How do I get started in IT security?

The question: How do I get started in IT security?

After graduating in computer science earlier this year, I have been working in desktop support and doing minor project work. I would like to move into security and possibly get certified as an MCSA. What is the best way to do this?

The solution: Make sure to choose a specialism

It is not uncommon for security professionals to come from a support background. The key is to determine what part of security interests you, as there are a number of different areas within IT security.

Prospective employers in many of these areas are keen to take on junior candidates to train and develop. Areas that you should look at include governance, legislation, technical security (including administration, design, penetration testing and network security), pre-sales and consultancy.

It would also be worth gaining a security qualification. The BCS ISEB information security principles course explains the fundamentals and would be a good starting point, helping you establish where your strengths lie and what area of security suits you best.

It would also be worth looking internally at how your current company operates. Consider how your company manages security. If there is a dedicated security person within your company, ask questions about their role and gain an understanding of what they do and the experience they may have.

Another qualification that is looked upon favourably by employers is an MSc in information security. This is something you should consider as it can normally be completed within a year.

Solution by Deepak Mehra, senior consultant at Hudson

The panel: Hudson, No Limits Coaching, The Training Camp, Wreay Group