Information Security Specialist

Mutt

Mutt

Professional
Messages
1,458
Reaction score
1,299
Points
113
An information security specialist is not the easiest, but demanded IT profession. It scares a lot of terms and peculiar tools, although in fact it is available to people without a technical background. After studying information security, you will work with government corporations, banks, medium and large businesses, cloud services and startups. Simply put, wherever there is a chance of being hacked.

Who is an information security specialist now
Typically, an information security professional is a person who can implement and maintain protection against unauthorized access. Set up a network, anticipate errors and potential bugs, deploy and launch connection monitoring technologies.

But there are also narrower specialties already within the sphere:
  • Pentesters are so-called "white" or "ethical" hackers. They do not hack into business resources illegally. Instead, they work for a company and look for vulnerabilities that developers then fix. It happens that such people work for a salary, or participate in Bug Bounty programs - when a business asks to check their protection, promising a bonus for the found bugs.
  • Development specialists - such specialists are involved in the creation of applications and programs. Simply put, they study the architecture and the ready-made code and suggest that there may be an error or a "window" for hacking. A trivial example is to leave the option to send an SQL injection in the site's input form.
  • Network Specialists - They look for possible potential and known vulnerabilities in hardware and network systems. Simply put, they know how an attacker can get into your computer using Windows, Linux or other systems and install the necessary software. They can both find the possibility of hacking and create a system that will be difficult to get into.

There is another option for dividing specialists:
  • Those who hack, no matter what, networks or programs. Their specialization is finding bugs and vulnerabilities, ethical hacking.
  • Those who build and maintain a defense system. It is this option that employers now mean when looking for information security specialists.

This division is conditional. For example, in a small business developing mobile applications, an information security specialist will deal with the entire cycle, from development to implementation. And in a large cloud corporation, you can only work with Kubernetes, without touching anything else.
The information security specialist now is the one who implements the security system in the company and supports it from attempts to penetrate from the outside.
Click to expand...
Due to unsettled terms, there is a little confusion in the names of vacancies - companies are looking for information security specialists, security administrators, computer network security engineers and other names, implying the same specialist.

What information security specialists do
The main tasks of an information security specialist are to set up tools for protection and monitoring, write scripts to automate processes, and from time to time conduct penetration tests, feeling like a hacker. Monitor the overall performance of the system and administer information security tools.

Here are the typical tasks of an information security specialist:
  • Study the information security system in the company, figure out where there are obvious vulnerabilities.
  • Look at the general situation, find out who, in principle, might be interested in hacking a company.
  • Draw up a protection implementation program. Decide what to fix first - for example, set up access protocols, write protection scripts, set up a password generation system.
  • Understand the product - find vulnerabilities in the code, draw up a technical task for elimination.
  • Conduct a security assessment - Conduct coordinated attacks on network resources.
  • Analyze monitoring - find out who was interested in the system, in what ways, how often.
  • Implement protection for especially weak nodes.
Plus the sphere of information security - you can work for several years, but still not face something unknown and incomprehensible. Of course, there are no exact statistics, but usually all vulnerabilities and hacking methods are known.

Conventionally, about 80–90% of the work time is occupied by protection from already known hacking methods. Another 10% is something new that has not yet been prescribed in the manuals and documentation.

An information security specialist is not always a creative profession. Usually, on the contrary, you do not need to invent anything and reinvent the wheel. The specialist takes a ready-made checklist or instruction, and then implements a security system. Tests it, finds bugs, fixes them. And then a new iteration.
Click to expand...

How to become an information security specialist
The path to the profession of an information security specialist is similar to the standard one for IT - first courses or self-study, then an internship and transfer to a full-time job.

Judging by the reviews of engineers at professional sites, 9-12 months are enough to start in the profession, of which six months are spent on courses.

Do I need a technical background
Experience in IT and programming is not required - this is a special profession at the intersection of system administration, development and consulting. Of course, if you are a novice developer or engineer, it will be easier - you don't have to understand the general principles of IT processes. But not by much, because in any case, information security has a lot of its own subtleties and technologies.

The ideal training plan in the field of information security is a minimum of theory and a maximum of practice. It is useless to simply study the list of popular vulnerabilities, you need to try to implement protection against them in a working product and face the system limitations.

Do I need English
At the start, good knowledge of the language is not necessary - it is enough to understand the required minimum so as not to get lost in the program interface and read the documentation with the Google translator.

But then the language is worth practicing. High-quality literature, magazines, blogs and forums on information security are mostly foreign, good translations into Russian do not appear immediately. To be constantly "in the subject", you will have to refer to primary sources.

When choosing training courses in information security, pay attention to whether they include classes in technical English. In such classes, you will not waste time working on extraneous topics like vacation, cooking, or anything else that has nothing to do with IT. Instead, become familiar with the specialized vocabulary used in testing, development, and reading documentation.

