I was on the masthead for Certification Magazine from 1999 to 2008, both as a contributing editor and for a while also as “Technology Editor.” I probably wrote at least 200 articles for that publication during my tenure there, and the work was always interesting and rewarding — at least for me, but hopefully also for the readers of my work as well.
This morning, I turned to the site to see what was up and came across the article whose title also provides the title for this blog — namely, “Establishing a Career Path in Information Security,” by noted information security and storage expert Ken Wager. Simply put, this is a great article that responds to the following question from a recent college graduate in IT:
I have completed my degree in IT. I want to pursue a career in information security. Which path should I follow? I have done Java. Should I go for the Cisco Certified Network Associate (CCNA) or directly for a Certified Ethical Hacker (CEH) course? Is there any other better option?
Ken’s answer to the question is both thorough and insightful. He walks his interlocutor through the steps involved in boosting and steering a fledgling IT career in the infosec direction. His primary topics inlude methods to expand on skills and knowlege, obtaining certification and on-the-job experience, pursuing one’s personal and professional connections (the non-technical variety of “networking”), pursing advanced professional registrations, and keeping your nose clean (as with law enforcement, stains on your record can keep you out of information security positions as well).
This is a must-read piece for anybody who’s ever thought about steering their career in a security direction, even for those with more miles (and perhaps even a few gray hairs) on them. Enjoy!