By Aaron W. Bayles, Chris Hurley, Johnny Long, Ed Brindley, Chris Klaus (Foreword)
HIGHLIGHT
The Information Security (InfoSec) workforce is expected to increase to 2.1 million by 2008 at a compounded annual growth rate of 13.7% from 2003. Many of these future InfoSec pros will come from non-traditional, hacker backgrounds, and this book provides these non-corporate types a detailed, technical guide to developing and harnessing their hacking skills as well as the soft skills necessary to land and keep their dream job. |
A Technical Guide to Landing (and Keeping) a Job in the Information Security Field
Date: Apr2005
Pages: 472 (est.)
User level: All |
DESCRIPTION
“InfoSec Career Hacking” starts out by describing the many, different InfoSec careers available including Security Engineer, Security Analyst, Penetration Tester, Auditor, Security Administrator, Programmer, and Security Program Manager. The particular skills required by each of these jobs will be described in detail, allowing the reader to identify the most appropriate career choice for them. Next, the book describes how the reader can build his own test laboratory to further enhance his existing skills and begin to learn new skills and techniques. The authors also provide keen insight on how to develop the requisite soft skills to migrate form the hacker to corporate world.
KEY
SELLING POINTS
- The InfoSec job market will experience explosive growth over the next five years, and many candidates for these positions will come from thriving, hacker communities.
- Teaches these hackers how to build their own test networks to develop their skills to appeal to corporations and government agencies.
- Provides specific instructions for developing time, management, and personal skills to build a successful InfoSec career
MARKET
INFORMATION
- IDC estimates the number of information security professionals worldwide currently to be 1.3 million, a 14.5 percent increase over 2003.
- 22 % of 12-15 year olds cited working with computers as their ideal career, ahead of launching a pop career (15 per cent) or becoming a doctor (13 per cent).
- Security professionals have experienced growth in job prospects, career advancement, higher base salaries, and salary premiums for certification at faster rates than other areas of information technology.
- Information security managers believe continuing education and certification are important to the profession, with strong business acumen becoming an essential ingredient for professional success.
ABOUT
THE AUTHOR
Aaron W. Bayles has over 8 years experience in the IT field including Information Security and works for a leading systems integrator as an IT Security Analyst/Engineer performing penetration testing, security engineering, and risk assessments.
Johnny Long has spoken on network security and Google hacking at several computer security conferences around the world including SANS, Defcon, and the Black Hat Briefings. During his recent career with Computer Sciences Corporation (CSC), a leading global IT services company, he has performed active network and physical security assessments for hundreds of government and commercial clients.
Chris Hurley (aka Roamer) is a Senior Penetration Testing Engineer working in the Washington DC area. He is the founder of the WorldWide WarDrive, a four year survey conducted by information security professionals and hobbyists to document the security posture of currently deployed wireless networks and generate awareness of the insecurities associated with them. Primarily focusing his efforts on penetration testing, he also performs vulnerability assessments, forensics, and incident response operations on both wired and wireless networks. He has spoken at several security conferences, been published in numerous online and print publications, and has been the subject of several interviews and stories related to wireless network security. He is the primary organizer of the WarDriving contest held at the annual Def Con hacker conference. Chris holds a bachelors degree in computer science from Angelo State University. He lives in Maryland with his wife of 15 years, Jennifer, and their 8-year-old daughter, Ashley.
Ed Brindley CISSP is a security engineer and researcher at Assured Decisions, a leading information security firm. He has spoken at numerous network security and information sharing conferences for commercial and government clients. In recent years, he has become increasingly focused on cross-domain information sharing, security usability, and organizational dynamics.
TECHNOLOGY
BACKGROUND
Economic crime is on the rise, according to a recent survey by PricewaterhouseCoopers LLP, and technology played a significant role as either the tool for coming fraud or the target of fraud. More than one third of companies reported being victims of fraud in the past two years. This number is significantly higher than in previous surveys, and it reflects an unfavorable upward trend. The cyber-criminals attacking companies and governments around the world are skilled in finding and exploiting software vulnerabilities, launching denial of service attacks, cracking passwords to access corporate networks, crafting SQL-injection attacks to gain access to sensitive databases, and launching worms that cripple organizations. Corporations and governments are desperately seeking talented, qualified individuals to defend themselves against these attacks. |
