Home page logo

basics logo Security Basics mailing list archives

Re: Security fields
From: wgoulet () gmail com
Date: Thu, 7 Apr 2011 13:15:45 -0600

There are literally hundreds of different sites/resources/blogs covering InfoSec. SANS is a very well respected 
security training organization and frequently has columns/papers discussing infosec careers. They even have a top 20 
infosec job list: http://www.sans.org/20coolestcareers/

As someone who's been in the field for going on 6 years now, my personal perspective is that there are 2 very broad 
categories in InfoSec careers: defenders (blue team) and white hat attackers (red team). Pentesting, vulnerability 
assessments, application security assessments and the like fit into the latter category. Internal information security 
jobs such as firewall admins, security analysts, security architects, and risk management/security policy development 
and the like fit into the former category.

Broadly speaking, you will find more excitement and action in the red team space because you will typically be exposed 
to a lot of different environments especially if you become a consultant. Blue team work tends to be more constant 
where you are in charge of a single environment and are managing risk to that environment. So I suppose that one way to 
think about this decision is to think about what is more exciting to you (finding vulnerabilities/weaknesses and 
reporting them, or the satisfaction of knowing that your work is keeping your employer's network safe).

Another thought to consider is that you could also work for a company that makes infosec products (A/V vendors, IDS/IPS 
vendors, identity management vendors etc).

A final closing thought; it has been my experience that you will get more satisfaction as an infosec professional if 
you manage to find a position where your role is not considered a pure 'cost center'. Many blue team internal security 
teams tend to be understaffed/overworked/underbudgeted because infosec is not seen as a profit center for many 
organizations. Organizations which genuinely care about information security tend to invest more in infosec and will 
have better funded internal security teams. Finding such organizations tends to be rare however because infosec 
initiatives are driven mainly by compliance for many companies, and few orgs really like investing money into 
compliance initiatives. However, other organizations, especially service providers tend to be more genuinely interested 
in infosec because it can help improve their bottom line.

Personally, I'm a 'blue team' guy, but I have found the most satisfaction working for an infosec vendor. For us, 
infosec is obviously a profit center ;)

Good luck,

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.


  By Date           By Thread  

Current thread:
  • Security fields moran6891 (Apr 07)
    • <Possible follow-ups>
    • Re: Security fields wgoulet (Apr 07)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]