 10 areas of knowledge, including access control, cryptography, application program security, computer architecture and physical security.
Visit Monster's Technology Forum
