7 reasons why you SHOULD work in Information Security

3 – You have an opportunity to interact with everyone in the company

I wanted to make a joke about developers again, but will let it pass.

Anyways, as an information security professional you not only have the possibility, but many times are required to interact with people both above and below you. An Information security career will give you exposure to the business, the technology, the risk, and everything else under the sun. That in itself is awesome because you are not only sharpening your knowledge in the field, but also your soft skills so you can be an admirable leader who is able to sell information security to the business, senior managers and users when the time arrives.

2 – You set the rules (and also have the power to break them)

Hmmmm.. what am I going to block today? Let me see…

( ) Facebook

( ) Skype

( ) Sports newspaper

Well, let me set my exception first..

Jokes apart, being an Information Security professional enables you to set the rules of the game. In companies were Information Security is well understood and the business has a part to play, these rules are usually set in liaison with them, you just make recommendations and implement what was decided. But for smaller companies, my experience tells me that all that was needed was a security incident to happen for someone at the top to come asking for this or that to be disabled/blocked/deleted/ incinerated. Have you seen it before?

As an auditor, what I have seen out there and I’m sure some of you might agree is that, even though the rule should apply across the board, there is always an exception for the IT team… Hilarious, but true. Now, excuse and let me get back to FB… 🙂

 1 – Being a security  professional is cool… or at least people think it is.

Think with me: how cool is it being a, let’s say, DBA? Their lives are basically about commiting and dumping. Blergh!

But being a security professional elevates you to the status of a demigod among your friends. People look at you and say: there goes the hacker… his/her salary must be really great because s/he could break into the federal bank in minutes, and get 0.01 dollar of every financial transaction without people noticing (aka salami attack).  That’s what people think when they don’t really have a clue about what you do, and that’s cool!

But seriously speaking, can you imagine how awesome it is to be a Computer Forensic Investigator? What about an ethical hacker? An article I’ve written before about the coolest information security careers lists these two positions among the Top 5 in Information Security.

Do you agree?

That’s all for today, fellows! feel free to leave your word, and spread mine if you find it’s worth to!





Pages: 1 2

Filed Under: ArticlesFeaturedFrom me to youFront PageInformation SecurityJob MarketMy career


RSSComments (12)

Leave a Reply | Trackback URL

  1. Kristy Spencer says:

    Hi All,

    I really want to get into Information Security and started taking classes, but felt like I was way behind everyone else technology-wise. I’m not the type to be able to tear apart a computer to know them inside and out. Should I let this stop me? Feedback and advice is welcomed. Thanks!

  2. Mutiu adepoju says:

    Although am a young graduate based in nigeria, but i think i find much interest in taking a career in information security , what do u think?, and i will be glad if u put me through.

  3. Adam says:

    Got a telephone interview coming up for a graduate Information Security Analyst… Any tips guys, how can I impress?

  4. Amine says:

    I have been in the infosec world for the last 17 years and did my PhD in computer science (1994, crypto). I must tell you, it is a great and exciting field to be in. I worked with IBM, Cisco, EMC, Telecom …


  5. Balaji kapsikar says:

    I am really agree with you,From Last 18 months i am working as information security analyst , I do VAPT , Server application and network security audits in my orgnisation and now I want to do Info sec certifications for my gr8 future so how and for which certification should i go.

  6. Alex says:

    I tend to agree with Rob. I got infected with InfoSec bug after picking up a copy of Hacking Exposed book and reading it cover to cover multiple times & practicing it about 8-9 years ago. I self-studied myself to a CISSP certification, became a member of a local ISSA chapter, and avid reader of InfoSec & SC magazines. I followed that up with a Masters degree in Info Assurance. You probably are thinking by now that I am a bigshot InfoSec professional, CISO or something…WRONG!!!
    Since then I’ve had the (bad) luck of being employed in companies (4 including my current employer), where they didn’t give a hoot about security. My current employer (a hospital) has a CISO, who knows nothing about InfoSec or IT for that matter. The only reason he has that title is because of being a great BSer & can get $$ from senior mgmt!
    So I’m still an IT professional (system admin), my CISSP expired, and haven’t held any security positions and still paying my school loans!
    Anywhere I apply or interview for a security position, they take one look at my resume and they see SysAdmin and say NO THANK YOU!

    And btw being a SysAdmin doesn’t make you a chick magnet either!!!

  7. binary0018 says:

    Yeah thanks for the motivation 🙂

    Would like to share my story. I’ve been in IT Sec/Governance for 6 years now. Not yet an expert, but no longer a novice. I didn’t choose to work in this line at all. Somehow my career path turned out this way! 🙂

    But some weeks back, I was on the brink of exiting this field completely. I was v fedup & depressed at my last workplace & even prepared to forsake my professional credentials & track record, to get out of it. I wasn’t sure whether the problem was with the environment or the scope of work. Or could it be me? I was thinking, perhaps I’m not suited to this sorta work afterall.

    Then suddenly out-of-the-blue I received a call from this recruitor about a prospect with a well-known MNC, for their IT controls team. I didn’t even feel like turning up for the interview. But I did in the end & got the job, har!

    Currently still in the honeymoon phase with my new employer (not yet a month here). So far, I find ev’ything much better than the previous place – pay, staff welfare, resources … even my new boss! I respect him a lot & like him so much better than the previous one. At least I now look fwd to going to work each morning. And yes, am rediscovering my zest & love for security =)

    I reckon there are many factors which count towards becoming a successful security professional (and sustaining a career in this line). It can be tough and demanding at times. But like any other job, being passionate about your work helps you stick it out thru the tough times.

    PS: Which sponsor links do we click btw? I clicked all which looked like adverts to me, lol!

  8. Jeff says:


    How’s it going buddy? Looks like the site has become a hit dude – Nice!

    I had to chime in here because I just read Rob’s bit “…security professional has never attracted chicks at parties.” Well, you and I know better about that. YOU are (were) a chick magnet. Well, it could have been your stunning good looks, irresistible charm …or when you said “hey there…I’m a security professional.” Wait, come to think of it, you never said to the chicks. Okay, Rob’s right. 🙂

    Seriously though, you still enjoying Sydney? Or gearing up for a move elsewhere? Big news for us is, we bought a house. Yes, we’re actually becoming grounded 🙂 Quaint village area; a 5 min walk from ocean. Happiness.

    Looking forward to hearing back. Cheers bud, -Jeff

  9. ShreeVaidya says:

    I have always been passionate about information security and the monetary and other benefits surely do add up.I believe passion for the domain has been a major driver for me. I do not consider it a job 🙂

  10. Shadab says:

    Rob : I dont agree on the points you have mentioned, In the article Adriano has clearly told about the salary that it depends on which location you are. I agree that you cannot make money as sales guys but if you join a consulting firm it is same as sales with technical knowledge or presales job. so I would say the points are very true depending on some situations.

  11. Purdy says:

    I have never been told I have a cool job and I have been in the industry for 15 years. I have been told I have one of those made up jobs that doesn’t really exist.

    Funny article though, thanks for putting it up.

    IT Security is also gender agnostic. Which is brilliant.

  12. Rob Slade says:

    OK, the field is diverse, I’ll grant you. And you should be able to talk to anyone in the company. (Whether they’ll reply is another matter.) But, companies taking security seriously? Please. High salary? Better than line work, but you’ll never make the money you do in sales. And I know way too many infosec mavens who are un-or-under employed. You set the rules if senior management backs you up, and that seldom happens.

    And being a security professional has never attracted chicks at parties.