SlideShare a Scribd company logo
1 of 20
Spy vs Spy:
Protecting Secrets
A Career in Information Security is a Career in Protecting Secrets
Michael Scheidell, CCISO, Security Privateers
http://slidesha.re/T00Kq7
Information Techology: Road to the Future
Hardware
Management
.
Software
• Computer Research
• Info Systems Managers
• Hardware Engineers
• Computer Programmers
• Support Specialists
• Systems Analysts
• Data Base Administrator
• Web Developers
• Network Architechs
World Wide Jobs
Example text
Chief Information
Security Officer
• MIS Degree
• Internship
• ISACA CSX Cert
• Security Engineer
• CISSP, CRISK
• Sr. Security
Architech
• MBA Degree
• VP/Dir of IT
Security
• CCISO Cert
Like Working with People?
Look into Management
 Started doing database programming
 Moved into Real time/Control Systems
 1994, helped Government adjust to ‘the net’
 Invented and Patented Security Appliance
 Traveled to Costa Rica, Panama, Jamaica, Canada
 Got to play with Trains (Risk Assessment, DHS contract)
 Invited to speak at security conferences, including Cairo
 Trained FBI agents, worked with Secret Service
 On TV and quoted by Sun Sentinel
 Get paid to break into banks!
Michael Scheidell
Chief Information Security Officer
Programming
• Web Applications
• E-Commerce Systems
• Mobile Applications
Hardware Engineer
• Computer Science
• Firewalls
• IDS/IPS/Patents
Security Architect
• Design company’s network
• Security is top priority
• Privacy matters
Your own footer Your Logo
Bits and Bytes Your thing?
Top 10 jobs in Information Security
1. Information Security Crime / Forensics Expert
2. Web Application/ Penetration Testing
3. Forensic Analyst
4. Incident Responder
5. Security Architect
6. Malware Analyst
7. Network Security Engineer
8. Security Analyst
9. Computer Crime Investigator
10. Chief Information Security Officer/CISO/ISO/VP
Information Security Crime Investigator
 Investigation of computer crimes
 Driven by Curiosity
 Expert witness testimony in court
 Consulting firms, PwC, IBM
 Private Eye, Law Enforcement: FBI, Secret Service
 Knowledge of Pen Testing, Computer
Forensics, Reverse Engineering
 BS:CS, MS:LE, 3+ years, CEH, CPT
 22% Growth, $50K to 100K (gvmt or private)
Web Application / Penetration Testing
 Computer Games: Red Team, Black Team
 Get paid to break into Banks
 Part of an IT Audit or Assessment Team
 Opportunity for Travel
 Consulting firms, PwC, IBM
 Direct Hire for Business or Government
 Stepping stone to IT Auditor
 BS/4+ years experience, CEH, CISSP
 Growth 15%, $55-88K a year
Forensic Analyst
 Information Systems Analyst
 Network Security Engineer
 Computer Forensics Consultant/Engineer
 Programming, Reverse Engineering
 Experience in Malware, APT, Windows, Linux
 Works with Law Enforcement
 MS/6+ years experience, CEH, CISSP
 $50K to 100K, Mgmt $200K
Incident Responder
 Prep for Forensic Analyst/ Investigator/ Manager
 On the Firing line
 Work in real time to stop and document attacks
 Knowledge of Networking, Firewalls
 Experience in Malware, APT, Windows, Linux
 BS/3+
 $65k to 83K
Security Architect
 Prep for Forensic Analyst/ Investigator/ Manager
 On the Firing line
 Work in real time to stop and document attacks
 Knowledge of Networking, Firewalls
 Experience in Malware, APT, Windows, Linux
 BS/3+, Certs: CEH, CompTia Network, CPT, CISSP
 $55K to 90K
Malware Analyst
 Examine, identify, and understand
viruses, worms, Trojans, bots, rootkits
 Knowledge of reverse engineering and software
development
 Programming, C, Perl, PHP, assembler.
 Experience in Malware, APT, Windows, Linux
 Government, Business, AV companies
 BS/3+, Certs: CEH, CPT, CISSP
 $50 to 100K
Network Security Engineer
 Work with Security Architect
 Build, monitor and maintain secure network
 Knowledge of TCP/IP
 Understand IDS/Firewalls/DMZ/VPN’s
 Understand test and analysis tools (sniffers, snort)
 Some Programming or scripting (C, Perl, Java)
 BS/3+, Certs: CISSP, CCNA/CCIE
 $DOE: $70K to 130K (Sr, 5+years, MS Degree)
Security Analyst
 Planning and implementing security measures
 Stay up to date with latest intelligence
 Anticipate Security Breaches
 Prevent loss and service interruptions
 Perform Risk Assessments
 Install Firewalls, Data Encryption
 Security Awareness Training
 MS/5+, CISSP, CISM, CISA, CRISK
 $80K Average to $125K, 22% Job Growth
Computer Crime Investigator
 Recovery of hidden, encrypted or deleted files
 Investigates computer crime, fraud and hacking
 Gather evidence
 Reconstruct damaged computer systems
 Testify in court
 Train Law enforcement on computer related issues
 MS/4+, CISSP, CEH, CPT
 $50K to $100K (or more for consultants)
 22% Growth
Chief Information Security Officer/CISO
 Top Dog in Information Security
 Knows Everything
 forensics, pen testing, auditing, incident response, web app
testing, programming, accounting, business
 Speaking, Training, Mentoring
 Works with CEO/CIO/CTO/CFO/COO
 Only works half days (7am to 7pm)
 <10ys $125 to 150K, > 10yrs $180K to 225K
 Fortune 100 companies, could be in millions
 MIS degree, MBA Degree
 Certs: CISSP, CCISO, CISM, CISA, CRISK
Education:
 NAF: Academy of Information Technology (AOIT)
 Nova Southeast University
 Florida International University
 Florida Atlantic University
 Master of Science in Management Information
Systems (MMIS)
 Master of Science in Information Systems (MSIS)
with security focus
 Master of Business Administration (MBA)
 CISO: Chief Information Security Officer
Certifications:
 ISACA: Cybersecurity Fundamentals
 Students and Interns
 EC-Council: Certified Ethical Hacker (CEH)
 (ISC)2: Certified Information Systems Security
Professional (CISSP)
 4 years professional experience + degree or 5 years
 Associate for Students without the required experience
 ISACA: Certified Information Security Manager
(CISM)
 EC-Council: Certified Chief Information Security
Officer (CCISO)
Self Study
 Free Trials, Amazon/Microsoft Azure
 Boot and Install Linux/FreeBSD
 Put a server together with VMWare/Zen
 Install and Learn Nessus, Snort, Wireshark
 Practice penetration testing, detection, patching
 Attend local meetings
 Information Systems Security Association (ISSA)
 Information Systems Audit and Control Association
(ISACA)
 International Information System Security Certification
Consortium(ISC)2

More Related Content

What's hot

Mobile security services 2012
Mobile security services 2012Mobile security services 2012
Mobile security services 2012
Tjylen Veselyj
 

What's hot (20)

The importance of Cybersecurity
The importance of CybersecurityThe importance of Cybersecurity
The importance of Cybersecurity
 
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
#CyberAvengers - Artificial Intelligence in the Legal and Regulatory Realm
 
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptxNtxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx
 
Top 10 Reasons to Learn Cybersecurity | Why Cybersecurity is Important | Edureka
Top 10 Reasons to Learn Cybersecurity | Why Cybersecurity is Important | EdurekaTop 10 Reasons to Learn Cybersecurity | Why Cybersecurity is Important | Edureka
Top 10 Reasons to Learn Cybersecurity | Why Cybersecurity is Important | Edureka
 
Cybersecurity Career Information by Next Gen Cyber
Cybersecurity Career Information by Next Gen CyberCybersecurity Career Information by Next Gen Cyber
Cybersecurity Career Information by Next Gen Cyber
 
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | EdurekaComputer Security | Types of Computer Security | Cybersecurity Course | Edureka
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
 
Cyber Ethics: Cyber Security Services | VAPT and WAPT
 Cyber Ethics: Cyber Security Services | VAPT and WAPT Cyber Ethics: Cyber Security Services | VAPT and WAPT
Cyber Ethics: Cyber Security Services | VAPT and WAPT
 
Deception Technology: Use Cases & Implementation Approaches
 Deception Technology: Use Cases & Implementation Approaches Deception Technology: Use Cases & Implementation Approaches
Deception Technology: Use Cases & Implementation Approaches
 
Proven cybersecurity tips to protect your business
Proven cybersecurity tips to protect your businessProven cybersecurity tips to protect your business
Proven cybersecurity tips to protect your business
 
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
 
CISSO Certification| CISSO Training | CISSO
CISSO Certification|  CISSO Training | CISSOCISSO Certification|  CISSO Training | CISSO
CISSO Certification| CISSO Training | CISSO
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
 
Malcolm Boston Resume
Malcolm Boston ResumeMalcolm Boston Resume
Malcolm Boston Resume
 
CHFI Certification
CHFI CertificationCHFI Certification
CHFI Certification
 
How to ethical hacking? The complete ethical hacking certification course beg...
How to ethical hacking? The complete ethical hacking certification course beg...How to ethical hacking? The complete ethical hacking certification course beg...
How to ethical hacking? The complete ethical hacking certification course beg...
 
Cyber Security Best Practices
Cyber Security Best PracticesCyber Security Best Practices
Cyber Security Best Practices
 
CompTIA Security+ Certification | Sec+
CompTIA Security+ Certification | Sec+ CompTIA Security+ Certification | Sec+
CompTIA Security+ Certification | Sec+
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness Training
 
Mobile security services 2012
Mobile security services 2012Mobile security services 2012
Mobile security services 2012
 
Ransomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your CompanyRansomware Has Evolved And So Should Your Company
Ransomware Has Evolved And So Should Your Company
 

Viewers also liked

Proprietary Information
Proprietary InformationProprietary Information
Proprietary Information
hypknight
 
Spec Ops Service Overview
Spec Ops Service OverviewSpec Ops Service Overview
Spec Ops Service Overview
Spec Ops Service
 
Executive Protection Focus - D&O and EPLI - Private Company
Executive Protection Focus - D&O and EPLI - Private CompanyExecutive Protection Focus - D&O and EPLI - Private Company
Executive Protection Focus - D&O and EPLI - Private Company
Chris Moody
 
Open Options Evolutionary Trends
Open  Options    Evolutionary  TrendsOpen  Options    Evolutionary  Trends
Open Options Evolutionary Trends
hypknight
 
AOC Threat Assessment
AOC Threat Assessment AOC Threat Assessment
AOC Threat Assessment
Fabian Zhilla
 
God's Bride
God's BrideGod's Bride
God's Bride
Bee Ling
 

Viewers also liked (16)

Proprietary Information
Proprietary InformationProprietary Information
Proprietary Information
 
Spec Ops Service Overview
Spec Ops Service OverviewSpec Ops Service Overview
Spec Ops Service Overview
 
Executive Protection Focus - D&O and EPLI - Private Company
Executive Protection Focus - D&O and EPLI - Private CompanyExecutive Protection Focus - D&O and EPLI - Private Company
Executive Protection Focus - D&O and EPLI - Private Company
 
Open Options Evolutionary Trends
Open  Options    Evolutionary  TrendsOpen  Options    Evolutionary  Trends
Open Options Evolutionary Trends
 
THREAT ASSESSMENT IN SCHOOLS
THREAT ASSESSMENT IN SCHOOLSTHREAT ASSESSMENT IN SCHOOLS
THREAT ASSESSMENT IN SCHOOLS
 
AOC Threat Assessment
AOC Threat Assessment AOC Threat Assessment
AOC Threat Assessment
 
God's Bride
God's BrideGod's Bride
God's Bride
 
Study security-abroad
Study security-abroadStudy security-abroad
Study security-abroad
 
Protective Intelligence
Protective IntelligenceProtective Intelligence
Protective Intelligence
 
Pacific Bulletproof Threat Assessment Powerpoint
Pacific Bulletproof Threat Assessment PowerpointPacific Bulletproof Threat Assessment Powerpoint
Pacific Bulletproof Threat Assessment Powerpoint
 
AS Solution Capabilities Brief 2017
AS Solution Capabilities Brief 2017AS Solution Capabilities Brief 2017
AS Solution Capabilities Brief 2017
 
OPSEC / PERSEC
OPSEC / PERSECOPSEC / PERSEC
OPSEC / PERSEC
 
Threat Assessment: The New Normal
Threat Assessment: The New NormalThreat Assessment: The New Normal
Threat Assessment: The New Normal
 
International Executive Protection Services | Protective Security
International Executive Protection Services | Protective SecurityInternational Executive Protection Services | Protective Security
International Executive Protection Services | Protective Security
 
Disaster Planning Local state-federal roles and responsibilities
Disaster Planning Local state-federal roles and responsibilities  Disaster Planning Local state-federal roles and responsibilities
Disaster Planning Local state-federal roles and responsibilities
 
Security of important peoples
Security of important peoplesSecurity of important peoples
Security of important peoples
 

Similar to Spy vs Spy: Protecting Secrets

Dhishant -Latest Resume
Dhishant -Latest ResumeDhishant -Latest Resume
Dhishant -Latest Resume
Dhishant Abrol
 
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
James Perry, Jr.
 

Similar to Spy vs Spy: Protecting Secrets (20)

Sherry d bailey resume
Sherry d bailey resumeSherry d bailey resume
Sherry d bailey resume
 
S bailey resume
S bailey resumeS bailey resume
S bailey resume
 
CEH
CEHCEH
CEH
 
B Hkorba
B HkorbaB Hkorba
B Hkorba
 
Information Security Career Day Presentation
Information Security Career Day PresentationInformation Security Career Day Presentation
Information Security Career Day Presentation
 
APT &amp; What we can do TODAY
APT &amp; What we can do TODAYAPT &amp; What we can do TODAY
APT &amp; What we can do TODAY
 
Mohammed Alghenaim CV
Mohammed Alghenaim CVMohammed Alghenaim CV
Mohammed Alghenaim CV
 
Strengthening Caribbean Business against Cyber Attacks May 18.pdf
Strengthening Caribbean Business against Cyber Attacks May 18.pdfStrengthening Caribbean Business against Cyber Attacks May 18.pdf
Strengthening Caribbean Business against Cyber Attacks May 18.pdf
 
Dhishant -Latest Resume
Dhishant -Latest ResumeDhishant -Latest Resume
Dhishant -Latest Resume
 
wannabe Cyberpunk; “I don’t know what I’m supposed to do.”
wannabe Cyberpunk; “I don’t know what I’m supposed to do.”wannabe Cyberpunk; “I don’t know what I’m supposed to do.”
wannabe Cyberpunk; “I don’t know what I’m supposed to do.”
 
Cybersecurity - Jim Butterworth
Cybersecurity - Jim ButterworthCybersecurity - Jim Butterworth
Cybersecurity - Jim Butterworth
 
Integrating Physical And Logical Security
Integrating Physical And Logical SecurityIntegrating Physical And Logical Security
Integrating Physical And Logical Security
 
Brian m cv
Brian m cvBrian m cv
Brian m cv
 
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
 
UNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENT
UNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENTUNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENT
UNCOVER DATA SECURITY BLIND SPOTS IN YOUR CLOUD, BIG DATA & DEVOPS ENVIRONMENT
 
Cisco Managed Security
Cisco Managed SecurityCisco Managed Security
Cisco Managed Security
 
Main Menu
Main MenuMain Menu
Main Menu
 
Cobit 2
Cobit 2Cobit 2
Cobit 2
 
Brochure of ICSS
Brochure of ICSS Brochure of ICSS
Brochure of ICSS
 
How to Become a Cyber Security Analyst in 2021..
How to Become a Cyber Security Analyst in 2021..How to Become a Cyber Security Analyst in 2021..
How to Become a Cyber Security Analyst in 2021..
 

More from Michael Scheidell

More from Michael Scheidell (6)

Not IF, but WHEN
Not IF, but WHENNot IF, but WHEN
Not IF, but WHEN
 
Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...
Protecting the Castle:  CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...Protecting the Castle:  CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...
Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...
 
Risky Business
Risky BusinessRisky Business
Risky Business
 
Running with Scissors: Balance between business and InfoSec needs
Running with Scissors: Balance between business and InfoSec needsRunning with Scissors: Balance between business and InfoSec needs
Running with Scissors: Balance between business and InfoSec needs
 
Bring Your Own Policy: Internet Use/BYOD Policy by consensus
Bring Your Own Policy:  Internet Use/BYOD Policy by consensus Bring Your Own Policy:  Internet Use/BYOD Policy by consensus
Bring Your Own Policy: Internet Use/BYOD Policy by consensus
 
Governance and Security in Cloud and Mobile Apps
Governance and Security in Cloud and Mobile AppsGovernance and Security in Cloud and Mobile Apps
Governance and Security in Cloud and Mobile Apps
 

Recently uploaded

一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理
F
 
Prest Reed Portfolio revamp Full Sail Presentation 2
Prest Reed Portfolio revamp Full Sail Presentation 2Prest Reed Portfolio revamp Full Sail Presentation 2
Prest Reed Portfolio revamp Full Sail Presentation 2
5203records
 
Transferable Skills - Roadmaps & Resources - Dirk Spencer
Transferable Skills - Roadmaps & Resources - Dirk SpencerTransferable Skills - Roadmaps & Resources - Dirk Spencer
Transferable Skills - Roadmaps & Resources - Dirk Spencer
Dirk Spencer Corporate Recruiter LION
 
如何办理(EUR毕业证书)鹿特丹伊拉斯姆斯大学毕业证成绩单原件一模一样
如何办理(EUR毕业证书)鹿特丹伊拉斯姆斯大学毕业证成绩单原件一模一样如何办理(EUR毕业证书)鹿特丹伊拉斯姆斯大学毕业证成绩单原件一模一样
如何办理(EUR毕业证书)鹿特丹伊拉斯姆斯大学毕业证成绩单原件一模一样
qyguxu
 
如何办理(CSU毕业证书)圣马科斯分校毕业证成绩单原件一模一样
如何办理(CSU毕业证书)圣马科斯分校毕业证成绩单原件一模一样如何办理(CSU毕业证书)圣马科斯分校毕业证成绩单原件一模一样
如何办理(CSU毕业证书)圣马科斯分校毕业证成绩单原件一模一样
qyguxu
 
Jual obat aborsi Dubai ( 085657271886 ) Cytote pil telat bulan penggugur kand...
Jual obat aborsi Dubai ( 085657271886 ) Cytote pil telat bulan penggugur kand...Jual obat aborsi Dubai ( 085657271886 ) Cytote pil telat bulan penggugur kand...
Jual obat aborsi Dubai ( 085657271886 ) Cytote pil telat bulan penggugur kand...
ZurliaSoop
 
如何办理(Wintec毕业证书)怀卡托理工学院毕业证成绩单原件一模一样
如何办理(Wintec毕业证书)怀卡托理工学院毕业证成绩单原件一模一样如何办理(Wintec毕业证书)怀卡托理工学院毕业证成绩单原件一模一样
如何办理(Wintec毕业证书)怀卡托理工学院毕业证成绩单原件一模一样
qyguxu
 
K Venkat Naveen Kumar | GCP Data Engineer | CV
K Venkat Naveen Kumar | GCP Data Engineer | CVK Venkat Naveen Kumar | GCP Data Engineer | CV
K Venkat Naveen Kumar | GCP Data Engineer | CV
K VENKAT NAVEEN KUMAR
 
如何办理(NEU毕业证书)东北大学毕业证成绩单本科硕士学位证留信学历认证
如何办理(NEU毕业证书)东北大学毕业证成绩单本科硕士学位证留信学历认证如何办理(NEU毕业证书)东北大学毕业证成绩单本科硕士学位证留信学历认证
如何办理(NEU毕业证书)东北大学毕业证成绩单本科硕士学位证留信学历认证
gakamzu
 
如何办理(UdeM毕业证书)蒙特利尔大学毕业证成绩单原件一模一样
如何办理(UdeM毕业证书)蒙特利尔大学毕业证成绩单原件一模一样如何办理(UdeM毕业证书)蒙特利尔大学毕业证成绩单原件一模一样
如何办理(UdeM毕业证书)蒙特利尔大学毕业证成绩单原件一模一样
muwyto
 
如何办理(Galway毕业证书)爱尔兰高威大学毕业证成绩单原件一模一样
如何办理(Galway毕业证书)爱尔兰高威大学毕业证成绩单原件一模一样如何办理(Galway毕业证书)爱尔兰高威大学毕业证成绩单原件一模一样
如何办理(Galway毕业证书)爱尔兰高威大学毕业证成绩单原件一模一样
qyguxu
 
如何办理(UST毕业证书)圣托马斯大学毕业证成绩单本科硕士学位证留信学历认证
如何办理(UST毕业证书)圣托马斯大学毕业证成绩单本科硕士学位证留信学历认证如何办理(UST毕业证书)圣托马斯大学毕业证成绩单本科硕士学位证留信学历认证
如何办理(UST毕业证书)圣托马斯大学毕业证成绩单本科硕士学位证留信学历认证
gkyvm
 

Recently uploaded (20)

Incivility-Humility aaaaaaaaaaaa(1).pptx
Incivility-Humility aaaaaaaaaaaa(1).pptxIncivility-Humility aaaaaaaaaaaa(1).pptx
Incivility-Humility aaaaaaaaaaaa(1).pptx
 
一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理一比一原版赫尔大学毕业证如何办理
一比一原版赫尔大学毕业证如何办理
 
Prest Reed Portfolio revamp Full Sail Presentation 2
Prest Reed Portfolio revamp Full Sail Presentation 2Prest Reed Portfolio revamp Full Sail Presentation 2
Prest Reed Portfolio revamp Full Sail Presentation 2
 
Career opportunities after 12th Science 2024 Biology group
Career opportunities after 12th Science 2024 Biology groupCareer opportunities after 12th Science 2024 Biology group
Career opportunities after 12th Science 2024 Biology group
 
TEST BANK For Growth and Development Across the Lifespan, 3rd Edition By Glor...
TEST BANK For Growth and Development Across the Lifespan, 3rd Edition By Glor...TEST BANK For Growth and Development Across the Lifespan, 3rd Edition By Glor...
TEST BANK For Growth and Development Across the Lifespan, 3rd Edition By Glor...
 
Transferable Skills - Roadmaps & Resources - Dirk Spencer
Transferable Skills - Roadmaps & Resources - Dirk SpencerTransferable Skills - Roadmaps & Resources - Dirk Spencer
Transferable Skills - Roadmaps & Resources - Dirk Spencer
 
如何办理(EUR毕业证书)鹿特丹伊拉斯姆斯大学毕业证成绩单原件一模一样
如何办理(EUR毕业证书)鹿特丹伊拉斯姆斯大学毕业证成绩单原件一模一样如何办理(EUR毕业证书)鹿特丹伊拉斯姆斯大学毕业证成绩单原件一模一样
如何办理(EUR毕业证书)鹿特丹伊拉斯姆斯大学毕业证成绩单原件一模一样
 
UXPA Boston 2024 Maximize the Client Consultant Relationship.pdf
UXPA Boston 2024 Maximize the Client Consultant Relationship.pdfUXPA Boston 2024 Maximize the Client Consultant Relationship.pdf
UXPA Boston 2024 Maximize the Client Consultant Relationship.pdf
 
如何办理(CSU毕业证书)圣马科斯分校毕业证成绩单原件一模一样
如何办理(CSU毕业证书)圣马科斯分校毕业证成绩单原件一模一样如何办理(CSU毕业证书)圣马科斯分校毕业证成绩单原件一模一样
如何办理(CSU毕业证书)圣马科斯分校毕业证成绩单原件一模一样
 
Jual obat aborsi Dubai ( 085657271886 ) Cytote pil telat bulan penggugur kand...
Jual obat aborsi Dubai ( 085657271886 ) Cytote pil telat bulan penggugur kand...Jual obat aborsi Dubai ( 085657271886 ) Cytote pil telat bulan penggugur kand...
Jual obat aborsi Dubai ( 085657271886 ) Cytote pil telat bulan penggugur kand...
 
Rachel_Ochsenschlager_Resume_May_2024.docx
Rachel_Ochsenschlager_Resume_May_2024.docxRachel_Ochsenschlager_Resume_May_2024.docx
Rachel_Ochsenschlager_Resume_May_2024.docx
 
如何办理(Wintec毕业证书)怀卡托理工学院毕业证成绩单原件一模一样
如何办理(Wintec毕业证书)怀卡托理工学院毕业证成绩单原件一模一样如何办理(Wintec毕业证书)怀卡托理工学院毕业证成绩单原件一模一样
如何办理(Wintec毕业证书)怀卡托理工学院毕业证成绩单原件一模一样
 
K Venkat Naveen Kumar | GCP Data Engineer | CV
K Venkat Naveen Kumar | GCP Data Engineer | CVK Venkat Naveen Kumar | GCP Data Engineer | CV
K Venkat Naveen Kumar | GCP Data Engineer | CV
 
Master SEO in 2024 - The Complete Beginner's Guide
Master SEO in 2024 - The Complete Beginner's GuideMaster SEO in 2024 - The Complete Beginner's Guide
Master SEO in 2024 - The Complete Beginner's Guide
 
如何办理(NEU毕业证书)东北大学毕业证成绩单本科硕士学位证留信学历认证
如何办理(NEU毕业证书)东北大学毕业证成绩单本科硕士学位证留信学历认证如何办理(NEU毕业证书)东北大学毕业证成绩单本科硕士学位证留信学历认证
如何办理(NEU毕业证书)东北大学毕业证成绩单本科硕士学位证留信学历认证
 
如何办理(UdeM毕业证书)蒙特利尔大学毕业证成绩单原件一模一样
如何办理(UdeM毕业证书)蒙特利尔大学毕业证成绩单原件一模一样如何办理(UdeM毕业证书)蒙特利尔大学毕业证成绩单原件一模一样
如何办理(UdeM毕业证书)蒙特利尔大学毕业证成绩单原件一模一样
 
如何办理(Galway毕业证书)爱尔兰高威大学毕业证成绩单原件一模一样
如何办理(Galway毕业证书)爱尔兰高威大学毕业证成绩单原件一模一样如何办理(Galway毕业证书)爱尔兰高威大学毕业证成绩单原件一模一样
如何办理(Galway毕业证书)爱尔兰高威大学毕业证成绩单原件一模一样
 
如何办理(UST毕业证书)圣托马斯大学毕业证成绩单本科硕士学位证留信学历认证
如何办理(UST毕业证书)圣托马斯大学毕业证成绩单本科硕士学位证留信学历认证如何办理(UST毕业证书)圣托马斯大学毕业证成绩单本科硕士学位证留信学历认证
如何办理(UST毕业证书)圣托马斯大学毕业证成绩单本科硕士学位证留信学历认证
 
freight Final Review 5.13.pptx freight Final Review 5.13.pptx
freight Final Review 5.13.pptx freight Final Review 5.13.pptxfreight Final Review 5.13.pptx freight Final Review 5.13.pptx
freight Final Review 5.13.pptx freight Final Review 5.13.pptx
 
Rahul Chauhan - Data Scientist Resume.pdf
Rahul Chauhan - Data Scientist Resume.pdfRahul Chauhan - Data Scientist Resume.pdf
Rahul Chauhan - Data Scientist Resume.pdf
 

Spy vs Spy: Protecting Secrets

  • 1. Spy vs Spy: Protecting Secrets A Career in Information Security is a Career in Protecting Secrets Michael Scheidell, CCISO, Security Privateers http://slidesha.re/T00Kq7
  • 2. Information Techology: Road to the Future Hardware Management . Software • Computer Research • Info Systems Managers • Hardware Engineers • Computer Programmers • Support Specialists • Systems Analysts • Data Base Administrator • Web Developers • Network Architechs World Wide Jobs Example text
  • 3.
  • 4. Chief Information Security Officer • MIS Degree • Internship • ISACA CSX Cert • Security Engineer • CISSP, CRISK • Sr. Security Architech • MBA Degree • VP/Dir of IT Security • CCISO Cert Like Working with People? Look into Management
  • 5.  Started doing database programming  Moved into Real time/Control Systems  1994, helped Government adjust to ‘the net’  Invented and Patented Security Appliance  Traveled to Costa Rica, Panama, Jamaica, Canada  Got to play with Trains (Risk Assessment, DHS contract)  Invited to speak at security conferences, including Cairo  Trained FBI agents, worked with Secret Service  On TV and quoted by Sun Sentinel  Get paid to break into banks! Michael Scheidell Chief Information Security Officer
  • 6. Programming • Web Applications • E-Commerce Systems • Mobile Applications Hardware Engineer • Computer Science • Firewalls • IDS/IPS/Patents Security Architect • Design company’s network • Security is top priority • Privacy matters Your own footer Your Logo Bits and Bytes Your thing?
  • 7. Top 10 jobs in Information Security 1. Information Security Crime / Forensics Expert 2. Web Application/ Penetration Testing 3. Forensic Analyst 4. Incident Responder 5. Security Architect 6. Malware Analyst 7. Network Security Engineer 8. Security Analyst 9. Computer Crime Investigator 10. Chief Information Security Officer/CISO/ISO/VP
  • 8. Information Security Crime Investigator  Investigation of computer crimes  Driven by Curiosity  Expert witness testimony in court  Consulting firms, PwC, IBM  Private Eye, Law Enforcement: FBI, Secret Service  Knowledge of Pen Testing, Computer Forensics, Reverse Engineering  BS:CS, MS:LE, 3+ years, CEH, CPT  22% Growth, $50K to 100K (gvmt or private)
  • 9. Web Application / Penetration Testing  Computer Games: Red Team, Black Team  Get paid to break into Banks  Part of an IT Audit or Assessment Team  Opportunity for Travel  Consulting firms, PwC, IBM  Direct Hire for Business or Government  Stepping stone to IT Auditor  BS/4+ years experience, CEH, CISSP  Growth 15%, $55-88K a year
  • 10. Forensic Analyst  Information Systems Analyst  Network Security Engineer  Computer Forensics Consultant/Engineer  Programming, Reverse Engineering  Experience in Malware, APT, Windows, Linux  Works with Law Enforcement  MS/6+ years experience, CEH, CISSP  $50K to 100K, Mgmt $200K
  • 11. Incident Responder  Prep for Forensic Analyst/ Investigator/ Manager  On the Firing line  Work in real time to stop and document attacks  Knowledge of Networking, Firewalls  Experience in Malware, APT, Windows, Linux  BS/3+  $65k to 83K
  • 12. Security Architect  Prep for Forensic Analyst/ Investigator/ Manager  On the Firing line  Work in real time to stop and document attacks  Knowledge of Networking, Firewalls  Experience in Malware, APT, Windows, Linux  BS/3+, Certs: CEH, CompTia Network, CPT, CISSP  $55K to 90K
  • 13. Malware Analyst  Examine, identify, and understand viruses, worms, Trojans, bots, rootkits  Knowledge of reverse engineering and software development  Programming, C, Perl, PHP, assembler.  Experience in Malware, APT, Windows, Linux  Government, Business, AV companies  BS/3+, Certs: CEH, CPT, CISSP  $50 to 100K
  • 14. Network Security Engineer  Work with Security Architect  Build, monitor and maintain secure network  Knowledge of TCP/IP  Understand IDS/Firewalls/DMZ/VPN’s  Understand test and analysis tools (sniffers, snort)  Some Programming or scripting (C, Perl, Java)  BS/3+, Certs: CISSP, CCNA/CCIE  $DOE: $70K to 130K (Sr, 5+years, MS Degree)
  • 15. Security Analyst  Planning and implementing security measures  Stay up to date with latest intelligence  Anticipate Security Breaches  Prevent loss and service interruptions  Perform Risk Assessments  Install Firewalls, Data Encryption  Security Awareness Training  MS/5+, CISSP, CISM, CISA, CRISK  $80K Average to $125K, 22% Job Growth
  • 16. Computer Crime Investigator  Recovery of hidden, encrypted or deleted files  Investigates computer crime, fraud and hacking  Gather evidence  Reconstruct damaged computer systems  Testify in court  Train Law enforcement on computer related issues  MS/4+, CISSP, CEH, CPT  $50K to $100K (or more for consultants)  22% Growth
  • 17. Chief Information Security Officer/CISO  Top Dog in Information Security  Knows Everything  forensics, pen testing, auditing, incident response, web app testing, programming, accounting, business  Speaking, Training, Mentoring  Works with CEO/CIO/CTO/CFO/COO  Only works half days (7am to 7pm)  <10ys $125 to 150K, > 10yrs $180K to 225K  Fortune 100 companies, could be in millions  MIS degree, MBA Degree  Certs: CISSP, CCISO, CISM, CISA, CRISK
  • 18. Education:  NAF: Academy of Information Technology (AOIT)  Nova Southeast University  Florida International University  Florida Atlantic University  Master of Science in Management Information Systems (MMIS)  Master of Science in Information Systems (MSIS) with security focus  Master of Business Administration (MBA)  CISO: Chief Information Security Officer
  • 19. Certifications:  ISACA: Cybersecurity Fundamentals  Students and Interns  EC-Council: Certified Ethical Hacker (CEH)  (ISC)2: Certified Information Systems Security Professional (CISSP)  4 years professional experience + degree or 5 years  Associate for Students without the required experience  ISACA: Certified Information Security Manager (CISM)  EC-Council: Certified Chief Information Security Officer (CCISO)
  • 20. Self Study  Free Trials, Amazon/Microsoft Azure  Boot and Install Linux/FreeBSD  Put a server together with VMWare/Zen  Install and Learn Nessus, Snort, Wireshark  Practice penetration testing, detection, patching  Attend local meetings  Information Systems Security Association (ISSA)  Information Systems Audit and Control Association (ISACA)  International Information System Security Certification Consortium(ISC)2