I am an electrical engineering graduate. I want to break into Information Security. I have plotted a sort of learning map for myself over the next year that I hope will give me the technical know-how to begin a career in this field. I would like you to tell me if I am on the right track, and if there is anything additional that I can do.

Here is what I plan to do:
Since I am working full time, I can only do part-time courses for now. First, I am doing an Advanced C and Unix course (focusing on system level programming). Along with this, I am reading extensively on network fundamentals (I did not have a lot of Comp/ IT subjects in my college curriculum). Once I complete the C and Unix Course, which is about 6-8 months long, I plan on doing a CCNA certification.

I feel that by doing the above two courses, I will have the required knowledge to either get an entry- level job in a security capacity in an IT firm or be in a position to apply for a Master's program in InfoSec from a reputable university in the USA or Europe. The course that I have found most interesting is the one offered by the Information Security Institute at the Johns Hopkins University. Please can you also tell me which other colleges I can apply to? I would appreciate any guidance that you can offer me. As you may have realized from what I have said so far, my plans are kind of long term, but I want to be sure that I am moving in the right direction. Thanks in advance.

I see your initial planned curriculum as entirely background focused, perhaps even remedial in nature, rather than having direct relevance to a job in information security even at the entry level. You'd want to add at least one entry-level InfoSec credential to your roster to establish some minimal credibility in the field -- such as the CompTIA Security+, the SANS GSEC, the TruSecure TICSA or the ISC-squared SSCP -- to your line-up to make yourself more interesting to potential employers.

That said, the tendency to hire entry-level people who don't already have an advanced degree or at least four-five years of IT experience (usually as a network or systems administrator, in a job with some security component, if not an outright security focus) is pretty darn low. That's why I have to applaud your decision to pursue a master's in information security. You can add any of the so-called "National Centers of Academic Excellence" recognized by the National Security Agency (NSA) to your list of candidate schools. Read more about these at http://www.nsa.gov/ia/academia/caeiae.cfm.

With a degree from one of these programs under your belt, you'll get access to the school's outplacement office and find doors to all kinds of interesting jobs opening to you. Good luck in your career and certification planning.

--Ed--

Additional Expert Help:
Be sure to check our Answer FAQ for more expert advice.

For faster answers, visit ITKnowledge Exchange.

This was first published in February 2005

Join the conversationComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.
    Back to top