20,99 €
Mehr erfahren.
- Herausgeber: John Wiley & Sons
- Kategorie: Wissenschaft und neue Technologien
- Sprache: Englisch
Get prepared for your Information Security job search! Do you want to equip yourself with the knowledge necessary to succeed in the Information Security job market? If so, you've come to the right place. Packed with the latest and most effective strategies for landing a lucrative job in this popular and quickly-growing field, Getting an Information Security Job For Dummies provides no-nonsense guidance on everything you need to get ahead of the competition and launch yourself into your dream job as an Information Security (IS) guru. Inside, you'll discover the fascinating history, projected future, and current applications/issues in the IS field. Next, you'll get up to speed on the general educational concepts you'll be exposed to while earning your analyst certification and the technical requirements for obtaining an IS position. Finally, learn how to set yourself up for job hunting success with trusted and supportive guidance on creating a winning resume, gaining attention with your cover letter, following up after an initial interview, and much more. * Covers the certifications needed for various jobs in the Information Security field * Offers guidance on writing an attention-getting resume * Provides access to helpful videos, along with other online bonus materials * Offers advice on branding yourself and securing your future in Information Security If you're a student, recent graduate, or professional looking to break into the field of Information Security, this hands-on, friendly guide has you covered.
Sie lesen das E-Book in den Legimi-Apps auf:
Seitenzahl: 440
Veröffentlichungsjahr: 2015
Ähnliche
Getting an Information Security Job For Dummies®
Published by: John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030-5774, www.wiley.com
Copyright © 2015 by John Wiley & Sons, Inc., Hoboken, New Jersey
Media and software compilation copyright © 2015 by John Wiley & Sons, Inc. All rights reserved.
Published simultaneously in Canada.
No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without the prior written permission of the Publisher. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.
Trademarks: Wiley, For Dummies, the Dummies Man logo, Dummies.com, Making Everything Easier, and related trade dress are trademarks or registered trademarks of John Wiley & Sons, Inc. and may not be used without written permission. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.
LIMIT OF LIABILITY/DISCLAIMER OF WARRANTY: THE PUBLISHER AND THE AUTHOR MAKE NO REPRESENTATIONS OR WARRANTIES WITH RESPECT TO THE ACCURACY OR COMPLETENESS OF THE CONTENTS OF THIS WORK AND SPECIFICALLY DISCLAIM ALL WARRANTIES, INCLUDING WITHOUT LIMITATION WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE. NO WARRANTY MAY BE CREATED OR EXTENDED BY SALES OR PROMOTIONAL MATERIALS. THE ADVICE AND STRATEGIES CONTAINED HEREIN MAY NOT BE SUITABLE FOR EVERY SITUATION. THIS WORK IS SOLD WITH THE UNDERSTANDING THAT THE PUBLISHER IS NOT ENGAGED IN RENDERING LEGAL, ACCOUNTING, OR OTHER PROFESSIONAL SERVICES. IF PROFESSIONAL ASSISTANCE IS REQUIRED, THE SERVICES OF A COMPETENT PROFESSIONAL PERSON SHOULD BE SOUGHT. NEITHER THE PUBLISHER NOR THE AUTHOR SHALL BE LIABLE FOR DAMAGES ARISING HEREFROM. THE FACT THAT AN ORGANIZATION OR WEBSITE IS REFERRED TO IN THIS WORK AS A CITATION AND/OR A POTENTIAL SOURCE OF FURTHER INFORMATION DOES NOT MEAN THAT THE AUTHOR OR THE PUBLISHER ENDORSES THE INFORMATION THE ORGANIZATION OR WEBSITE MAY PROVIDE OR RECOMMENDATIONS IT MAY MAKE. FURTHER, READERS SHOULD BE AWARE THAT INTERNET WEBSITES LISTED IN THIS WORK MAY HAVE CHANGED OR DISAPPEARED BETWEEN WHEN THIS WORK WAS WRITTEN AND WHEN IT IS READ.
For general information on our other products and services, please contact our Customer Care Department within the U.S. at 877-762-2974, outside the U.S. at 317-572-3993, or fax 317-572-4002. For technical support, please visit www.wiley.com/techsupport.
Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com.
Library of Congress Control Number: 2014954662
ISBN 978-1-119-00281-9 (pbk) 978-1-119-00284-0 (ebk); ISBN 978-1-119-00262-8 (ebk)
Getting an Information Security Job For Dummies®
Visit www.dummies.com/cheatsheet/gettinganinformationsecurityjob to view this book's cheat sheet.
Table of Contents
Cover
Introduction
About This Book
Foolish Assumptions
Icons Used in This Book
Beyond the Book
Where to Go from Here
Part I: So You Want to Be an InfoSec Professional
Chapter 1: Securing Your Future in Information Security
Why Does Information Security Matter?
