
Breaking into Information Security
Crafting a Custom Career Path to Get the Job You Really Want
- 1st Edition - December 19, 2015
- Imprint: Syngress
- Authors: Josh More, Anthony J. Stieber, Chris Liu
- Language: English
- Paperback ISBN:9 7 8 - 0 - 1 2 - 8 0 0 7 8 3 - 9
- eBook ISBN:9 7 8 - 0 - 1 2 - 8 0 0 9 8 9 - 5
Whether you want to break into information security, move from one job to another, or transition into management, Breaking into Information Security will help. No other book surv… Read more
Purchase options

Whether you want to break into information security, move from one job to another, or transition into management, Breaking into Information Security will help. No other book surveys all the different jobs available in the industry, frankly discusses the positives and negatives of each, and what you need to learn to get into and out of each role.
Unlike books that focus on a specific skill set or on how to gain a certification or get a job, this book encompasses the "big picture," including why certifications, if any, are worthwhile for you. In a profession where new career paths aren’t always clear, Breaking into Information Security will teach you how to identify where you are in your career today, understand where you wish to go, and provide proven methods to get there.
From entry-level jobs to the extremely specific skills needed to be an InfoSec consultant, this book covers it all, including in-job skill building, working within the community, and building your skills after hours. If you are seeking to advance in the highly competitive field of information security, this book will give you the edge you need to break in.
- The most practical guide to starting your career in information security, or advancing to the next level
- Presented in a “level-up” gaming framework for career progression, with a “Learn, Do, Teach” approach through three tiers of InfoSec jobs
- Provides examples of specific roles and career paths in each job tier so you can identify and max out skills for the role you want
- Learn how to advance to management and training roles, as well as the specific skills you need to become an independent consultant
- Find out about career "booster paths" to help you advance your career at high speed
- Author Biographies
- Acknowledgments
- Chapter 0.1: Introduction
- Abstract
- Introduction
- Who Should Read This Book
- How to Read This Book
- Notes from the Authors
- Chapter 0.2: Models
- Abstract
- Models
- Learn/Do/Teach
- Information Security Models
- Job Requirements
- Striking a Balance
- Chapter 0.3: Model Failures
- Abstract
- Barriers
- Human Resources
- Corporate Culture
- Chapter 1.0: Tier 1—Learn
- Abstract
- Learn/Do/Teach
- Why Learning Matters
- How to Learn
- Breaking Down to Break in
- Chapter 1.1: Tier 1—Log Reviewer
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Critical Warnings
- Chapter 1.2: Tier 1—Patch Management
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Critical Warnings
- Chapter 1.3: Tier 1—Help Desk
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Chapter 1.3.1: Tier 1—Help Desk—Story
- Jim Chan
- Chapter 1.4: Tier 1—Coder/Developer
- Abstract
- Introduction
- How to Break in—Preliminaries
- How to Break in—Beyond the Basics
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Critical Warnings
- Chapter 1.5: Tier 1—System Administrator
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Critical Warnings
- Chapter 1.5.1: Tier 1— System Administrator Story
- Alan Waggoner
- Chapter 1.6: Tier 1—Network Administrator
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Critical Warnings
- Chapter 1.6.1: Tier 1—Network Administrator
- David Henning
- Chapter 1.7: Tier 1—Security Coordinator
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Chapter 1.8: Tier 1—Trainer-Educator
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Chapter 1.8.1: Tier 1—Trainer-Educator
- Stephen Northcutt
- Chapter 1.9: Tier 1—Quality Tester
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Chapter 1.9.1: Tier 1—Quality Tester Story
- Mak Kolybabi
- Chapter 1.a: Tier 1—Subject Matter Specialist
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Chapter 2.0: Tier 2.0—Do
- Abstract
- Doing
- Test-Driven Development/Sprinting
- Information Security and Silos
- Other Career Paths
- Booster Paths
- How to Do
- Working with Others
