Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-IDS
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: what is required for an engineer to become an SECURITY engineer

from [Jose Maria Lopez] Network Security [Permanent Link]
Subject: Re: what is required for an engineer to become an SECURITY engineer
Date: 28 Dec 2004 23:42:54 +0100 
El jue, 23 de 12 de 2004 a las 07:42, Ravi Kumar escribiÃ:

Hi,
  I was asked to prepare syllabus for security management,incident
handling,forensics analysis, intrusion detection etc., Th intention is
train an engineer to become a SECURITY engineer.

   we know there are several certifications which are designed for this
purpose. I want from you with your security experience tell us what
should an BASIC course for security really requires.

  If industry wants to recruit an engineer for its security needs what
type of experience they look for?

Note: Please dont relate my question with any certifications and be generic.

Thanks for any help,
-Ravi


This is probably the most complicated question ever sent to this
list. I'll explain why I think so.

A security engineer should have a *very* *very* wide of tech
knowledge. He should be able to understand, configure and monitor
the hardware of the networks. He must know almost everything about
the operating systems that he wants to secure. He must be aware of
the dangers of Physical Security Threats and Social Engineering. He
must know the most important Opensource and Comercial tools to
secure systems. He must know how to treat with Incidents. He must
know about Forensics. I could follow ad infinitum.

But believe me. The most important thing about a security engineer
it's the personal abilities. Knowledge can be adquired with time
and courses, but the personal abilities are inherent to the person
and it's very difficult to adquire new ones.

So the first thing you must do it's to select the right person,
even if it's not the one that has the more complete knowledge
in the field. And the second thing more important for me it's
experience. The security field it's always changing and the
threats can be of many kinds, it's very important to have a
background of managing threats to face the new ones. So you
should select also a person with experience.


-- 
Jose Maria Lopez Hernandez
Director Tecnico de bgSEC
jkerouac@bgsec.com
bgSEC Seguridad y Consultoria de Sistemas Informaticos
http://www.bgsec.com
ESPAÃA

The only people for me are the mad ones -- the ones who are mad to live,
mad to talk, mad to be saved, desirous of everything at the same time,
the ones who never yawn or say a commonplace thing, but burn, burn, burn
like fabulous yellow Roman candles.
                -- Jack Kerouac, "On the Road"


--------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from 
CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
--------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: newbie quetsions, Dave Aitel
Next by Date:  RE: [in] what is required for an engineer to become an SECURITY engineer, skill2die4
Previous by Thread:  RE: [in] what is required for an engineer to become an SECURITY engineer, skill2die4
Next by Thread:  Re: what is required for an engineer to become an SECURITY engineer, Richard Bejtlich
Indexes:  [Date] [Thread] [Top] [All Lists]