A Brief History of Cybercrime
Knowing Your Adversaries
Organizations Hiring InfoSec Professionals
Chapter 2: Understanding InfoSec Roles: One Day in the Life
Getting Security Experience Where You Are Now
Getting an Entry-level Security Position
Rolling Up Your Sleeves as a Security Practitioner
Getting to the Top in Security Management
Understanding Success in a Security Job
Chapter 3: Exploring Current Issues in Information Security
Malware and Exploits
Assaults on Organizations
Disruptive Trends
Regulatory Compliance and Privacy
Information Security Standards
Part II: Having the Right Stuff
Chapter 4: Education, Training, and Certifications
Higher Education
Vendor Certifications
Industry Certifications
Chapter 5: Key Technology Concepts
Access Control
Telecommunications and Network Security
Software Development Security
Cryptography
Physical and Environmental Security
Chapter 6: Key Management Concepts
Information Security Governance and Risk Management
Security Architecture and Design
Security Operations
Business Continuity and Disaster Recovery Planning
Legal, Regulations, Investigations, and Compliance
Part III: Finding a Job with the Right Organization
Chapter 7: Life as a Security Consultant
Is Consulting Right for You?
Working for a Consulting Firm
Going It Alone as an Independent Consultant
The Good, The Bad, and The Ugly of Consulting
Chapter 8: Working for a Security Vendor
Working in Sales as a Pre-Sales Engineer
Rolling Up Your Sleeves as an Implementation Engineer
Helping Customers in Technical Support
Watching the Fort for a Managed Security Service Provider
Chapter 9: Working as an In-House Security Professional
Living Your Destiny
Working in the Private Sector
One Size Doesn’t Fit All: Small and Large Businesses
Chaos versus Calm: Growth, Mergers, and Acquisitions
Working in Global Enterprises
Living on the Edge with a Startup
Working for a Nonprofit Organization
Chapter 10: Serving in the Public Sector or Academia
Working for a Federal, State, or Local Agency
Working for a Military or Defense Contractor
Going Back to School
Part IV: Getting Hired!
Chapter 11: Branding Yourself for Your Dream Career
Meeting People
Business Networking with LinkedIn
Networking through Facebook
Tweeting with Twitter
Starting a Blog
Writing Articles and E-Books
Segregating Your Personal and Professional Lives
Working with Recruiters
Chapter 12: Creating a Winning Resume
The Basics of a Great Resume
Formatting Your Resume
Tailoring Your Resume
Types of Resumes
What Not to Put in Your Resume
Examples of Winning Resumes
Chapter 13: Getting Attention with Your Cover Letter
Cover Letter Scenarios
Essential Elements of the Cover Letter
Chapter 14: The Interview: Bringing Your Resume to Life
Knowing Why Interviews Are Important
Being Prepared for the Interview
Types of Interviews and Tips for Each
Your Turn to Ask Questions
Focusing on the Goal
Chapter 15: After the Interview
Writing a Thank-You Letter
Following Up
Other Sources of Information about You
Negotiating the Offer
Breaking Up Is Hard to Do
Welcome Aboard!
Part V: The Part of Tens
Chapter 16: Ten Organizations for InfoSec Professionals
ASIS International
Center for Internet Security (CIS)
CERT Coordination Center (CERT/CC)
Cloud Security Alliance (CSA)
International Council of Electronic Commerce Consultants (EC-Council)
Information Systems Security Association (ISSA)
InfraGard
International Information Systems Security Certification Consortium [(ISC)
2
]
ISACA
SANS (System Administration, Networking, and Security) Institute
Chapter 17: Ten Security Resources to Help You Stay Current
Center for Education and Research in Information Assurance and Security (CERIAS)
Dark Reading
Department of Homeland Security (DHS) Daily Open Source Infrastructure Report
Computer Security Resource Center: NIST Special Publications
Hakin9
Information Security Magazine
ISACA Journal
Risks Digest
SANS Reading Room
Hacker's Quarterly
Chapter 18: Ten Essential Security References
Framework for Improving Critical Infrastructure Cybersecurity
Cloud Controls Matrix (CCM)
Unified Compliance Framework (UCF)
ISO27001
Open Web Application Security Project (OWASP)
Center for Internet Security (CIS)
Common Vulnerabilities and Exposures (CVE)
COBIT 5 Toolkit
U.S. and International Technology Laws
Top 125 Network Security Tools
Bonus Resource: InfoSysSec
Chapter 19: Ten Great Questions to Ask Your Interviewer
How Has Your Department Contributed to the Success of the Company?
What Are Some of the Biggest Challenges Your Department Is Facing?
What Keeps You Excited About Coming to Work Every Day?
What Do You Like About Working Here?
Can You Describe How We Would Be Working Together?
What Is the Makeup of the Team or Organization?
What Are the Key Traits of Your Most Successful Employees?
How Would You Define Success During the First 90 Days?
Do You Have Any Concerns About Me That I Can Address Now?
What Is Your Next Step in the Selection Process?
