What will additional training in information security give a system administrator?

I

Ivan Urgant2019-03-13 17:52:06

System administration

Ivan Urgant, 2019-03-13 17:52:06

Good afternoon! Need advice on the following. I work as a system administrator in a large company. In connection with the departure and further reduction in the rate of the information security specialist, the functions are transferred to the IT department.
They offer me to take his job - there is not much work - the creation of eToken keys, EDS signatures. But for this, I have to complete additional education remotely in the amount of about 500 hours. At the same time, the organization pays for my studies, for me it is free, but only if I work for at least 1 more year, otherwise I will have to reimburse the money, and they are not frail there. In principle, I will work for another 1 year, but there may be all sorts of situations in life and it turns out that I will be chained by this, especially at the end of next year I will leave to live in the south.
Question: is it worth it, do you think, to agree to this, namely to study? maybe someone went through something like this at IS, write, is it difficult to go through it remotely?
And most importantly, for a system administrator who next year will be looking for a new job in a new city, add. Will education in information security give me some bonuses, goodies for me compared to other applicants who do not have it? That is, will it be useful for my professional development? Can I then work with such courses in IB, and not as a system administrator? or is it better not to agree, because there will be no sense in the future, but only in wasted time? thanks everyone for the replies!

Reply

Answer the question

In order to leave comments, you need to log in

5 answer(s)

C

cssman, 2019-03-13
@cssman

If you want to study, study; if you don't want to, don't study. As mocking as it sounds, this is the best advice you can get in an answer to your question.

C

CHolfield, 2019-03-13
@CHolfield

Starting from a certain amount and starting from a certain category of personal data and other information protected by law (including commercial secrets), the law requires the presence of at least one official with a completed education in the field of information security or technical protection of information in the operator's office. So ask for a raise, the functions of ensuring this very security will most likely be transferred to you, responsibility will increase - let them bash.

C

CityCat4, 2019-03-14
@CityCat4

and a further reduction in the rate of an information security specialist, functions are transferred to the IT department.

which means that there will be no security as such, there will only be a tick - "we have an information security specialist." The information security department can report to anyone, even the devil, even the deputy general affairs officer - but not the CIO, because the information security is a controlling structure for IT.
The study is worth it.

A

Alistair O, 2019-03-15
@box4

you confuse IT Sec with InfoSec
ITSec is performed by IT specialists, for example, secure configuration, etc.
InfoSec is risk management.
the fact that you will issue tokens is a typical ITsec, this is a role.

R

rionnagel, 2019-03-21
@rionnagel

The IB should report only to the director. You can not interfere with the IT department, and especially give it there.
Going to IS, you need to understand that it is a lot of work with documents. Regulations, good knowledge of the law of your country in this area, international standards, internal documents, etc., etc. Drawing up a security concept and security policies is a big piece of work, but also changes, and this may also include risk analysis , cash settlements, drawing up boundary tables, etc. etc..