Название: Navigating the Cybersecurity Career Path: Insider Advice for Navigating from Your First Gig to the C-SuiteАвтор: Helen E. Patton
Издательство: Wiley
Год: 2022
Страниц: 339
Язык: английский
Формат: pdf (true), epub
Размер: 10.1 MB
Land the perfect cybersecurity role—and move up the ladder—with this insightful resource.
Finding the right position in cybersecurity is challenging. Being successful in the profession takes a lot of work. And becoming a cybersecurity leader responsible for a security team is even more difficult.
In Navigating the Cybersecurity Career Path, decorated Chief Information Security Officer Helen Patton delivers a practical and insightful discussion designed to assist aspiring cybersecurity professionals entering the industry and help those already in the industry advance their careers and lead their first security teams.
In this book, readers will find:
- Explanations of why and how the cybersecurity industry is unique and how to use this knowledge to succeed
- Discussions of how to progress from an entry-level position in the industry to a position leading security teams and programs
- Advice for every stage of the cybersecurity career arc
- Instructions on how to move from single contributor to team leader, and how to build a security program from scratch
- Guidance on how to apply the insights included in this book to the reader's own situation and where to look for personalized help
- A unique perspective based on the personal experiences of a cybersecurity leader with an extensive security background
What Kind of Technology Skills?
There is no wrong answer to this question. Go back to your values and strengths. Historically, the most common security technology skills start with a focus on the technology stack (networking, systems administration, or coding). Learning how the technological plumbing works is important if you're going to defend or attack it. As the profession has expanded, so has the hardware and technologies we care about. Items like the cloud (infrastructure, platform, and application) are newer but here to stay. The Internet of Things (IoT) is exploding, so how do we secure all the things connected to the internet? Operational technology (OT) security is a subset of security that is focused on securing critical infrastructure systems (water, power, and so on) and is key to protecting national security. What will it be like to work in OT security as nation-state cyberattacks continue to grow?
Many students coming from college are focused on application security. While application security involves coding, it's also about systems integrations, reverse engineering, and general hacking. I would suggest that some level of coding is going to be crucial for most security careers. If you want to have a long career in security, it will be important for you to be able to build websites or tools and be able to deal with the huge amounts of data you will undoubtedly encounter. And having those skills is a big advantage for job seekers. There is debate about the right kind of programming language to choose (Python? C++? HTML? Other?). Again, check out the kind of jobs you're looking for to see what kind of languages are needed or talk to security teams to get their opinion.
If you are choosing to go deep into a technical security career, consider getting access to a lab or creating a home lab where you can safely play with the technologies. Searching the internet for home security lab will locate a variety of options, from laptop-based labs to a full server-based setup. Perhaps you could create it in the cloud. Cost and time will be a factor. Use your lab to learn about Active Directory, running DNS and DHCP, network zones, firewalls, Kali Linux, and various operating systems. Technical skills can also take the form of governance, risk, and compliance (GRC). This is about using technical knowledge to create and apply frameworks, regulations, and oversight to an organization. It might include auditing and other assessment functions. Sometimes, people also include security architecture in the GRC field. People in GRC tend to start by knowing one or two technologies and quickly learn how to apply these to business processes and other nontechnology disciplines.
It is impossible to know everything about all the technologies. Do the things you like to do. There are hot jobs out there right now — cloud security, IoT, data analytics, artificial intelligence, and so on — but any technology is a place to start, and those skills will help you transfer later into any number of security roles.
Perfect for aspiring and practicing cybersecurity professionals at any level of their career, Navigating the Cybersecurity Career Path is an essential, one-stop resource that includes everything readers need to know about thriving in the cybersecurity industry.
Скачать Navigating the Cybersecurity Career Path: Insider Advice for Navigating from Your First Gig to the C-Suite