The ‘Information security’ domain is growing by leaps and bounds today. While it was in a negligible state of growth even 5 years back, it has grown exponentially over the years. Schools have started introducing small bits of Information security concepts into the curriculum. Colleges in India and abroad have started introducing Information security specializations at the undergraduate and graduate level. So, what are the different career choices that are available for students who graduate with a degree in Information security and for professionals who move along their Infosec careers?
This is a list of career options that are available for professionals who are in the InfoSec field with the description of the various career choices:
- Security analyst
Experience – Atleast 5 years of relevant experience
Certifications – CISSP, CCSP, CEH, OSCP and other certifications are always preferred.
Job description –
The security analyst is expected to:
- Monitor & optimize security monitoring and assessment solutions/tools to efficiently identify the most concerning security gaps.
- Capture, prioritize and efficiently escalate to appropriate internal teams any security incidents identified from security tools or from correlation with other sources.
2. Network Security Engineer
Experience – 6 or more years of relevant functional experience in network architect role or equivalent
Job description –
- Designing, Implementation and integration of networking equipment routers, switches, firewalls, proxies and security appliances
- Troubleshoot, resolve and find out root cause of network and security issues.
- Prepare network documentation such as network diagram, network design with rationale of design, implementation plan and power point slides on proposals for new features to address network issues.
3. Information security analyst – Pen tester
Experience – 3-5 years experience as pen tester or Information security specialist with pen testing acumen.
Certifications such as CISSP, CEH will always be preferred.
Job description – The Information Security Analyst will be responsible for performing penetration tests on IT Solutions created in house as well as commercial off the shelf. The analyst will be responsible for creating external security testing requirements, coordination of tests performed by contracted 3rd parties and evaluation of the reports.
4. IT auditor
Desired skills – A degree in Computer Science with 6+ years of experience in IT and Operations auditing, risk management, IT Compliance, Information Security, IT program or project management,
Certifications – CISSP, CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager ) are some of the preferred certifications to secure a job as an IT auditor.
Job description – The role of an IT auditor involves developing, implementing, testing and evaluating audit review procedures. He/She will be responsible for conducting IT and IT-related audit projects using the established IT auditing standard in their organization. The audit process can extend to networks, software, programs, communication systems, security systems and any other services that rely on the company’s technological infrastructure.
5. NOC engineer
Desired skills and experience – 3+ years’ experience with MS SQL, VMware, and IIS including related technologies and standards such as DHCP, DNS, DFS, LDAP, IPSEC, CIFS, SMB, etc.
Job description –
- Periodically check application and system health to support NOC Technicians.
- Day to day administration of a 1000+ Windows/Linux servers, including related applications.
- Manage and support local site VMWare multi-cluster environment.
6. SIEM – Security Information Event Management-Consultant
Mandatory skills – SIEM
Desired skills – Application Security Code Review – SAC-L1, Big Data-L1
Desired work experience – 5-8 years
Job description – The job requires the candidate to have in-depth knowledge in any one technological or industry practice / functional area and overview of 2-3 other areas. The candidate should be able to handle solution definition/ fitment for a small sized project with a medium complexity. The candidate should also be able to build a custom Function Module with medium complexity program logic.
7. Network Security Administrator
Desired skills – Experience in network configuration and administration including VLANs, ACLs, switches, routers, ISPs and firewalls (i.e. Cisco, HP, Palo Alto, SonicWALL) would be good along with other skills with Linux OS, Azure, switches, routers, firewalls
Job description –
- Design, implement and manage a foolproof network security policy
- Implement and configure security software and tools such as anti-virus, firewall, intrusion detection and more
- Identify known and unknown network vulnerabilities and ways to counteract them
CISO(Chief Information Security Officer) and CIO(Chief Information Officer) are the professionals who have reached the pinnacle of the IT security profession!
These are some of the career choices that are available in the area of Information security. Almost all jobs will need a degree in Computer Science or related area along with certifications such as the CISSP or CEH or other appropriate certifications.
References:
- indeed.co.in
- Linkedin.com
- naukri.com