Becoming an Information Systems Security Engineer
Information systems security engineers (ISSE), also known as information security analysts, help businesses safeguard sensitive data, including confidential client data, trade secrets, and financial records, from cyber-attacks. These engineers belong to an evolving profession, since hackers and cyber criminals are constantly coming up with new ways to infiltrate protected databases.
According to the Bureau of Labor Statistics, most information security analysts, including information systems security engineers, work full-time. Few engineers are able to work from home, but may need to supervise computer support technicians who telecommute. Few injuries, illnesses, and physical demands are associated with this career. Education and experience are the two most valuable commodities for an aspiring ISSE.
|Degree Level||Bachelor's degree|
|Degree Field(s)||Computer Science, software engineering, systems engineering, information systems, or related fields|
|Licensure and/or Certification||IT security certification such as CISSP|
|Experience||5-10 years of experience|
|Key Skills||IT support skills; familiar with Unix/Windows, monitoring, and securities systems infrastructure SPAM control, IDS analysis, Microsoft Office suite, network operating systems, SQL, LAN, Cisco, laptop and email encryption, ability to identify phishing attempts, and efficiency in detecting computer viruses; knowledge of audit functions, computer lab systems, and security compliance|
|Salary (2015)||$90,120 per year (Median salary for information security analysts)|
Source: U.S. Bureau of Labor Statistics
A bachelor's degree in a field such as computer science, software engineering, systems engineering or information systems is commonly required to work in this career. Some positions require IT certification and up to 5-10 years of experience as well. Those interested in becoming an ISSE should have a few key skills as well. These might include IT support skills, familiarity with Unix/Windows, knowledge of securities systems infrastructure, network operating systems, SQL, LAN, Cisco and laptop and email encryption, and an ability to identify phishing attempts. According to the U.S. Bureau of Labor Statistics, information security analysts made a median annual salary of $90,120 in 2015. Now let's go into more detail on each of the steps necessary to find a career in this field.
Earn an IS-Related Bachelor's Degree
Employers prefer candidates with at least a bachelor's degree in information systems (IS), information technology (IT), computer programming, applied mathematics, engineering or a computer-related field. Future ISSEs should consider programs that deal specifically with information systems security. Students in these programs explore hacker software, network security, computer forensics, cryptography, ethical considerations, program testing, applied mathematics and information system maintenance.
Aspiring ISSEs should consider getting a master's degree. These programs may be online or classroom-based, and they usually offer a Master of Science degree in a field related to information systems. Students will learn about designing, researching and maintaining secure systems.
According to the U.S. Bureau of Labor Statistics, information systems security professionals are projected to see job growth of 18% from 2014-2024. Jobs will be created in industries like health care. Information systems professionals are in demand because of increased cyber-attacks. Employers may prefer to hire applicants with adequate work experience, training and certification.
ISSEs can develop their skills through work experience and continuing education. Work experience can be gained by seeking entry-level positions under the supervision of a senior engineer. Entry-level ISSEs will learn about risk management and program testing associated with information systems.
Many schools have career services departments which actively look for suitable positions for their graduates. Students should start getting in touch with the career services counselors to get a head-start in acquiring an information systems security engineer position.
Continuing education is also essential in this field to ensure success. As information systems evolve, practicing ISSEs must remain up-to-date on new security threats and defensive measures. Attending seminars and courses is a common way for ISSEs to keep their knowledge current, and this type of continuing education may be required by employers.
Earn CISSP Certification
ISSEs wishing to increase their chances of career advancement should obtain the CISSP credential through the International Information Systems Security Certification Consortium. Practicing ISSEs must have at least five years of work experience and pass a background check to take the CISSP examination. CISSPs must recertify every three years and meet continuing education requirements. ISSE's should regularly check for changes or revisions in CISSP certification requirements.
Join a Networking/Professional Group
Professionals who are new in the field or seeking to advance their careers should consider joining networking organizations for up-to-date information of the industry, support, published articles and job openings. Individuals may find a source of items like continuing education, professional certifications and advancement opportunities.
ISSEs can also join ISSA, which stands for Information Systems Security Association, and is a specific networking organization for information systems security engineers. ISSA members can benefit from connecting with other cyber-security professionals. They can join the local chapters to start networking, inquire about supplemental education, get pointers on how to advance their careers, and join conferences and seminars.
The world of technology is a fast-paced one. Unfortunately, many cyber criminals are also fast-paced and well in-tuned with today's technology. This is why information systems security professionals should consider subscribing to publications dedicated to their industry. Employers are likely to have these publications in the office. ISSEs can ask their supervisors or senior ISSEs for suggestions on which publications are worth investing in.
In summary, aspiring information systems security engineers (ISSEs) should earn a degree in an IT-related field, gain work experience under the supervision of experienced engineers, earn professional certification and stay up to date on changes in the field through professional and networking organizations.