In a very real sense, it doesn’t matter as much what position or area you start with as what you do with it.
Unless you have the misfortune to get employed by an egotistic micromanager, you’ll always have some latitude in how you perform your duties. Here are some suggestions:
- Learn what security-related tasks, functions, areas exist within any organization. If your school has an “intern” or employer program, then ask to speak with representatives of those organizations. Interview THEM to learn how different organizations approach things.
- When you do get a first position, learn how your responsibilities relate to others. If appropriate, meet those people.
- As you learn the job, start looking for inconsistencies. Ask questions of “clarification”. Do it that way so as not to step on sensitive toes. For example: “I don’t understand why our user’s passwords are kept on the bathroom tissue in the loo.” I’ve used a ridiculous example, but the key is to to be seen as learning, not challenging. This is important when you are first starting out – because some people feel threatened by newcomers, because you will learn some things you would never have guessed at, and because (most importantly in my book) once you set yourself to the habit of ALWAYS learning about things in your environment, you will be better prepared to deal with new things.
I’m short on time now, but I hop this points you in the right direction.