Glossary
About the Author
Cheat Sheet
Connect with Dummies
End User License Agreement
Guide
Cover
Table of Contents
Begin Reading
Pages
i
ii
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
325
326
Introduction
The information security (InfoSec) profession got its start decades ago, but it consisted of few people, mostly in military and other secret organizations. With the appearance of the Internet in the 1990s, organizations started to put information online, and the InfoSec profession became a little more popular. Fast-forward to the mid 2010s, with its big security breaches as well as new laws and regulations, and information security is one of the hottest professions around the world.
About This Book
There are more than enough books on information security, but far too few professionals to do the work. Until now, there was no clear guide to getting into the profession. Delivered in the same rich tradition of the Dummies series, Getting an Information Security Job For Dummies is that clear guide on planning your entry in information security, no matter where you are in your career today:
If you're a student or recent graduate,
you'll get real-life information on what it’s like in the information security profession.
If you're an experienced IT professional,
you'll understand how to make a lateral move into information security.
If you're already getting your start in information security,
you can chart your career path and decide what kind of an organization you may want to work in.
If you're in the information security job market,
you'll understand different types of information security jobs in different types of organizations.
If you need to hire an information security professional,
you'll find lots of information to help you focus on what kind of candidate you need and to better understand the people who are applying for your positions.
No matter why you’re reading this book, you can use it as a security career reference. Getting an Information Security Job For Dummies is full of insight from real information security professionals, in their own voices. You’ll begin to understand what the InfoSec profession is really like from professionals who have been going at it for years.
Foolish Assumptions
While writing this book, I’ve made some assumptions about you:
You are curious about technology and how things work. Even if you're looking to get into the compliance or controls aspect of information security, it’s still important to have a healthy appreciation for how technology supports an organization.
You dislike malware and the criminal organizations that create them. Even if you don’t yet understand how cybercriminals work, your conscience tells you that what they are doing is wrong, and you want to learn how to help organizations better defend themselves.
You enjoy learning. My first clue: You are reading this book! Being in information security — or any branch of information technology — demands continuous learning. Security issues and technology itself change quite rapidly, and continuous learning is needed just to keep up!
You like Dr. Who and his problem-solving capabilities, even if some of the scenarios he finds himself in are a little odd.
How am I doing so far? If all of my assumptions are right, you may be InfoSec material and ready to seriously consider a career in information security.
Icons Used in This Book
Throughout this book, you'll see icons in the left margin that call attention to information that’s worth noting. No smiley faces winking at you or any other cute little emoticons, but you’ll definitely want to take note! Here’s what to look for and what to expect.
Throughout the book, you’ll find stories and tips from information security professionals, in their own voices.
This icon identifies general information and core concepts that are well worth committing to your nonvolatile memory, your gray matter, or your noggin’ — along with anniversaries, birthdays, and other important stuff!
Thank you for reading; we hope you enjoy the book; please take care of your writers! Seriously, this icon includes helpful suggestions and tidbits of useful information that may save you some time and headaches.
Whatever I’m warning you about is nothing that hazardous. These helpful alerts point out easily confused or difficult-to-understand terms and concepts.
Beyond the Book
In additional to the material in the print or ebook you’re reading, this product also comes with more online goodies:
Cheat sheet:
The cheat sheet offers tips on interviewing for an information security job and building your personal brand. You can find the cheat sheet at
www.dummies.com/cheatsheet/gettinganinformationsecurityjob.
Web extras:
You’ll find some great references that you can use, including a resume template, a sample resume, and a list of websites of value to information security professionals. Go to
www.dummies.com/extras/gettinganinformationsecurityjob
.
Updates to this book, if we have any, are at
www.dummies.com/go/gettinganinformationsecurityjobudupdates.
Where to Go from Here
If you're wondering what the information security profession is all about, go to Part I. If you want to dive into the education, training, and knowledge required in information security, start with Part II. If you’re wondering what life is like in different types of organizations, Part III was written just for you. If you’re ready to get out there in the InfoSec job market, go right to Part IV. If you love lists, head for Part V.
And for those who want to take an even deeper dive into the knowledge expected of information security professionals, get a copy of CISSP For Dummies, by Lawrence Miller and Peter H. Gregory.
Part I
So You Want to Be an InfoSec Professional
Visit www.dummies.com for great For Dummies content online.
In this part . . .
Find out how industry conditions have led to today’s high demand for skilled information security professionals.
Understand typical job titles and their duties.
Discover the security problems that governments and industries face today.
Chapter 1
Securing Your Future in Information Security
In This Chapter
Understanding the need for information security professionals
Reviewing a history of cybercrime
According to the Cisco 2014 Annual Security Report, the worldwide shortage of information security professionals exceeds one million workers. You have chosen a great time to learn more about this exciting and rapidly changing field!
This chapter takes a closer look at the changes in business and technology that have given rise to the high demand for information security workers. You also discover why information security is a great career field.
Why Does Information Security Matter?
Information security, or was once considered a technical discipline with little business relevance. Now, however, it is a topic of heated discussions in corporate boardrooms around the world. Information security matters because information technology matters — and because criminals are finding it easy to steal sensitive and private information from organizations’ information systems.
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
Lesen Sie weiter in der vollständigen Ausgabe!
