Careers in Information Security
Given the quantum of data that is stored over the network, information security has become a priority for organizations. The Information Security industry is one of the growing enterprises of our times due to the new challenges we face.
The terrorism of modern times has added a new element into the picture. Hackers now may not be the neighborhood geek any more chasing a thrill by just being destructive; they might also be competition in pursuit of classified information or a disgruntled employee of the organization.
Information Security systems are governed by three important levels:
- The Confidentiality of Information.
- The Integrity of Information.
- The Availability of Information.
These three paradigms are referred to as the CIA Triad. Learn more from clicking on this link.
These are the paradigms that were first established by the National Information Assurance Glossary (NIST) of the US Government. The NIST defines Information Systems Security or INFOSEC as:Protection of information systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document, and counter such threats.
The art of Cryptography has become one of the crucial elements in Information Security. One of the noted cryptographists Ron Rivest states, “Cryptography is about communication in the presence of adversaries”. Cryptography is used to hide the meaning of messages through a process called encryption. This process translates plain text information into something that is unintelligible, known as cipher text. Cryptology is applied in areas like authentication and access control. All electronic commerce, transactions via ATM cards and computer password control access is managed by Cryptography applications.
There are different qualifications required for different entry levels for Engineers who aspire to make a career in Information Security. Systems administrators can make do with an Associate Degree. Analyst, Engineers or Managerial level positions require B.A. in Information technology or a B.S. in Computer Science. A Directorial level position requires an M.S. or M.A. If one aspires to pursue an academic career, than a Ph.D. is essential for Professors, Researchers and Advanced Developers.
A University Graduate can start as an Information Security Administrator. At least four years of work experience is essential to go up to the next level of Information Security Analyst or Engineer. The field demands strong analytical skills. Engineers should be able to visualize and be able to create various scenarios by which a system can be broken into by smart hackers. This visualization helps in preparing proper frontal buffers that would make the system fool proof and secure.
The average base salary in the US for IT administrators starts at about $ 45 – 55,000. This goes up further to about $ 75000 for an Information Security administrator. Security Analyst and Engineers draw about $ 80,000. An Information Security manager draws about $ 100,000 and the CSO draws about $ 150,000 or more. The link indicated below provides an extensive overview of the field with good anecdotes that would make anyone interested in considering a career in this field.