In this video, Marc Menninger describes key roles and functions performed by IT security engineers. Discover which skills and certifications IT security engineers are expected to have. Learn how many years of experience and other requirements you'll need to qualify for this high-demand IT security job.
- [Marc] IT Security Engineers are technical experts who build security systems and tackle complex security problems. They are the ones who install, configure, and troubleshoot firewalls, intrusion prevention systems, and other security infrastructure. IT Security Engineers also develop new technical solutions and security tools to solve existing production security issues. In addition to IT Security Engineer, common job title include Network Security Engineer, Information Assurance Engineer, Information Security Engineer, and Information Systems Security Engineer.
IT Security Engineers are expected to have very strong technical skills. This usually isn't a problem for engineers because most are so passionate about IT and security technology that they consider it fun and like to play with home networks in their spare time. Security engineers will need to know a wide range of technologies and processes. Depending on the role, you may be expected to know how to utilize IDS/IPS, firewalls, ethical hacking, anti-malware, DNS, encryption technologies and standards, VoIP, application security, and network routing methods.
Windows, Unix, or Linux operating system administration skills are also frequently desired by employers. Depending on the nature of the job, IT Security Engineers may also need to know secure coding practices. A firm understanding of Identity and Access Management principles and virtualization technologies are also skills that often appear in IT Security Engineering job listings. Because IT Security Engineers often develop scripts to handle and track instance and automate repeatable tasks, scripting skills and experience with scripting languages such as Python, Perl, and Windows PowerShell may be required.
IT Security Engineers will also investigate intrusion incidents and conduct forensic investigations and lead incident responses, so prior experience with incident response would be beneficial. IT Security Engineer jobs won't be entry level positions. These job postings typically require at least five years of experience in the IT field with at least three years of experience in IT Security. Almost every engineer role will require a Bachelor's Degree in a related field. This means an IT field such as Computer Information Systems degree.
Other technical degrees may also be accepted. You'll also need to demonstrate extensive hands-on experience with security and networking technologies as well as at least one major network operating system, either Windows, Unix, or Linux. Frequently desired certifications for IT Security Engineers include CEH, GIAC certifications, GSEC, GCIH, GCIA, CCNP Security, and CISSP. If you have a passion for IT and security technologies and love to learn new systems inside and out, IT Security Engineer may be a great fit for you.
Marc closes with a few pieces of career advice specific to the world of information security, which will help you succeed in this dynamic and high-demand industry.
- IT security key concepts
- Understanding the job marketplace (government vs. healthcare, etc.)
- IT security success traits
- Career specializations
- IT security certifications
- Getting experience
- Marketing yourself