Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Career Coach

Dear Alert:

One of the most promising IT career paths is in information security, thanks to new regulations that require organizations to secure and audit their data. According to the U.S. Department of Labor, by 2010 there will be a need for 10,000 additional trained information-assurance professionals, who will be responsible for maintaining the confidentiality, integrity and availability of company data.

Fortunately, Frederick Gallegos, a professor of CIS auditing, security and control at California State Polytechnic University, says there are many options for professional development in information audit, control and security, including certification programs hosted by vendors, professional associations and government organizations. Many vendors, including Cisco Systems, Guardian, Microsoft, Oracle, SAP and Symantec, offer certifications in the security features of their own products, while certifications from professional associations--the SANS Institute's GIAC (Global Information Assurance Certification), for instance--cover a broad range of skills for network-security analysts and security-support functions.

Other top professional certs include CFE (Certified Fraud Examiner), CISSP (Certified Information Systems Security Professional), SSCP (Systems Security Certified Practitioner), CISA (Certified Information Systems Auditor) and CISM (Certified Information Security Manager). CISM--offered by ISACA (Information Systems Audit and Control Association)--is ideal for those with the potential to see the big picture as well as manage day-to-day security operations.

Finally, if you want to work for a federal agency, you'll need some additional credentials, mandated by the federal government and sponsored by the NSA (National Security Agency). The NIETP (National InfoSec Education and Training Program), for instance, supports the CNSS (Committee on National Security Systems), ensuring that personnel in federal departments and agencies are trained to safeguard information resources. NIETP programs include:

  • 1