Category Archives: Jobs
Excellent interview over at “Krebs on Security” with security rock star, Christian Schneier.
First, know that there are many subspecialties in computer security. You can be an expert in keeping systems from being hacked, or in creating unhackable software. You can be an expert in finding security problems in software, or in networks. You can be an expert in viruses, or policies, or cryptography. There are many, many opportunities for many different skill sets. You don’t have to be a coder to be a security expert.
In general, though, I have three pieces of advice to anyone who wants to learn computer security:
Read the entire interview: How to Break Into Security, Schneier Edition — Krebs on Security.
Great series starting over at Krebs on Security on how to get into the field.
At least once a month, sometimes more, readers write in to ask how they can break into the field of computer security. Some of the emails are from people in jobs that have nothing to do with security, but who are fascinated enough by the field to contemplate a career change. Others are already in an information technology position but are itching to segue into security. I always respond with my own set of stock answers, but each time I do this, I can’t help but feel my advice is incomplete, or at least not terribly well-rounded.
I decided to ask some of the brightest minds in the security industry today what advice they’d give. Almost everyone I asked said they, too, frequently get asked the very same question, but each had surprisingly different takes on the subject. Today is the first installment in a series of responses to this question. When the last of the advice columns have run, I’ll create an archive of them all that will be anchored somewhere prominently on the home page. That way, the next time someone asks how they can break into security, I’ll have more to offer than just my admittedly narrow perspectives on the matter.
Read the whole interview: How to Break Into Security, Ptacek Edition — Krebs on Security.
- Small businesses sitting ducks for hackers (charlotteobserver.com)
- Learning from History – The Importance of IT Security (blogs.gartner.com)
- Thomas Ptacek Interview – Episode 292 (pauldotcom.com)
General Dynamics Information Technology (IT) Staffing Lead Robert Cellich, based in Tampa, Fla., seeks qualified individuals to fill on average 300 positions a year to support General Dynamics IT’s military services sector. But what constitutes a candidate as “qualified”? The right combination of hard and soft skills, credentials and attitude.
Roughly nine out of 10 jobs that Cellich fills require security clearances, a determination by the United States government that a person or company is eligible for access to classified information. “Cleared individuals aren’t hard to find,” he says. “What’s difficult to find is a cleared individual who has the right qualifications for the position.”
“I’m looking for individuals who have polished hard and soft skills,” he says.
For ‘hard skills,’ Cellich looks for demonstrated, hands-on proficiency in the technical areas the job he is seeking to fill. When considering a candidate for a higher level role, he scrutinizes the positions listed in the candidate’s resume—the type of position, the type of company, and length of tenure—to see if the person has relevant, quality experience.
“I’m not going to hire somebody for a senior role who has only a year or two of experience because they’re just not ready for that type of role yet,” Cellich says. When filling a system administrator position, for example, Cellich will prefer candidates who have performed that role. “Whereas the person who has been in a help desk role for 10 years—whose resume shows no discernable system administration experience, lacks steps taken to grow into system administration, fails to demonstrate an effort to get their MCSA (Microsoft Certified Systems Administrator certification)—is still at the help desk level and is unlikely to be prepared for system administration.”
Training and certifications can be huge, especially if a candidate lacks experience.
IT-related training, certifications and degrees can help candidates with less experience. For Cellich, an IT certification gives the candidate credibility by demonstrating that the individual has the capacity and the motivation to learn the trade. “Our customers often want individuals with certifications, because it shows that the person has the capability of doing a specific type of work.”
Cellich has one caveat: “Don’t just go and take the training and not get the certification. It’s almost a negative, because my first question will always be ‘Why didn’t you get the certification?’”
Entry level candidates with an IT certification can still have difficulty obtaining full-time IT work experience in a tough economy, and Cellich recommends that IT job hunters volunteer or obtain a part-time position working with IT as an alternative. “Anything you can put down on resume shows that you have used some of the things you have learned will put you a step ahead of the person who hasn’t done that.”
It’s highly likely that the way General Dynamics defines “qualified” is the way many companies do. So be sure to stay-up-to-date on skills and knowledge. At the same time utilize various avenues to gain experience if you don’t have it.
Head over to the source for some tips on that resume.
- A Test And MCSA Certifications “The Simplest Way To Gear Up To Be Licensed? (pctechmojo.com)
- Role of certifications in IT industry (thoughtlessthoughtsofdilliwalas.wordpress.com)
- Best Paying IT Security Jobs In 2012 (informationweek.com)
So you’ve applied for that IT job and you’ve made it to the interview stage. Here are some tips from Venture Loop CEO Jeremy McCarthy on how to make it a successful interview.