- Making Mistakes Matters
- Chapter 2.1: Tier 2—Pen Tester
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Chapter 2.2: Tier 2—Vulnerability Management
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Chapter 2.3: Tier 2—Security Assessor
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Chapter 2.4: Tier 2—Risk Assessor
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Chapter 2.5: Tier 2—Auditor
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Chapter 2.6: Tier 2—Incident Responder
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Chapter 2.6.1: Tier 2—Incident Responder—Story
- John Meyers
- Chapter 2.7: Tier 2—Wildcard
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Chapter 2.7.1: Tier 2—Wildcard—Story
- Travis Abrams
- Chapter 2.8: Tier 2—Advanced Help Desk—Help Desk Supervisor
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Critical Warnings
- Chapter 2.9: Tier 2—Security Facilitator
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Chapter 2.9.1: Tier 2—Security Facilitator—Story
- Jimmy Vo
- Chapter 2.a: Tier 2—Policy Administrator
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Chapter 2.b: Tier 2—Trainer-Educator
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Chapter 2.c: Tier 2—Quality Assurance
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Chapter 2.d: Tier 2—Subject Matter Expert
- Abstract
- Introduction
- How to Break in
- How to Improve Your skills
- Recognizing When You’re Stuck
- How to Get out
- Chapter 2.d.1: Tier 2—Subject Matter Expert—Story
- Michael Huber
- Chapter 2.e: Tier 2—Lateral: Physical Security
- Abstract
- Introduction—How This Applies
- What Skills This Gives You
- What Skills You Might Still Need
- How to Frame Your Skills
- Differences between Where You are and Information Security
- Chapter 2.f: Tier 2—Lateral: Military
- Abstract
- Introduction—How This Applies
- What Skills This Gives You
- What Skills You Might Still Need
- How to Frame Your Skills
- Differences between Where You are and Information Security
- Chapter 2.g: Tier 2—Lateral: Law Enforcement
- Abstract
- Introduction—How This Applies
- What Skills This Gives You
- What Skills You Might Still Need
- How to Frame Your Skills
- Differences between Where You are and Information Security
- Chapter 2.g.1: Tier 2—Lateral: Law Enforcement—Story
- Joshua Marpet
- Chapter 2.h: Tier 2—Lateral: Legal—Lawyers
- Abstract
- Introduction—How This Applies
- What Skills This Gives You
- What Skills You Might Still Need
- How to Frame Your Skills
- Differences between Where You are and Information Security
- Chapter 2.i: Tier 2—Lateral: Sales
- Abstract
- Introduction—How This Applies
- What Skills This Gives You
- What Skills You Might Still Need
- How to Frame Your Skills
- Differences between Where You are and Information Security
- Chapter 2.j: Tier 2—Lateral: Project Management
- Abstract
- Introduction—How This Applies
- What Skills This Gives You
- What Skills You Might Still Need
- How to Frame Your Skills
- Differences between Where You are and Information Security
- Chapter 2.k: Tier 2—Lateral: Non-IT Engineering—Architecture—Science
- Abstract
- Introduction—How This Applies
- What Skills This Gives You
- What Skills You Might Still Need
- How to Frame Your Skills
- Differences between Where You are and Information Security
- Chapter 2.l: Tier 2—Lateral: Accounting
- Abstract
- Introduction—How This Applies
- What Skills This Gives You
- What Skills You Might Still Need
- How to Frame Your Skills
- Differences between Where You are and Information Security
- Chapter 2.m: Tier 2—Lateral: Business Analyst
- Abstract
- Introduction—How This Applies
- What Skills This Gives You
- What Skills You Might Still Need
- How to Frame Your Skills
- Differences between Where You are and Information Security
- Chapter 3.0: Tier 3—Teach
- Abstract
- Why Teaching Matters
- Short-Term Teaching
- Long-Term Teaching
- Mentoring
- Chapter 3.1: Tier 3—Pen Test Lead
- Abstract
- Introduction
- How to Break in
- How to Improve Skills—Yours and Others
- Recognizing When You’re Stuck
- Role at a Glance—Penetration Testing Lead
- Chapter 3.2: Tier 3—Security Architect
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Critical Warnings
- Chapter 3.3: Tier 3—Lead Auditor
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Chapter 3.4: Tier 3—Lead Security-Risk Assessor
