How to Start Your InfoSec Career

This month’s podcast is hosted by Andrew, Luke, Zack, and Lane.

News Items:

How to Start Your InfoSec Career:

Goal: Share with you some of my experience in InfoSec so you can make more informed decisions entering your careers.  This is targeting those looking into get started in an InfoSec career path.

  • Find your passion with technology
    • Most important thing in this field.  This stuff requires a lot of after hours time and if you aren’t passionate its really hard to keep up.

Below is a quick overview of common roles in InfoSec so you can know where to get started.  Note: Not all roles, just a high-level summary.

Network Analysts Roles: Focus on analyzing network communications for malicious or anomalous activity

    • Common entry-level – Great for college grads!
    • Skills: Scripting, Linux, understanding of basic TCP/IP, pcap tools (tcpdump, wireshark, etc.), IDS tools (Snort, Bro, etc.)
    • In short you find bad guys, it is very cool work if you like detail and thinking outside of the box.

Security Administrators Roles: Focuses on managing/deploying security appliances/tools, and often a catch-all term which will blend help desk/sys admin work with the role (depending on the organization)

    • Can be entry-level -> Often career progression from sys admin/support role, but again this highly depends on the organization
    • Skills: Scripting
    • You may be managing enterprise AV, Firewalls, spam filters, IPS/IDS appliance, etc.
    • This can be a very hands on role and is normally focused more of deploying/maintenance of tools vs. analysis of data

Security Assessment Roles (Auditors, Penetration Testers, Red Teams, Blue Teams,  Vulnerability Analysts, etc.): Focuses on finding vulnerabilities and helping organizations understand risk to prioritize remediation efforts.

    • Common entry-level (for vuln analysts)
    • Skills: Scripting, Knowledge of the technology that you’ll be assessing (OSs, Routers, Switches, Firewalls, web apps, etc.), vulnerability enumeration tools (Nessus, Nmap, Burp Suite, Metasploit, etc.)
    • Penetration Tester Roles (Trying to break stuff/Hack companies) is not normally an entry-level role

Malware Analysis Roles (Analysts, Reverse Engineer’s): Role is designed to analyze how some sample of software works to determine if it’s malicious and extract how it works + indicators of compromise (IOCs).

Developer Roles – In huge demand because many lack coding skills.  Normally if you’re a developer in security you’ll be focusing on secure coding practices, or developing tools to support automation for assessment teams, or network defenders.