How to Become a Cyber Security Specialist in California
Education and Training
Cybersecurity specialists will need a minimum of a bachelor’s degree in computer science or related field. As cybersecurity continues to develop as a career choice, many schools are responding by building cybersecurity programs to prepare students for this work. In time, these programs may become the traditional route for entry into this job.
As the field grows in popularity, many employers prefer those candidates that possess a master’s degree in a computer-related field or a Master of Business Administration (MBA) in Information Systems. Programs offering an MBA in Information Systems typically require two years of full time study (four years part time) and include both business and computer related coursework.
Career Overview
Cyber Security Specialists plan and perform those duties necessary to ensure that the company’s network and systems are protected from viral attacks. Their role is always growing as the number and severity of cyber attacks increase in number.
Typical duties of cybersecurity specialist include
- Maintain awareness of the latest trends in information technology security
- Monitor their company’s networks for any security breaches and investigate a breach which does occur to trace its source
- Plan and implement the company’s procedures to effectively handle security breaches
- Develop Cybersecurity policies and standards, and best practices on behalf of their company
- Install software, such as firewalls and data encryption programs to protect confidential and sensitive information stored on the company’s networks
- Research and recommend security upgrades to senior IT management
- Assist computer users to install new security products and procedures.
Cybersecurity specialists must continually be one step ahead of hackers. They must be current with regard to the latest methods attackers are using to compromise computer systems, networks and IT security. Analysts need to research the most current security technology and deicide which will be best for their company. Research can include reading trade journals or attending conferences to gain first-hand knowledge of new types of attacks and the technology developed to address them.
Cybersecurity specialists create and implement a disaster recovery plan that all employees will follow in the event of an attack. The recovery plan allows the IT department to continue functioning in the midst of a computer attack. The plan includes such preventative measures as copying and transferring data to another location and restoring IT functioning after an attack. Analysts continually test the steps in the recovery plans for effectiveness.
Most cybersecurity specialists work with the company’s Chief Information Officer (CIO) to design and implement recovery systems.
Certification
In addition to academic degrees, security-related certifications are fast becoming a prerequisite for most business-based cybersecurity jobs and all government related IT security jobs. The two most popular certifications are the basic CompTIA Security+ Certification and the best of the best – ISC2’s Certified Information Systems Security Professional (CISSP)
CISSP Certification
As per ISC2, CISSP® certification is a globally recognized standard of achievement that confirms an individual’s knowledge in the field of information security. It was the first certification in the field of information security to meet the stringent requirements of ISO/IEC Standard 17024.
From the Web site of the ISO:
The ISO/IEC 17024 (International Organization for Standards) International/Electrotechnical Commission) standard will help organizations that certify individuals in a variety of occupations and professions protect the integrity and ensure the validity of individual certification programs. It will also promote consumer and public confidence in the capabilities and competence of the people who provide specialized services or who create the products that support our daily lives and livelihoods.
Students may receive CISSP certification in one of three specializations:
Official (ISC)2 ® CISSP® CBK® (Common Body of Knowledge) Training Seminar:
This official training seminar is the most comprehensive, complete review of information systems security concepts and industry best practices, and the only training course endorsed by (ISC)2
The seminar will help participants to review and refresh their knowledge of the domains and sub-domains of the CISSP CBK and includes:
•100% up-to-date material
• An overview of the information security field
• Contributions from CISSPs, (ISC)2
• Post-Seminar Self-Assessment
Authorized Instructors and subject matter experts
The Official CISSP CBK Training Seminar is offered in the following formats:
• Classroom Delivered in a multi-day, classroom setting. Course material focuses on covering the ten CISSP domains. Available throughout the world at (ISC)2 facilities and (ISC)2
Official Training Providers.
• Private On-site. Host your own Training Seminar on- or off-site. Available for larger groups, this option often saves employee travel time and expense. Group pricing is also available to organizations with 15 or more employees planning to sit for the exam.
• Live OnLine. Educate yourself from the convenience of your computer. Live OnLine brings you the same award winning course content as the classroom based or private on-site seminars and the benefit of an (ISC)2 Authorized Instructor
CISSP Exam
Passing a concentration examination demonstrates proven capabilities and subject-matter expertise beyond that required for the CISSP credential.
The CISSP exam assesses a candidate’s competence in ten CISSP domains (see below) of the ISC’s common body of knowledge (CBK) which cover such essential topics as security today; including risk management, cloud computing, mobile security, application development security and more.
Candidates must have a minimum of five years of experience in two of the ten domains. This vast breadth of knowledge and the experience it takes to pass the exam is what sets the CISSP apart.
The CISSP exam is based on the following ten domains:
- Access Control
- Telecommunications and Network Security
- Information Security Governance and Risk Management
- Software Development Security
- Cryptography
- Security Architecture and Design
- Operations Security
- Business Continuity and Disaster Recovery Planning
- Legal, Regulations, Investigations and Compliance
- Physical (Environmental) Security
To register for the exam visit http://www.pearsonvue.com/isc2/
CISSPs often obtain the following jobs:
Security Consultant
Security Manager
IT Manager
Security Auditor
Security Analyst
Security Systems Engineer Director of Security
Chief Information Security Officer I
CompTIA A+ Certification
From the Web site of CompTIA, there are two exams you must pass to receive certification:
- CompTIA A+ 220-801 covers the fundamentals of computer technology, installation and configuration of PCs, laptops and related hardware, and basic networking.
- CompTIA A+ 220-802 covers the skills required to install and configure PC operating systems, as well as configuring common features (e.g. network connectivity and email) for mobile operating systems Android and Apple iOS.
Quality training providers have been reviewed and approved by CompTIA through the CompTIA Authorized Partner Program (CAPP) to provide the best instructor-led exam preparation experience possible. This link can also help you to locate a training provider near you.
To register for the CompTIA exam visit Pearson VUE to locate a testing center near you.
Jobs you can get with CompTIA A+ certification:
Systems Administrator
Information Technology Manager
Network Administrator
Computer Support Technician
Information Technology Specialist
As noted above, you will need 5 year experience to sit for the CISSP. In light of this it may be a good idea to first obtain, CompTIA A+ certification and work in one of the jobs listed above for this period of time and then apply for the CISSP. You may be eligible for tuition reimbursement by your company if you can commit to staying with the company for another year or so.