What is the path of self-development of a security officer?

I

IrkDesigner2012-05-30 03:58:45

IT education

IrkDesigner, 2012-05-30 03:58:45

In the first year of the university, there was hope and a holy faith that the teachers themselves would teach everything.
The second was disappointment.
At the third stage, I was completely convinced of the need for self-education, and also that a competent security guard can only come from a competent system administrator, and work combined with study began. The training ground was an office with several servers, windows and linux, with smart and not so smart users. At that time, disciplines on legal security, the law on personal data, etc. were read at the university. Having received the long-awaited diploma, I got a job where there was practically no administration, but there was physical security of objects - video surveillance, perimeter control, access control ... Having mastered these (not very necessary) industries, I, having quit this job, finally got a job in my specialty . Where a lot of paperwork was waiting for me ... Dear habrausers related to security in IT, I beg you, tell me, in which direction to look to the security guard, so as not to turn into a paper rat. And if possible, with links to good courses. Thanks in advance.

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

S

Sergey, 2012-05-30
@bondbig

In width - CISSP, CISA, CISM and related courses-books.
In depth - vendor courses and certification (vendors producing information security products). Here the scope is very extensive, from CCNP(AE) Security to AESA.
Well, field experience.
What about

Having mastered these (not very necessary for the security officer)

I would not say so, these are quite important security topics. And what you call paperwork is also an integral part of the job of a security officer. After all, security is a process that cannot be established without documentation (policies, procedures, regulations). I understand that this does not fit well with the romantic image of the white hat from the films, but nevertheless. If you want to become a CISO in the future, you will have to both know the papers (laws, standards, etc.) and write them.

S

Sicness, 2012-05-30
@Sicness

I would say that the security guards are different. There are many directions, almost like in IT. You can also specialize in video surveillance, technical channels for information leakage, legal work (for example, on personal data), building a secure network and countering intrusions, incident investigation (technical and human side), personnel audit, competitive intelligence, long-term connections with structures and many others. Each organization needs its own directions and it is not realistic to cover all of them. Choose what is more profitable or closer to you.
If the question sounds like “how to develop in a specific direction”, then indicate the direction in the question. Although, probably, if you specify, the answer will be obvious.

Z

zuborg, 2012-05-30
@zuborg

There are really a lot of directions, but there is one general principle - all these books, articles and other theoretical knowledge without practice are not worth a penny ...
In short - put the acquired knowledge into practice. With the mind, of course, and not headlong all in a row and haphazardly. The experience gained will complement the theory, and then it will be useful. At the same time, there will be an opportunity to decide on what is closer to the soul and easier to come by.