4. Monitor security industry budgets and salary trends
Security professionals can understand a great deal by the ways companies spend their money on IT. By tracking spending, budget behaviors and pay scale trends we have a greater understanding of the trend in the security industry. The past year wasn’t good for the job market due cost cutting measures and lay offs across all industries. However, in UK for example as per itjobwatch the trend is getting better for security jobs. The trend shows that the average salary has increased by 10% since year 2008. The skills which provide the best potential to sell one’s CV in the market are ISO27001, CISSP, Government, PCI DSS and so on.
5. Don’t be limited to just reading
To be a successful security professional one needs to have not only technical know how but also hands on experience. Nowadays companies insist on hands on experience in firewall management, IPS/IDS configuration, penetration testing. If your company can afford to send you for hands on training then speak to your manager and get some training in network security or Linux administration or windows security, etc. However, if training budgets are tight and chances look slim for new training then the best approach is to speak to someone in telecoms team or operations security team. Book an hour of meeting based on their availability and discuss basics, common scenarios, settings and configurations and risk mitigation.
6. Blogging is serious business
Something I learned quite late but is quite a motivational factor for me every day since then is blogging. I personally recommend every security professional to start a blog and express their ideas freely. This is a free world and we have the freedom of expression. Blogging presents itself as an ideal way of marketing yourself on the internet.
7. Don’t be afraid of starting a business
There are many people out there who might disagree which this statement especially when there is a recession going on, but I stand by it. If you don’t start something now you may never take up the challenge of starting something of your own. To start something you need to do your own market research to find out the gaps in the market and whether you have something that’s unique to sell. Even if it isn’t unique don’t be afraid to try. Every business will take some time to reap benefits but you must not give up at the very first stumbling block. The more hard work you put in the better the results. For a security professional there are a number of opportunities like starting your own security consultancy, developing your own security product, information security blogs or websites, etc. The list can go on and on and its up to you to decide what skills you have that can be used worth while for your business.
-Anupam Cherubal on behalf of My Infosec Job team.
PS: This article was previously called “What Could Have Been Done Differently in 2009?”. Since the content is good but got buried due to the “2009”, I just gave it a face lift and brought it back to life!
Pages: 1 2