Successfully reported this slideshow.
Your SlideShare is downloading. ×

Spy vs Spy: Protecting Secrets

Ad

Spy vs Spy:
Protecting Secrets
A Career in Information Security is a Career in Protecting Secrets
Michael Scheidell, CCISO...

Ad

Information Techology: Road to the Future
Hardware
Management
.
Software
• Computer Research
• Info Systems Managers
• Har...

Ad

Chief Information
Security Officer
• MIS Degree
• Internship
• ISACA CSX Cert
• Security Engineer
• CISSP, CRISK
• Sr. Sec...

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Ad

Check these out next

1 of 20 Ad
1 of 20 Ad

More Related Content

Spy vs Spy: Protecting Secrets

  1. 1. Spy vs Spy: Protecting Secrets A Career in Information Security is a Career in Protecting Secrets Michael Scheidell, CCISO, Security Privateers http://slidesha.re/T00Kq7
  2. 2. Information Techology: Road to the Future Hardware Management . Software • Computer Research • Info Systems Managers • Hardware Engineers • Computer Programmers • Support Specialists • Systems Analysts • Data Base Administrator • Web Developers • Network Architechs World Wide Jobs Example text
  3. 3. Chief Information Security Officer • MIS Degree • Internship • ISACA CSX Cert • Security Engineer • CISSP, CRISK • Sr. Security Architech • MBA Degree • VP/Dir of IT Security • CCISO Cert Like Working with People? Look into Management
  4. 4.  Started doing database programming  Moved into Real time/Control Systems  1994, helped Government adjust to ‘the net’  Invented and Patented Security Appliance  Traveled to Costa Rica, Panama, Jamaica, Canada  Got to play with Trains (Risk Assessment, DHS contract)  Invited to speak at security conferences, including Cairo  Trained FBI agents, worked with Secret Service  On TV and quoted by Sun Sentinel  Get paid to break into banks! Michael Scheidell Chief Information Security Officer
  5. 5. Programming • Web Applications • E-Commerce Systems • Mobile Applications Hardware Engineer • Computer Science • Firewalls • IDS/IPS/Patents Security Architect • Design company’s network • Security is top priority • Privacy matters Your own footer Your Logo Bits and Bytes Your thing?
  6. 6. Top 10 jobs in Information Security 1. Information Security Crime / Forensics Expert 2. Web Application/ Penetration Testing 3. Forensic Analyst 4. Incident Responder 5. Security Architect 6. Malware Analyst 7. Network Security Engineer 8. Security Analyst 9. Computer Crime Investigator 10. Chief Information Security Officer/CISO/ISO/VP
  7. 7. Information Security Crime Investigator  Investigation of computer crimes  Driven by Curiosity  Expert witness testimony in court  Consulting firms, PwC, IBM  Private Eye, Law Enforcement: FBI, Secret Service  Knowledge of Pen Testing, Computer Forensics, Reverse Engineering  BS:CS, MS:LE, 3+ years, CEH, CPT  22% Growth, $50K to 100K (gvmt or private)
  8. 8. Web Application / Penetration Testing  Computer Games: Red Team, Black Team  Get paid to break into Banks  Part of an IT Audit or Assessment Team  Opportunity for Travel  Consulting firms, PwC, IBM  Direct Hire for Business or Government  Stepping stone to IT Auditor  BS/4+ years experience, CEH, CISSP  Growth 15%, $55-88K a year
  9. 9. Forensic Analyst  Information Systems Analyst  Network Security Engineer  Computer Forensics Consultant/Engineer  Programming, Reverse Engineering  Experience in Malware, APT, Windows, Linux  Works with Law Enforcement  MS/6+ years experience, CEH, CISSP  $50K to 100K, Mgmt $200K
  10. 10. Incident Responder  Prep for Forensic Analyst/ Investigator/ Manager  On the Firing line  Work in real time to stop and document attacks  Knowledge of Networking, Firewalls  Experience in Malware, APT, Windows, Linux  BS/3+  $65k to 83K
  11. 11. Security Architect  Prep for Forensic Analyst/ Investigator/ Manager  On the Firing line  Work in real time to stop and document attacks  Knowledge of Networking, Firewalls  Experience in Malware, APT, Windows, Linux  BS/3+, Certs: CEH, CompTia Network, CPT, CISSP  $55K to 90K
  12. 12. Malware Analyst  Examine, identify, and understand viruses, worms, Trojans, bots, rootkits  Knowledge of reverse engineering and software development  Programming, C, Perl, PHP, assembler.  Experience in Malware, APT, Windows, Linux  Government, Business, AV companies  BS/3+, Certs: CEH, CPT, CISSP  $50 to 100K
  13. 13. Network Security Engineer  Work with Security Architect  Build, monitor and maintain secure network  Knowledge of TCP/IP  Understand IDS/Firewalls/DMZ/VPN’s  Understand test and analysis tools (sniffers, snort)  Some Programming or scripting (C, Perl, Java)  BS/3+, Certs: CISSP, CCNA/CCIE  $DOE: $70K to 130K (Sr, 5+years, MS Degree)
  14. 14. Security Analyst  Planning and implementing security measures  Stay up to date with latest intelligence  Anticipate Security Breaches  Prevent loss and service interruptions  Perform Risk Assessments  Install Firewalls, Data Encryption  Security Awareness Training  MS/5+, CISSP, CISM, CISA, CRISK  $80K Average to $125K, 22% Job Growth
  15. 15. Computer Crime Investigator  Recovery of hidden, encrypted or deleted files  Investigates computer crime, fraud and hacking  Gather evidence  Reconstruct damaged computer systems  Testify in court  Train Law enforcement on computer related issues  MS/4+, CISSP, CEH, CPT  $50K to $100K (or more for consultants)  22% Growth
  16. 16. Chief Information Security Officer/CISO  Top Dog in Information Security  Knows Everything  forensics, pen testing, auditing, incident response, web app testing, programming, accounting, business  Speaking, Training, Mentoring  Works with CEO/CIO/CTO/CFO/COO  Only works half days (7am to 7pm)  <10ys $125 to 150K, > 10yrs $180K to 225K  Fortune 100 companies, could be in millions  MIS degree, MBA Degree  Certs: CISSP, CCISO, CISM, CISA, CRISK
  17. 17. Education:  NAF: Academy of Information Technology (AOIT)  Nova Southeast University  Florida International University  Florida Atlantic University  Master of Science in Management Information Systems (MMIS)  Master of Science in Information Systems (MSIS) with security focus  Master of Business Administration (MBA)  CISO: Chief Information Security Officer
  18. 18. Certifications:  ISACA: Cybersecurity Fundamentals  Students and Interns  EC-Council: Certified Ethical Hacker (CEH)  (ISC)2: Certified Information Systems Security Professional (CISSP)  4 years professional experience + degree or 5 years  Associate for Students without the required experience  ISACA: Certified Information Security Manager (CISM)  EC-Council: Certified Chief Information Security Officer (CCISO)
  19. 19. Self Study  Free Trials, Amazon/Microsoft Azure  Boot and Install Linux/FreeBSD  Put a server together with VMWare/Zen  Install and Learn Nessus, Snort, Wireshark  Practice penetration testing, detection, patching  Attend local meetings  Information Systems Security Association (ISSA)  Information Systems Audit and Control Association (ISACA)  International Information System Security Certification Consortium(ISC)2

×