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Recognizing When You’re Stuck
- How to Get out
- Chapter 3.5: Tier 3—Tiger Team Member—Tiger Team Lead (Red Team)
- Abstract
- Introduction
- How to Break in
- Recognizing When You’re Stuck
- When Others are Stuck
- Chapter 3.6: Tier 3—Security Consultant
- Abstract
- Introduction
- How to Break in
- How to Improve Skills—Yours and Others
- Recognizing When You’re Stuck
- When Others are Stuck
- Rules of Thumb
- Chapter 3.7: Tier 3—Security Management (CSO, CISO, CPO)
- Abstract
- Introduction
- How to Break in
- How to Improve Skills—Yours and Others
- Recognizing When You’re Stuck
- Rules of Thumb
- Chapter 3.8: Tier 3—Lateral: CPA
- Abstract
- Introduction
- How to Break in
- How to Break out
- Dealing with Differences
- Chapter 3.a: Tier 3—Lateral: General Management
- Abstract
- Introduction
- How to Break in
- How to Break out
- Dealing with Differences
- Chapter 3.b: Tier 3—Lateral: Technical Architect
- Abstract
- Introduction
- How to Break in
- How to Improve Your Skills
- Critical Warnings
- Chapter 3.c: Tier 3—Lateral: Entrepreneur
- Abstract
- Introduction
- How to Break in
- Chapter 3.c.1: Tier 3—Lateral: Entrepreneur—Story
- Greg Sullivan
- Chapter 3.d: Tier 3—Lateral: Academia
- Abstract
- Introduction—How This Applies
- What Skills This Gives You
- What Skills You Might Still Need
- How to Frame Your Skills
- Differences between Where You are and Information Security
- Chapter 4.0: Boosting
- Abstract
- Introduction
- Separate Cycles
- Explorations
- Disadvantages of Boosting
- Chapter 4.1: Boosting—Author (Blogs, Magazines, Books)
- Abstract
- Introduction—What This Is
- Why You Might Want to Devote Time to This
- How This Might Cost You
- How to Get Started
- When You Might Want to Stop
- What Skills This Gives You
- What Skills You Might Still Need
- Chapter 4.2: Boosting—Developer (Open Source)
- Abstract
- Introduction—What This Is
- Why You Might Want to Devote Time to This
- How This Might Cost You
- How to Get Started
- When You Might Want to Stop
- What Skills This Gives You
- What Skills You Might Still Need
- Chapter 4.3: Boosting—Developer/Entrepreneur (Closed or Open Source)
- Abstract
- Introduction—What This Is
- Why You Might Want to Devote Time to This
- How This Might Cost You
- How to Get Started
- What Skills This Gives You
- What Skills You Might Still Need
- Chapter 4.4: Boosting—Evangelist (Security, Privacy)
- Abstract
- Introduction—What This Is
- Why You Might Want to Devote Time to This
- How This Might Cost You
- How to Get Started
- When You Might Want to Stop
- What Skills This Gives You
- What Skills You Might Still Need
- Chapter 4.5: Boosting—Researcher (Security, Vulnerability, Etc.)
- Abstract
- Introduction—What This Is
- Why You Might Want to Devote Time to This
- How This Might Cost You
- How to Get Started
- When You Might Want to Stop
- What Skills This Gives You
- What Skills You Might Still Need
- Chapter 4.6: Boosting—Speaker (Local Events, Podcasts, Webcasts, Etc.)
- Abstract
- Introduction—What This Is
- Why You Might Want to Devote Time to This
- How This Might Cost You
- How to Get Started
- When You Might Want to Stop
- What Skills This Gives You
- What Skills You Might Still Need
- Chapter 4.7: Community Support (Documentation, Bug Prioritization, Project Management)
- Abstract
- Introduction—What This Is
- Why You Might Want to Devote Time to This
- How This Might Cost You
- How to Get Started
- When You Might Want to Stop
- What Skills This Gives You
- What Skills You Might Still Need
- Chapter 4.8: Conference Support (Founding, Attending, Volunteering, Running, Leading)
- Abstract
- Introduction—What This Is
- Why You Might Want to Devote Time to This
- How This Might Cost You
- How to Get Started
- When You Might Want To Stop
- What Skills This Gives You
- What Skills You Might Still Need
- Chapter 4.9: User Group Support (Founding, Attending, Volunteering, Running, Leading)
- Abstract
- Introduction
- Why You Might Want to Devote Time to This
- How This Might Cost You
- How to Get Started
- When You Might Want To Stop
- What Skills This Gives You
- What Skills You Might Still Need
- Conclusion
- Appendix
- Subject Index
- Congratulations
- Edition: 1
- Published: December 19, 2015
- Imprint: Syngress
- Language: English
JM
Josh More
AS
Anthony J. Stieber
CL