The 10 Coolest Information Security Careers

Every time someone asks me about my profession, people’s reaction is often the same: -Wow! So you’re like those hackers I see in the (Hollywood) movies! That’s really cool! Listen, can you discover someone’s password for me?

After an hour long monologue telling them the difference between hackers and crackers, the unethical implications of discovering someone else’s password, the basics of networking functionality and so on, people are still amazed by the knowledge the profession requires and the coolness of “attacking” websites and investigating a computer crime. I guess it’s a reflex of that famous TV series…

But either we like it or not, Information Security careers hold a certain glamour and ignite people’s imagination. Thus, I’ve decided to research a bit further, and write down what each job is about so the next time I’m asked, I’ll just refer people to this page. :)

This article is also useful if you’re considering to start your Information Security career or looking for some career tips.

So, let’s see what we’ve got. Let me highlight that the career order here purely reflects my personal preference. Objections are welcome!

The article is written in descending order to give you that suspense feeling :)

10 – Information Security Analyst

This information security job involves assessing the effectiveness of Information Security policies and pointing out vulnerabilities or lack of controls to mitigate a given risk. The security analyst will work with every department in the company to make recommendations for improvements and craft detailed design documents for them to implement. This position has become common place with the advent of ISO 27001, Sarbanes-Oxley and similar regulations and compliance frameworks.

Where to look for a job: basically, every company dealing with information requires an Infosec Analyst.

9 – Incident Responder

Those employed in this information security career will monitor computer systems for security breaches, report and document such breaches and implement appropriate countermeasures. The incident responder will also undertake protective and corrective measures when a security incident is discovered.

Where to look for a job: These professionals are usually found at the SOC or network monitoring department of datacenters.

8 – Network Security Engineer

Network security engineers are responsible for developing, maintaining and troubleshooting computer network security systems, configuring security hardware and software and preparing security reports. These professionals possess deep knowledge of communications protocols, network routing, packet and content filtering. That’s how I started my career, a couple of years ago…

Where to look for a job: Almost every company with a medium/large sized network infrastructure. For small companies, do expect the network administrator to wear this hat.

7 – Chief Information Security Officer

The responsibilities of this information security career are enormous, as CISOs are in charge of an organization’s entire computer security system. The CISO will also oversee the company’s entire network of people who safeguard a company’s digital security, from systems security officers to software and hardware vendors. Their responsibilities may also include identifying a company’s digital protection objectives and defining allocation of resources based on priority areas, as well as overseeing investigation of security breaches and incident response planning. Depending on the country, CISOs are legally liable for a company’s Information Security health.

Where to look for a job: Large organizations.

6 – Information Security Architect

Information Security Architects are the professionals thinking on the big picture: They need not only be aware of every piece of technology deployed within the business architecture, but also understand how and why all of these components interact with each other to achieve the objectives of the enterprise. The architect is involved (or at least should be, but we know how real life is…) at the early stages of any IT project to design and implement the security policies required to protect the integrity, confidentiality and availability of the information on an end-to-end basis.

Where to look for a job: Major organizations, Information Security Services Provider/Consultancy companies.

Pages: 1 2

Filed Under: ArticlesFeaturedFrom me to youJob MarketMy careerNews

Tags:

RSSComments (30)

Leave a Reply | Trackback URL

  1. pmp says:

    really cool one.

  2. [...] O portal My Information Security Job publicou recentemente um artigo listando as 10 carreiras que considerou como sendo as mais legais na área de segurança da informação (“The 10 Coolest Information Security Careers”). [...]

  3. kea says:

    Hey Adriano,

    Great posts. I would like to reference your blog posts and comments as part of a presentation I am doing for a local high school career symposium. This is a field of opportunity that we need to get our Next Gen’s in front of! : )

  4. ashwini says:

    Superb blog…Paramount beneficial to a fresher looking out in this field.

  5. [...] Top 10 Coolest Information Security Careers – From a log management/SIEM standpoint the coolest job was the ninth, “Incident Responder.” For the record, the #1 Coolest Job was “Computer Crime Investigator.” [...]

  6. Thank you for a great post

  7. Rubye Thebeau says:

    Enjoyed reading this post, thanks ;)

  8. [...] is the original post: The 10 Coolest Information Security Careers — My Information … Share and [...]

  9. [...] the rest here: The 10 Coolest Information Security Careers — My Information … Share and [...]

