Looking for relevant Security Whitepapers? Visit the SearchSecurity.com Research Library.
KevinBeaver | Apr 29 2008 2:17PM GMT
I agree with Labnuke99. The understanding of networks and the technical underpinnings of security will help you more than anything. I certainly understand where you’re coming from. There are so many paths to go down. People ask me this question all the time. Check out the articles I’ve written on information security careers here:
http://www.principlelogic.com/careers.html
Also, I’d be remiss if I didn’t tell you about an audio program I developed on this very topic called Getting Started in Security.
I hope these help get you pointed in the right direction.
DiegoDH | Apr 30 2008 1:53AM GMT
Hi Mexicanblu,
It might all depend if you prefer mostly the “tech” or the “policy” side of the InfoSec coin (although ideally you should have a good understanding of both sides), and also the career development path that you might be able to choose at your current job (as jumping to a new job with new, unproven skills might be a bit hard): are you able to keep working in InfoSec where you’re currently employed?
The certifications mentioned are all quite good, maybe CISSP could give a good theoretical baseline of “all” the security domains, then as you (or your employer for you, maybe?) choose where to specialize in, more “hands-on” certifications can be added.
Good tech training can also be obtained from SANS ( <a href="http://www.sans.org/" rel="nofollow">http://www.sans.org/</a> ), among other sources.
The best for you!
Diego.