What you need to know to get started
The problem of many courses that train information security specialists is the emphasis on one of the areas of the field:
  • Lots of theory. For example, the courses tell a lot about design features, possible vulnerabilities, but there are no practical tasks. This is bad - it is important that you can immediately try to attack or defend.
  • Only networks - if you look at the structure of such courses, it turns out that this is training for system administrators. There is nothing wrong with this profession, but it still differs from an information security specialist. The sysadmin sets up the network, takes care of the health of the equipment fleet, even sets up the continuous integration process of the product along with DevOps. An information security specialist participates in all these processes from the point of view of implementing a protection system. These are different professions.
  • Only hacking - there is a lot of practical information in such courses, and this is good. But do not forget that now the employer pays mainly for the implementation of protection, and not just for pentests.
If you are planning a career in information security, it is worth looking for courses that teach how to fully implement a security system. Plus, they teach how to use vulnerabilities for penetration testing. And be sure to talk about how to do all this legally - you need to understand the regulatory framework and the specifics of legislation.

That is, laws, and network settings, and hacking, and protection against hacking.

Skill stack
Here is a rough list of what you need to know and be able to get started:
  • Configure a networking stack.
  • Conduct an audit of the system, analyze which place is vulnerable.
  • Attack network resources using popular methods and set up a protection system against such attacks.
  • Set up a monitoring system and a warning system for problems.
  • Take into account the human factor in the construction of protection.
In addition, an understanding of cryptographic and other protection methods is useful. Plus, understand the regulatory legal acts in the field of information security, the area of responsibility of government agencies (FSTEC, FSB, Ministry of Defense, Central Bank).

Tool stack
Here's what to try before hiring an intern:
  • Linux - make your own assembly, read about popular vulnerabilities of the system itself and internal programs.
  • Windows - the ability to customize both custom and server solutions comes in handy. Know how to conduct attacks through updates, driver substitution, or service utilities.
  • DLP - Try popular data loss protection technologies. Simply put, these are programs that can block writing to a USB flash drive or sending certain types of data to social networks or to mail. For example Sophos or McAfee DLP
  • IDS - Network Attack Detection Systems. Such tools, if configured correctly, will inform you when a certain rule is triggered. For example, attempts to unauthorized access or elevation of the rights of a specific user.
  • SIEM is a system that analyzes events in network devices in real time and reacts when a configured rule appears. Simply put, it looks if something has changed in the settings, and if so, it does what the information security specialist invented. You can touch Splunk, IBM and LogRhythm solutions.
  • Kubernetes. If you know how to deploy a Kubernetes cluster, work with configuration and network security, then the chances of getting an internship in any cloud company increase significantly.
Knowledge of methodologies is also useful. Understand how DevSecOps works. It is a modern philosophy that allows security to be implemented at any stage of product development. It will come in handy if you will be working as an information security specialist in a company that creates products.

It is not necessary to know all the technologies at the professional level to start a career. It is enough to have a general understanding of the system, not to get lost in the settings and documentation. If conditionally - you need to know "how" to do, and not "what" to do.

How much do such specialists earn and how much they are in demand
The average earnings of data protection specialists, according to Habr Career, is about $ 2000. But this is the total for all levels and companies. There are those who start with 50 thousand rubles, and there are also vacancies for managers with incomes of $ 4000-7000.

Growth in wages
Here's a typical picture on job sites:
  • A beginner specialist in Moscow earns about $ 1000 - this is an intern with no work experience.
  • Junior-position - there are vacancies of $ 1200.
  • Full-fledged information security specialist with experience of 1-2 years - $ 1500-3000.
  • A specialist with 3-5 years of experience - $ 2500-5000.
  • Manager - $ 4000 and above.

Demand
The demand for information security specialists is high - 800-900 such people are usually searched only on HeadHunter. If you add other names of the profession, for example, security administrators or computer "security guards", you get about 2,000 vacancies.

Mostly offers from $ 2500 in Moscow or St. Petersburg. In the regions, a specialist with 1–2 years of experience can count on $ 1000-2500.

Only highly qualified specialists are offered to work remotely - for example, there are such vacancies with incomes of $ 4000-6000. Basically, the security engineer works in the office.

What to read on the topic
Here is a selection of literature that will help you better understand the field of information security. But it is worth reading it in parallel with the courses - only on theory it will not work to reach the trainee level.
 
You must log in or register to reply here.

Similar threads

Professor
Ethical carding: myth or reality? How to turn knowledge of payment system vulnerabilities into a legitimate profession.
Replies
0
Views
223
Professor
Professor
Professor
Cybersecurity as a Competitive Advantage: How Banks Sell Clients Not Just Services, But a Sense of Security
Replies
0
Views
219
Professor
Professor
Professor
The Ethics of Hacking: Philosophical Debates within Communities and Their Contribution to the Discussion on Privacy and Freedom of Information
Replies
0
Views
253
Professor
Professor
Professor
Architects of Invisible Walls: How Security Bypass Logic Influenced the Profession of IT Systems Designers
Replies
0
Views
119
Professor
Professor
Professor
White, Gray, Black: Classifying Cybersecurity Professionals Who Have Gone Under the Shadows
Replies
0
Views
169
Professor
Professor
Back
Top