  10. [...] hecho caso a uno que normalmente miro poco (el resumen de Information Security Career de Likedin) y me he encontrado un artículo que os puede resultar interesante. Habla sobre 10 posibles itinerarios profesionales y qué es lo [...]

  11. [...] post: The 10 Coolest Information Security Careers — My Information … Share and [...]

  12. [...] the original post: The 10 Coolest Information Security Careers — My Information … Share and [...]

  13. [...] rest is here: The 10 Coolest Information Security Careers — My Information … Share and [...]

  14. Elvis says:

    Strategy roles such as portfolio/product management really are not a fun place to be right now. The market already has all the technology it can afford (e.g. FW, IPS, AV) and technologies that seem cool (e.g. anomaly detection) have flopped in the marketplace.

    The forces on the industry are to reduce costs and to reduce complexity by folding multiple security functions into fewer devices. There is room for innovation but not really the fun kind.

    I guess there may be some innovative technology incubating out there right now (e.g. botnet detection) but I doubt anyone outside of core federal gov’t has the money or will to buy it.

  15. Dating Guru says:

    Man, i hope my blog is this good some day! :) haha!

  16. Chick Magnet says:

    I pray that someday I will have a blog as good as yours! :)

  17. [...] Securities.Related blog postsInformation Security Management with ITILv3 | IT Governance Blog …The 10 Coolest Information Security Careers ? My Information …ITILv2 Manager to ITILv3 Expert Bridge Package | IT Governance …Security Operations Engineer [...]

  18. [...] The 10 Coolest Information Security Careers — My Information … [...]

  19. A.J. says:

    I see a new type of information profession who is able to morph into each of these roles, seamlessly and effortlessly. Seems if you have the technical background, one could be involved in project management, information security, network security (systems engineering), among others. The new information professional is aware of and perhaps trained in more than one area, so I really see the job titles as arbitrary upon the organization. What do you think?

  20. Glen Daniel says:

    Security Metrics Analyst/Expert

    It’s a fairly new trend but with the government getting more involved in regulating IT Security I expect demand for experts in Security Metrics will grow significantly in the near future. Even without government involvement many companies are beginning to recognize the need for a dedicated expert in metrics who can provide objective measures of security effectiveness; in particular how well the company’s security tools, processes, and policies are supporting the business.

  21. [...] Continued here: The 10 Coolest Information Security Careers — My Information … [...]

  22. Andy Barratt says:

    I’d agree with what Chris Wren has put, and I think it might also be worth noting that most of the jobs listed are IT Security, and not Information security.

    How about :- Security Assesor?

    If you like travelling the world a job in security assesment / management system auditing can be pretty cool.

  23. Christopher Wren says:

    @Pauli it all depends what your definition of cool is….. cool is what ever has my interest an any given time.

    Relying on the media to determin what is and isn’t cool (forensic investigator), just shows how easily you can be manipulated.

    Being your own person is what will make you cool, sometimes that will be in line with the heard and sometimes you have to stand out by yourself.

  24. Pauli Wihuri says:

    @chris: you forgot that coolness and real value are not the same thing :) anyway, can really relate to you list and would add:
    Portfolio management
    Program management
    Product management
    Strategy..
    ..you name it all key IT roles.. :)

  25. Chris Wren says:

    Business Continuity
    Compliance Management
    Risk Management
    Process Development
    Data Managment
    Business Analyst
    Solutions Architect
    Incident Managment
    Supply Chain Managment

    These might not all scream out as InfoSec roles but this is where InfoSec gets really interesting, it is how it relates and improves the business. Identifying opportunites and the level of risk, is what really makes a diffrence to the bottom line.

    InfoSec is not just geeks fiddling with technology and you need to be able to imagin the larger impact that InfoSec can have on the whole of the business.

    You might not see it now but this is far more exciting than analysing packet dumps or going through Encase logs looking for kiddie porn.

  26. [...] here to read the rest: The 10 Coolest Information Security Careers — My Information … Share and [...]

  27. [...] more here: The 10 Coolest Information Security Careers — My Information … Share and [...]

  28. [...] This post was Twitted by alina_popescu [...]

  29. Social comments and analytics for this post…

    This post was mentioned on Twitter by securitypro2009: The 10 Coolest Information Security Careers My Information … http://bit.ly/bSSlc5

Leave a Reply