This article features information and advice from a real manager, and good friend of mine, who works in the IT Security field. He is a Certified Information Systems Security Professional (CISSP) who worked for me in the corporate security area. He has also worked for a university and now works for the government in the security area, which shows how highly mobile a career in Information Technology Security can be. 

Here he provides some very good, relevant feedback about his career path in IT Security: 

• In my article, Is IT Right for You?, I referred to "people pouring over security logs." My friend says, "Most sites no longer use the ‘wetware filters’ to look for anomalies in logs, simply because there is just too much raw material to review. Intrusion detection and prevention systems (IDS & IPS) are now utilized to look for and report/react to intrusion attempts, which can be exciting."
• Concerning work schedules: "I would say that IT Security (or Information Assurance (IA) in the government/military world) has the same work schedules as any other IT specialties. In some organizations, there may be offset shifts or even 24x7 operations, but in almost all cases, there will be the occasional late night to work through outages or issues, as well as after-hours work for major planned upgrades and changes."
• Concerning a degree program: "In my opinion, a person planning to focus on security should have a broad foundational understanding of Information Technology. I don't believe you can really secure something unless you know how it works. Applying patches without an understanding or appreciation for how it may affect the underlying systems (and the enterprise in general) will eventually lead to problems."
• Concerning certifications:

• "I consider A+ to be a basic certification that all I.T. people should have."
• "CompTIA certifications (A+, Net+, Security+), etc. are considered entry-level and may not even be on the radar of some civilian employers looking to hire security folk - but they can't hurt."
• "The CISSP holds a LOT of weight with both military and civilian employers. In fact, for many jobs it is a requirement when being considered for Information Assurance positions."
• "For Microsoft shops, the MCSE+ Security is also an excellent certification to get."
• "I also think the CISCO CCNA (Cisco Certified Networking Associate) is good for those who may work in networking or just need to show some level of familiarity with networking concepts."

You can see, success starts with education, certification and experience. As one recent job article put it, "for a person with the right skills and experience, there are jobs available today."  

To help enhance your skills, team up with a friend or co-worker and start taking courses or a certification together. The team approach can help keep you motivated to advance your education and maybe help each other understand material that gives you difficulty. It can also help you use the Military Tuition Assistance (TA) and Post 9/11 GI Bill benefits that you might eventually lose. 

Please feel free to add your comments and experiences that will help fellow service members advance their quality of life in an IT career. 

About the Author 

Paul Capicik is the military program manager for American Sentinel University. Prior to joining American Sentinel, Paul spent over 26 years in the U.S. Air Force and another 12 years in the private sector as a CIO. For more information on American Sentinel University, online information technology degree programs or IT certification training programs, visit http://www.americansentinel.edu/ or call 1-866-922-5690.

Copyright 2009