Jidaw Systems

Information Security Specialist (more knowledge, more secure and efficient)

The job / work of the Information security specialist is to keep out the bad guys and help secure information assets and network from unauthorized access, e-mail attacks and malicious code viruses. 
It requires technical ICT competence as well as mastery of issues that include: Digital certificates, authentication, encryption keys, VPNs, Firewalls and intrusion detection, Business Availability, disaster recovery Planning, Social engineering and business knowledge. Because of information security's impact and close relationship with crime and society, security professionals need to have a solid grasp of ethical and legal issues. 

The Ethical hacking approach - "trying to catch a thief, by thinking like a thief" - is an approach adopted by many security professionals. How do cybercriminals think? What are the weaknesses? Why and what do they attack? What is in the hackers mind?

Information security professional needs knowledge tools to close the expertise gap. They often learn from experience and develop expertise by investing in relevant training and certification programs. Furthermore, Information security requires a forward thinking, proactive mindset. Lifelong learning is imperative in the world of constant change.

Information Security Certifications
The great advantage of certification is the emphasis on industry and societal needs. No storytelling please! Where are the gaps, where are the needs? It isn't about academic theories. Quality certifications are based on learning, current risks, threats, technologies, global best practices and standards. Good certification programs eliminate the need to reinvent of the wheel. 

Recognized information security certifications include Security+ developed by the Computing Technology Industry Association (CompTIA) to cover the fundamentals of information security; The Certified Information Systems Auditor (CISA) program - "health check" specialists, sponsored by the Information Systems Audit and Control Association (ISACA) covers information systems (IS) audit, control, and security; CISSP (Certified Information Systems Security Professional) certification from International Information System Security Certification Consortium, Inc (ISC)² is ideal for mid- and senior-level managers - experienced information security professionals; Cisco Certified Security Professional (CCSP) certification from Cisco systems validates skills and knowledge for installing, configuring, and maintaining Cisco security products; The Ethical Hacking and Countermeasures certification (CEH) developed by the International Council of Electronic Commerce Consultants (EC-Council) to enable experienced technology professionals use the same knowledge and tools used by malicious hacker, this time for ethical purposes.

The best security certification? Best is relative. What does the individual or organization want to achieve? It depends on the individual's need and situation? Is the individual a beginner or an experienced professional? What is corporate need for Information security expertise? 

Certification Benefits
Certification provides independent validation of knowledge and skills based on global best practices and standards. In the ICT industry certifications are globally recognized as proof of professional achievement -a level of competence commonly accepted and valued by the industry. For the individual certification enhances credibility and marketability, especially in a fast growing area like security. Clients and employers also see it as an indication of initiative and commitment to the profession.
Credible certification programs in addition provide the following benefits for certified individuals - Ongoing education, Continuing Professional Education (CPE), Peer networking, Forums, Events, Job opportunities, Industry communications, Speaking and volunteer opportunities.

Information Security Career Opportunities (Job Titles, Target Audience)
Typical job titles include Information Security practitioner, auditor, consultant, vendor, Investigator, instructors, network engineers, Security auditors, Penetration Tester, Security programmers, Vulnerability assessors, Information Security Specialist, Security officers, auditors, Security professionals, Site administrators, Forensic Investigator, etc.

An information security professional guards the whole perimeter while the attacker needs only one point of entry. Information security is no joke. Unlike conventional "old school, brick-and-mortar" security assignments, it deals both the tangible (physical protection) and the intangible (software, information protection). Because of the significant impact the bad guys are making, security is a hot topic these days in the knowledge world. However it isn't about what is cool or hot. Protecting information isn't a job for quick fixers. It requires commitment and the ability to shoulder immense responsibilities (ethics, technical, legal, business, people, lifelong learning).

Newcomers should look for volunteering opportunities because most of the demand in security is for experienced professionals. Volunteering should be value and contribution focused. Newcomers need to start with the fundamentals. Basic fundamental knowledge and skills are a necessity for sustainable career growth. Security is best applied as an specialty add-on to an area of interest (Networking, Web Development, Programming, etc). With a foundation in such an area, you can then proceed to build on that with security experience by developing security skills and knowledge.

Information security career opportunities exist for people in ICT and System administration and in law enforcement, Defense, Military, Security and the Legal profession.

These opportunities for experienced security professionals are in Education, paid employment, Independent Consulting, Security outsourcing and the development of security products and services. For example, in the application development space, secure development processes is becoming mandatory and it's no wonder that the demand for security outsourcing is on the increase. 

What Do you Have to Say? Post Your Comments about this content resource Here.



comments powered by Disqus


August 23, 2006

Dotun Adesina from Akure says:



Wise points and well treated. It's needed. It's really tough out there.  


Innovation is integral to Sustainability

Read more

Samsung Galaxy Grand Prime: Important Features and Sincere Impressions

Read more

Girls in ICT Day Events and Activities

Read more

Self Worth, New Year

Read more

Girls in ICT Day Events and Activities

Read more

Level of OSS deployment and usage in Nigeria

Read more

Self Worth, New Year

Read more

Students face the Reality

Read more



Ideas are not enough. You must be action oriented to improve your future.



Don't just think but act. You get results not only from thinking but from acting.



You have ideas. You want to achieve. You want opportunity.



But what are you still doing in your comfort zone? The comfort zone is a dangerous place.



"I wanted to", "I was going to" cannot put on a light bulb, not to talk of moving you forward.



Aren't you tired of hoping and criticizing? Stop defending status quo that locks you down.



GO on the offensive now with IT Education and Empowerment.



What is the use of ideas without action?



Start becoming the achiever you deserve to be.