Suggestions needed on continuing my information security career

IT careers
Security careers
Hello, I'm an IT professional with 5 yrs of experience in Software Quality Assurance and Information Security. When I say InfoSec, I mean I have experience getting my organization ISO27001:2005 certified. Mostly my job was concentrated on the Process Compliance part of it and also the entire cycle of ISMS implementation. As my long dreaded dream, I want to continue my career in only Information Security but I don't have a specific idea as where to start from how to start from. I'm interested in safeguarding networks, database security, cryptography and encryption. It would be highly appreciable if someone can guide me on this with respect to the courses or training to be taken so that I can be part of a real team tackling the Information Security issues. Thanking you in anticipation.

Answer Wiki

Thanks. We'll let you know when a new response is added.

Wow, well if you were really involved in the ISO27001:2005 certification for your organization, you should have a broad understanding of infosec. Were there any particular areas of ISO27001 that caught your interest? There are certifications like CompTIA’s Security+. Another option to understand the technology and thought process from the hacker’s viewpoint is the Certified Ethical Hacker¬†coursework. The SANS group is another great source of infosec education. The more you understand about networks the better off you will be. Cisco security education would also be useful.

Good luck in your career!

Discuss This Question: 2  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Kevin Beaver
    I agree with Labnuke99. The understanding of networks and the technical underpinnings of security will help you more than anything. I certainly understand where you're coming from. There are so many paths to go down. People ask me this question all the time. Check out the articles I've written on information security careers here: Also, I'd be remiss if I didn't tell you about an audio program I developed on this very topic called Getting Started in Security. I hope these help get you pointed in the right direction.
    27,550 pointsBadges:
  • DiegoDH
    Hi Mexicanblu, It might all depend if you prefer mostly the "tech" or the "policy" side of the InfoSec coin (although ideally you should have a good understanding of both sides), and also the career development path that you might be able to choose at your current job (as jumping to a new job with new, unproven skills might be a bit hard): are you able to keep working in InfoSec where you're currently employed? The certifications mentioned are all quite good, maybe CISSP could give a good theoretical baseline of "all" the security domains, then as you (or your employer for you, maybe?) choose where to specialize in, more "hands-on" certifications can be added. Good tech training can also be obtained from SANS ( ), among other sources. The best for you! Diego.
    275 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: