What training should I undertake?
Information security professionals are often expected to have hands-on experiences using the systems and applications that they will be responsible for securing. If you’re already working in IT, chances are you’ve picked up some on-the-job training without even realizing.
If you want to sign up for a specific information security training course, SANS has a broad selection of targeted training classes, many with optional certification opportunities. MIS Training Institute also offers a number of conferences and training seminars throughout the year. Of course, there’s nothing stopping you from downloading a copy of BackTrack Linux and doing some independent study until you’re ready to tackle a SANS course or an MISTI conference.
Why should I get certified?
HR departments are flooded with resumes from job candidates pursuing jobs in information security. HR has to compare each resume against a list of requirements for any open security positions, and the right certification will help your resume make it into the short stack that gets sent to the hiring manager.
Certifications also demonstrate to the hiring manager that you’re serious about becoming a security professional, and (more importantly) that you’re willing to learn whatever it takes for you to be effective in your new position. Certifications won’t make you a good security professional, but they will help you with your job search.
Which certifications should I pursue?
Depending on your level of experience and the position you want to attain, you have a number of options open to you. Don’t focus on getting as many acronyms as possible to add to your business card. Focus on getting the certifications that are aligned with your skill level.
Security Analyst: If you’re new to infosec, and you’ve got your eyes on an entry-level position, start with one of these certifications:
Senior Security Analyst: If you’ve got a few years of infosec experience, and you’re ready to move up to a senior role, it’s time for you to consider one of these certifications:
Security Manager: If you’re already a senior security professional, and you’re ready to make the move to management, you might want to check out the following: