How to become a Information security consultant / auditor

Security careers
Hi all, I am pretty new to all of this so excuse my ignorance, I have been told by an Information Security Officer That I would be a good consultant, however I am too am confused about how to start or where to start. I know that there are three courses to be a lead auditor but I dont have any experiance in this field as such. Is there anyone out there that can give me some advice on how to achieve this?

Answer Wiki

Thanks. We'll let you know when a new response is added.

Well I guess there is no shortcut to do anything in the industry now and building up that experience counts too and yes with certifications like cissp, cisa and etc will help a lot too.

Discuss This Question: 5  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • CharlieBrowne
    Many questions arise as I read your text.
    Did you ask this Information Security Office, why they think you would be a good consultant? And what did they mean by this statement?
    You say you have no experience in this field. I am assuming you mean how to start up a business and get clients. If not, what are you referring to?
    Most people I know that got in to consulting did not have that as their initial goal. They ending up being very good in a specific area and found a demand for their services and did some work part time before they just put a shingle on a building and had a consulting business.
    So, if you can come back with more specific questions, we can assist you.
    62,385 pointsBadges:
  • JohnStewart
    Hi answer your questions firstly I think he meant because I have had some experience with IT in general and my work history I would make a good consultant. I want to become a specialist in this area of ISO 27001 this is my goal.  I would prefer it to be full time obviously to start with it might be part time. I am quite prepared to do all the courses but that to has its own problems. (Different story) But I see on the job boards you have to have X amount of experience and certification its very frustrating. 
    25 pointsBadges:
  • Subhendu Sen
    After reading conversations , guessing that , u wanna be a specialist in ISO 27001 which is basically a framework of policies/ procedures that includes entire legal/ physical/ of course technical controls involved in an organization. There r 6 parts/ phases which r necessary to know to complete this process. As u have IT experience and already implemented in ur workings... It helps u much more in ur future career. Here is a link that can help u and this is not the cert related while u can earn some good knowledge by navigating here:
    140,150 pointsBadges:
  • JohnStewart
    25 pointsBadges:
  • Genderhayes
    Iinformation security as a continual, well-thought of process, which can not only greatly improve an organization's security posture, but can also improve its business by providing assurance to its own customers and partners regarding the quality of the organization's methodology twards information security, thus improving business trust and revenue generation maximization as a result of that increased trust.

    10,720 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: