This document provides an overview of careers in information security. It discusses 10 top jobs in the field including information security crime/forensics expert, web application penetration tester, forensic analyst, incident responder, security architect, malware analyst, network security engineer, security analyst, computer crime investigator, and chief information security officer. For each role, the document outlines typical responsibilities, educational requirements, certifications, and salary ranges. It also provides education and certification pathways and tips for self-study to help get started in an information security career.

1. Spy vs Spy:
Protecting Secrets
A Career in Information Security is a Career in Protecting Secrets
Michael Scheidell, CCISO, Security Privateers
http://slidesha.re/T00Kq7

2. Information Techology: Road to the Future
Hardware
Management
.
Software
• Computer Research
• Info Systems Managers
• Hardware Engineers
• Computer Programmers
• Support Specialists
• Systems Analysts
• Data Base Administrator
• Web Developers
• Network Architechs
World Wide Jobs
Example text

4. Chief Information
Security Officer
• MIS Degree
• Internship
• ISACA CSX Cert
• Security Engineer
• CISSP, CRISK
• Sr. Security
Architech
• MBA Degree
• VP/Dir of IT
Security
• CCISO Cert
Like Working with People?
Look into Management

5.  Started doing database programming
 Moved into Real time/Control Systems
 1994, helped Government adjust to ‘the net’
 Invented and Patented Security Appliance
 Traveled to Costa Rica, Panama, Jamaica, Canada
 Got to play with Trains (Risk Assessment, DHS contract)
 Invited to speak at security conferences, including Cairo
 Trained FBI agents, worked with Secret Service
 On TV and quoted by Sun Sentinel
 Get paid to break into banks!
Michael Scheidell
Chief Information Security Officer

6. Programming
• Web Applications
• E-Commerce Systems
• Mobile Applications
Hardware Engineer
• Computer Science
• Firewalls
• IDS/IPS/Patents
Security Architect
• Design company’s network
• Security is top priority
• Privacy matters
Your own footer Your Logo
Bits and Bytes Your thing?

7. Top 10 jobs in Information Security
1. Information Security Crime / Forensics Expert
2. Web Application/ Penetration Testing
3. Forensic Analyst
4. Incident Responder
5. Security Architect
6. Malware Analyst
7. Network Security Engineer
8. Security Analyst
9. Computer Crime Investigator
10. Chief Information Security Officer/CISO/ISO/VP

8. Information Security Crime Investigator
 Investigation of computer crimes
 Driven by Curiosity
 Expert witness testimony in court
 Consulting firms, PwC, IBM
 Private Eye, Law Enforcement: FBI, Secret Service
 Knowledge of Pen Testing, Computer
Forensics, Reverse Engineering
 BS:CS, MS:LE, 3+ years, CEH, CPT
 22% Growth, $50K to 100K (gvmt or private)

9. Web Application / Penetration Testing
 Computer Games: Red Team, Black Team
 Get paid to break into Banks
 Part of an IT Audit or Assessment Team
 Opportunity for Travel
 Consulting firms, PwC, IBM
 Direct Hire for Business or Government
 Stepping stone to IT Auditor
 BS/4+ years experience, CEH, CISSP
 Growth 15%, $55-88K a year

10. Forensic Analyst
 Information Systems Analyst
 Network Security Engineer
 Computer Forensics Consultant/Engineer
 Programming, Reverse Engineering
 Experience in Malware, APT, Windows, Linux
 Works with Law Enforcement
 MS/6+ years experience, CEH, CISSP
 $50K to 100K, Mgmt $200K

11. Incident Responder
 Prep for Forensic Analyst/ Investigator/ Manager
 On the Firing line
 Work in real time to stop and document attacks
 Knowledge of Networking, Firewalls
 Experience in Malware, APT, Windows, Linux
 BS/3+
 $65k to 83K

12. Security Architect
 Prep for Forensic Analyst/ Investigator/ Manager
 On the Firing line
 Work in real time to stop and document attacks
 Knowledge of Networking, Firewalls
 Experience in Malware, APT, Windows, Linux
 BS/3+, Certs: CEH, CompTia Network, CPT, CISSP
 $55K to 90K

13. Malware Analyst
 Examine, identify, and understand
viruses, worms, Trojans, bots, rootkits
 Knowledge of reverse engineering and software
development
 Programming, C, Perl, PHP, assembler.
 Experience in Malware, APT, Windows, Linux
 Government, Business, AV companies
 BS/3+, Certs: CEH, CPT, CISSP
 $50 to 100K

14. Network Security Engineer
 Work with Security Architect
 Build, monitor and maintain secure network
 Knowledge of TCP/IP
 Understand IDS/Firewalls/DMZ/VPN’s
 Understand test and analysis tools (sniffers, snort)
 Some Programming or scripting (C, Perl, Java)
 BS/3+, Certs: CISSP, CCNA/CCIE
 $DOE: $70K to 130K (Sr, 5+years, MS Degree)

15. Security Analyst
 Planning and implementing security measures
 Stay up to date with latest intelligence
 Anticipate Security Breaches
 Prevent loss and service interruptions
 Perform Risk Assessments
 Install Firewalls, Data Encryption
 Security Awareness Training
 MS/5+, CISSP, CISM, CISA, CRISK
 $80K Average to $125K, 22% Job Growth

16. Computer Crime Investigator
 Recovery of hidden, encrypted or deleted files
 Investigates computer crime, fraud and hacking
 Gather evidence
 Reconstruct damaged computer systems
 Testify in court
 Train Law enforcement on computer related issues
 MS/4+, CISSP, CEH, CPT
 $50K to $100K (or more for consultants)
 22% Growth

17. Chief Information Security Officer/CISO
 Top Dog in Information Security
 Knows Everything
 forensics, pen testing, auditing, incident response, web app
testing, programming, accounting, business
 Speaking, Training, Mentoring
 Works with CEO/CIO/CTO/CFO/COO
 Only works half days (7am to 7pm)
 <10ys $125 to 150K, > 10yrs $180K to 225K
 Fortune 100 companies, could be in millions
 MIS degree, MBA Degree
 Certs: CISSP, CCISO, CISM, CISA, CRISK

18. Education:
 NAF: Academy of Information Technology (AOIT)
 Nova Southeast University
 Florida International University
 Florida Atlantic University
 Master of Science in Management Information
Systems (MMIS)
 Master of Science in Information Systems (MSIS)
with security focus
 Master of Business Administration (MBA)
 CISO: Chief Information Security Officer

19. Certifications:
 ISACA: Cybersecurity Fundamentals
 Students and Interns
 EC-Council: Certified Ethical Hacker (CEH)
 (ISC)2: Certified Information Systems Security
Professional (CISSP)
 4 years professional experience + degree or 5 years
 Associate for Students without the required experience
 ISACA: Certified Information Security Manager
(CISM)
 EC-Council: Certified Chief Information Security
Officer (CCISO)

20. Self Study
 Free Trials, Amazon/Microsoft Azure
 Boot and Install Linux/FreeBSD
 Put a server together with VMWare/Zen
 Install and Learn Nessus, Snort, Wireshark
 Practice penetration testing, detection, patching
 Attend local meetings
 Information Systems Security Association (ISSA)
 Information Systems Audit and Control Association
(ISACA)
 International Information System Security Certification
Consortium(ISC)2