top of page

Information security

The most Attractive field in the area of IT, with high demand from all kind and size of companies, based on the recent security breaches that increase year after year, it forced the management to start looking into this area and reserve a budget for it same as normal IT requirement.

Information Security Career

In fact, to enter the world of information security, you need to be equipped with some special knowledge and personal traits and characteristics. Usually, you will be responsible for protecting the others; you’ll be more than a security guard. The field requires enough knowledge and experience in other IT areas, such as Networking, Systems, and Applications developing and operation. Here are the primary specializations in this field. 

Information Security Engineer

 Starting from an entry level of this job to senior level, the main tasks of this job in most of organizations, is to take care of security devices, same as network engineer with added skills to different security and networking appliances, focusing on various vendors, and how to configure and monitor those devices to achieve the required protection levels required by the business. Certificate required to prove your skills such as:

- CompTIA Security+

- SSCP (System Security Certified practitioner)

- CCNA Security 

- Vendor based Cert

SOC Engineer

One of future job for security practitioner and analysts, required by large enterprises and government, this role needs talented and intelligent people, have in-depth knowledge of network and security devices, understand very well and able to perform efficient network traffic analysis, can read different system logs, capable of response to security incident, aware of compliance requirement. Have the good understanding of external and internal threats and attacks. 

 

- SSCP 

- any SEIM vendor based cert 

- broad network understanding 

- Ec-Council Certified Network Expert

- Security Incident and Event Management

Information Security Management

This is the first managerial position in security profession, someone responsible to manage or lead a team of technical security engineer, communicate with top management and other managers within the organization, able to lead a security project and operation team, have security architecting and designing skills, have excellent knowledge in many security domains, and compliance requirement, developing security documents such as policies and procedures.

 

- CISSP 

- CISM 

- CISSP-ISSMP

Penetration Tester

The one who perform and simulate the hacker behavior in the organization, to ensure and find the gaps before it discovered by a real hacker, it’s called ethical hacking and used by many companies based on demand or resident engineer. The ethical hacking career requires a particular skill set, such as packet analysis, programming, using advanced tools for scanning and testing security controls, and advanced knowledge in the very advanced network, operating systems and application weaknesses. 

 

- OSCP 

- OSWP 

- CEH 

- LPT 

- GPEN

Information Systems and Security Auditing

Most of the companies have industrial regulation, internal or external standards, and their target is to meet the requirement, so that they require someone to review and check their readiness, this person is called IS auditor, the primary role for him is to have a list of controls based on the regulation or standard requirement, and start to implement those controls, and continuously audit them, and check their validity.

 

- CISA

- CISSP

- ISO 27001 Implementer/Auditor​

- ISO 27000 Implementer/Auditro 

- ITIL

Please reload

bottom of page