Want a premium salary as an ISS professional? Make sure to obtain certifications in addition to the degree.
Security service providers and other channel partners who have invested in Global Information Assurance Certification (GIAC) training for their employees or who have hired employees who already have GIAC certifications will have a little more to advertise in 2010 with the announcement last week that three of the major GIAC tracks were accredited under the ANSI/ISO/IEC 17024 Personnel Certification program.
The most recent GIAC tracks to get the check-mark from ANSI were the GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA) and GIAC Certified Forensics Analyst (GCFA) programs.
One of the most well-known incident-handling certifications in the security world, GCIH was recently ranked as the No. 1 security certification that organizations pay a salary premium for according to the IT employment analysts with Foote Partners. Those certified with GCIH have proven they know about common attack techniques and tools used to penetrate enterprises and small businesses alike. The certification attests to their knowledge about how to defend against and respond to these attacks, as well as incidents caused by both innocently inept and malicious insiders.
Unique within the security industry, GCIA is designed to show that recipients understand how to manage any Intrusion Detection System, regardless of vendor. Those who hold this certification have shown they understand the fundamentals of network protection and are able to analyze traffic patterns well enough to spot and analyze anomalies.
The third program ANSI accredited last week, GCFA, is one of the most recognized digital forensic certifications. Those bestowed with this vendor-neutral certification have proven that they understand a panoply of computer forensics tools and know the most common criminal forensic analysis techniques to complete Windows- and Linux-based investigations.
It seems security skills are not only in demand but result in greater pay.
“Unlike other technology job segments, pay and demand for security skills have risen steadily since 2007 and neither budget nor headcount has diminished in economic hard times,” wrote Foote Partners principal, David Foote. “Driving continued momentum for steady jobs investment and career safety is the ‘perfect storm’ of more regulation; constant fear of increasing threats; greater customer expectations and demands aimed at vendors; and the splitting of business/strategic risk and operational security activities, which has been accelerated by market forces.”
This demand for such skills could prove profitable for channel partners who are able to hire and retain personnel on their consulting staff in order to market to those customers who don’t have the wherewithal or resources to maintain their own cadre of full-time security experts. (Source: Channel Insider)
Will be pursuing certifications following graduation in June.
Related articles by Zemanta
- Security through diversity (cdixon.org)
- Upcoming webinar: “Cloud Security for Dummies” hosted by SIIA (aws.typepad.com)
- BBB’s Data Security – Made Simpler Initiative (pindebit.blogspot.com)
More proof that Linux is gaining ground?
The foundation’s Linux Jobs Board is available on Linux.com. It features two options for posting: Jobs can be posted on Linux.com only, with prices starting at $99 for 15 days, or jobs can be posted on both Linux.com and with JobThread Network, which reaches more than 50 additional publishing sites with a combined total of 9.8 million visitors per month. The Linux.com and JobThread Network option costs 49 cents per matching view.
“Linux’s increasing use across industries is building high demand for Linux jobs despite national unemployment stats,” said Jim Zemlin, executive director at the foundation, in a statement released by the foundation. “Linux.com reaches millions of Linux professionals from all over the world. By providing a jobs board feature on the popular community site, we can bring together employers, recruiters, and job seekers to lay the intellectual foundation for tomorrow’s IT industry.”
Job postings can be submitted on Linux.com.
JobThread Network, according to the foundation, has found that demand for Linux-related jobs has grown 80 percent since 2005.
Job seekers, meanwhile, can include LinkedIn details on their Linux.com profile, including resumes. They also can subscribe to the Linux.com Jobs Board RSS feed and receive e-mail alerts. Additionally, they can follow Linux-related job opportunities on Twitter. (Source: InfoWorld)
Related articles by Zemanta
- Linux Foundation: Linux job market has grown 80 percent (arstechnica.com)
- Linux skills now more employable than ever (crunchgear.com)
Here’s one to make you smile. An underground malware and hacking forum got a taste of its own medicine when it was itself hacked by a digital vigilante.
A post from F-Secure says the underground pakbugs.com forum drew malicious hackers who bought and sold malware, stolen credit card numbers and the like. That is, until someone going by “Catch Them” broke into the site and gathered the full list of registered users, including their forum passwords and e-mail addresses, which the vigilante then posted to the Full Disclosure security mailing list. The F-Secure post includes screen shots of the pakbugs site and the users list.
F-Secure says the site has been going up and down since the event, and it’s not responding when I check it (from a Linux test machine, probably not a good idea to visit underground hacking sites using your Windows desktop). Let’s hope the site stays down. (Source: Tables turned on hacker site – CIO.com)
Related articles by Zemanta
- Botnet of Linux Servers with Dynamic IP Discovered (slumpedoverkeyboarddead.com)
- New York Times Latest Victim of Malware Ad Injections (mashable.com)
- Hackers claim T-mobile data breach, with info available to the highest bidder (inquisitr.com)
- The Death of Patrick Swayze Exploited by Criminals (lockergnome.com)
- Zee.: WordPress Exploit Allows Admin Password Reset (thenextweb.com)
Snort Users Webinar – June 12, 2009
Speaker: Nick Moore, Sourcefire Security Engineer
Title: Installing Snort 2.8.4 on Fedora Core 10
Abstract: In this edition of the Snort Users Webinar Series Nick Moore a Security Engineer with Sourcefire will discuss installing Snort 2.8.4 on Fedora Core 10. Nick’s presentation will cover a basic Snort/Base installation on a VMWare install of FC 10 with:
* Date: June 12, 2009
* Time: 12:00pm EDT
* Event Registration: https://sourcefireevents.webex.com/sourcefireevents/onstage/g.php?d=663567514&t=a
As always the Webinar will be recorded and made available on Snort.org.
We hope you can join us.
(Source: Snort Users Webinar)