Regardless of how you view this prospective opportunity, always do your best in the interview for you never know where it may lead you. Some of his other suggested tips:
1) Research: With everything literally at our fingertips today, it’s close to blasphemy to enter an interview without having searched and studied as much about the history, fact and figures of the company with whom you are interviewing as possible. Savy online searching can turn up valuable information to prove to an employer they’d be hiring an expert in their industry.
2) Review your triumphs and faults: You can almost guarantee that typical questions such as your vision for five years down the road, strengths, weaknesses, tough work situations and best type of person to work for will be asked, so why not write down your answers ahead of time to review rather than spin your wheels while sitting in ‘hot seat.’
3) Behavioral question awareness: More firms rely on behavioral interviewing techniques to see how candidates answer when asked for specific examples of past professional situations. McCarthy presents some typical queries to prepare for ahead of time:
- How you handled not meeting a deadline
- How you dealt with conflict with a co-worker or boss
- What you did when someone else’s actions caused failure
- When did you show initiative
- What did you do when a customer was upset with you
- What did you do when a co-worker blamed you unfairly for something
For the rest of Mr. McCarthy’s tips check out the source.
- Strange interview questions tech companies ask revealed (zdnet.com)
- Job Search Tip: How to Eliminate Anxiety before an Interview! | Ashley Ellis (skillsinfo.wordpress.com)
Great piece over at the CompTia blog regarding the “private cloud”:
What is the “private cloud?” Well, it’s where the IT department is where the company itself provides all of the cloud-based services, but from within its own firewall. Remember when the term “Intranet” was coined to describe how IT could provide the best Internet-based services behind the firewall? Private cloud computing is basically the same sort of approach. Again, some folks think that private cloud computing is an oxymoron. Like Eric Knorr over at InfoWorld, I think the definition of the “private cloud” is a bit fuzzy, but it’s worth talking about.
The private cloud involves virtualized services offered as a service independent of any single hardware platform, usually through a Web browser. When offered privately, cloud services remain behind the firewall, and they are offered on a metered basis. This means that the IT department becomes the “X as a service” provider.
As well as skills that one should have to be an expert in the “cloud”:
If you want to become a private cloud computing expert, check out the following skills you should learn:
- Understand business issues, including the concepts of the Service Level Agreement (SLA), and chargeback. Yes, chargeback. Yeah, it’s kind of a weird word. The first time I heard it back in 1997, I thought someone was talking about some sort of new defensive lineman position for the NFL. Basically, chargeback means metering services and then charging departments, making your IT department a business within your business. This way, your IT department becomes less of a cost center and more of a revenue generator, in a sense. Pretty cool idea if you can get it to work.
- Know how to read a bill from a cloud provider, no matter which side of the firewall it comes from. From the people I’ve talked to, the numbers change pretty radically
- Learn virtualization.
- Get some consulting skills.
- Cloud computing: Gaps in the ‘cloud’ (physorg.com)
- Silicon Alley Insider: What Is Cloud Computing? (businessinsider.com)
- Shared security flaws of cloud computing (ritcyberselfdefense.wordpress.com)
Very interesting. If you are an IT contractor what are your thoughts? Would you agree?
Powered by ScribeFire.
- Confessions of a really new blogger (e1evation.com)
- Trend Watch: TechInsurance Notes Increase in Contract Requirements for E&O Insurance (prweb.com)
More proof that Linux is gaining ground?
The foundation’s Linux Jobs Board is available on Linux.com. It features two options for posting: Jobs can be posted on Linux.com only, with prices starting at $99 for 15 days, or jobs can be posted on both Linux.com and with JobThread Network, which reaches more than 50 additional publishing sites with a combined total of 9.8 million visitors per month. The Linux.com and JobThread Network option costs 49 cents per matching view.
“Linux’s increasing use across industries is building high demand for Linux jobs despite national unemployment stats,” said Jim Zemlin, executive director at the foundation, in a statement released by the foundation. “Linux.com reaches millions of Linux professionals from all over the world. By providing a jobs board feature on the popular community site, we can bring together employers, recruiters, and job seekers to lay the intellectual foundation for tomorrow’s IT industry.”
Job postings can be submitted on Linux.com.
JobThread Network, according to the foundation, has found that demand for Linux-related jobs has grown 80 percent since 2005.
Job seekers, meanwhile, can include LinkedIn details on their Linux.com profile, including resumes. They also can subscribe to the Linux.com Jobs Board RSS feed and receive e-mail alerts. Additionally, they can follow Linux-related job opportunities on Twitter. (Source: InfoWorld)
Related articles by Zemanta
- Linux Foundation: Linux job market has grown 80 percent (arstechnica.com)
- Linux skills now more employable than ever (crunchgear.com)