Building a Life and Career in Security
By Jay Schulman
5/5
()
About this ebook
As I’ve looked at my own path and helped others along their journey, there is a framework for success in information security.
My goal in writing this book is give you the confidence to grow your own career in information security. I’ve analyzed my career and the careers of others to design a plan to build a successful career in information security.
My focus is on how you can use the content you know along with broadening your knowledge to give you an advantage in getting a promotion or moving to a new opportunity.
In the short term, this book can be your mentor to guiding your career. As you will read in the chapters in this book, I encourage you to get your own mentor to help you on a day-to-day basis with the unique problems you may face. (And make sure they've read the book too!)
Structure of the Book
The book is broken up into three main sections. The idea of each section is to build a foundation and grow that foundation throughout the book. Even if you're well into your career, there is a lot to learn from each section. Additionally, it's a great resource if you're a mentor to others.
Day 1
A guide to building your career in information security. This includes learning about security, certifications such as the CISSP and CISA, an overview of regulations and compliance, the basics of security including IP Addressing, ports, the OSI model, and others.
Year 1
A guide from moving to a security analyst or pen tester to a manager or principal. This section includes how to be a great manager, communications, moving away from the technology and into management.
Year 10
A guide to growing into an information security executive. This includes some foundational CISO principles for communicating security issues to non-technology executives.
About The Author
I blog at JaySchulman.com about building your life and career in information security. I also have a podcast on iTunes called Building a Life and Career in Security Podcast. I'm currently a Managing Principal at Cigital, Inc and lead our Midwest Practice. I focus at Cigital on software security and application security initiatives including BSIMM measurements, program strategy and development, mobile application security (including iOS, Android and mobile frameworks such as PhoneGap), web application security, product security, medical device security and penetration testing.
At KPMG LLP, I was a Managing Director and National Leader for Identity Management. I also previously served as Business Information Security Officer at JPMorganChase where I managed security operations, engineering and architecture for a Global Information Security Line of Business.
I help security teams develop their information security programs and capabilities. I help CISOs, CIOs and CFOs understand and react to enterprise security risks and protect against attacks. I want to build information security organizations which enable the business. Information Security shouldn't be about saying "no" but about finding a way to get to "yes." I believe in strong security processes supported by a well lead team and strategic security technologies.
Jay Schulman
Hi, I'm Jay Schulman. I'm an information security consultant living in Chicago. I like to talk. But when no one's listening, I write. Useless Things You Should Know About Me: - I've never lived outside the state of Illinois. - But I've traveled to 48 out of 50 states. (Montana and Hawaii are on the bucket list.) - I fly so much on Southwest Airlines that my wife can fly free with me wherever I go. - Unfortunately I haven't reached the point where my two kids can also fly free. - In 1999, the FBI said they didn't need someone with my skills. - Also in 1999, Playboy said they needed my skills. Security skills, that is. - I turned them down to work for KPMG. - It worked out ok. 10 years employment. They found me my wife. And how to be a great manager. - And great examples of how not to manage people. My Day Job: I help security teams develop their information security programs and capabilities. I help CISOs, CIOs and CFOs understand and react to enterprise security risks and protect against attacks. I want to build information security organizations which enable the business. Information Security shouldn't be about saying "no" but about finding a way to get to "yes." I believe in strong security processes supported by a well lead team and strategic security technologies.
Related to Building a Life and Career in Security
Related ebooks
The Future and Opportunities of Cybersecurity in the Workforce Rating: 3 out of 5 stars3/57 Rules to Influence Behaviour and Win at Cyber Security Awareness Rating: 5 out of 5 stars5/5Security Engineering: CISSP, #3 Rating: 0 out of 5 stars0 ratingsIntroduction to US Cybersecurity Careers Rating: 3 out of 5 stars3/5Building Effective Cybersecurity Programs: A Security Manager’s Handbook Rating: 4 out of 5 stars4/5Security Operations: CISSP, #7 Rating: 0 out of 5 stars0 ratingsSecurity Operations Center - SIEM Use Cases and Cyber Threat Intelligence Rating: 0 out of 5 stars0 ratingsCyber Breach Response That Actually Works: Organizational Approach to Managing Residual Risk Rating: 0 out of 5 stars0 ratingsA Convenient Guide to Starting You on Threat Modeling Rating: 0 out of 5 stars0 ratingsSecurity and Risk Management: CISSP, #1 Rating: 5 out of 5 stars5/5Modern Cybersecurity Practices: Exploring And Implementing Agile Cybersecurity Frameworks and Strategies for Your Organization Rating: 0 out of 5 stars0 ratingsCISSP:Cybersecurity Operations and Incident Response: Digital Forensics with Exploitation Frameworks & Vulnerability Scans Rating: 0 out of 5 stars0 ratingsCybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity Rating: 5 out of 5 stars5/5Build a Security Culture Rating: 0 out of 5 stars0 ratingsHow to Define and Build an Effective Cyber Threat Intelligence Capability Rating: 4 out of 5 stars4/5The Psychology of Information Security: Resolving conflicts between security compliance and human behaviour Rating: 5 out of 5 stars5/5Navigating the Cybersecurity Career Path Rating: 0 out of 5 stars0 ratingsBuilding an Effective Cybersecurity Program, 2nd Edition Rating: 0 out of 5 stars0 ratingsBeginner's Guide to Information Security Rating: 0 out of 5 stars0 ratingsSoftware Development Security: CISSP, #8 Rating: 0 out of 5 stars0 ratingsCISSP Exam Study Guide: NIST Framework, Digital Forensics & Cybersecurity Governance Rating: 5 out of 5 stars5/5Fundamentals of Information Security Rating: 0 out of 5 stars0 ratingsSeven Deadliest Network Attacks Rating: 3 out of 5 stars3/5Practical Network Security: An auditee’s guide to zero findings Rating: 0 out of 5 stars0 ratingsSecurity Risk Management: Building an Information Security Risk Management Program from the Ground Up Rating: 5 out of 5 stars5/5Information Security A Practical Guide: Bridging the gap between IT and management Rating: 5 out of 5 stars5/5Applied Network Security Rating: 0 out of 5 stars0 ratingsBlind Spot: Smartphone and Computer Personal Security Guide Rating: 3 out of 5 stars3/5
Certification Guides For You
CompTIA A+ Certification All-in-One For Dummies Rating: 3 out of 5 stars3/5Coding For Dummies Rating: 5 out of 5 stars5/5CompTIA Network+ Review Guide: Exam N10-008 Rating: 0 out of 5 stars0 ratingsCoding All-in-One For Dummies Rating: 4 out of 5 stars4/5CompTIA Security+ Study Guide: Exam SY0-601 Rating: 5 out of 5 stars5/5CompTIA Security+ Certification Practice Exams, Fourth Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5CompTIA Security+ Get Certified Get Ahead: SY0-701 Study Guide Rating: 5 out of 5 stars5/5Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5Comptia A+ 220-901 Q & A Study Guide: Comptia 21 Day 900 Series, #2 Rating: 5 out of 5 stars5/5CompTIA A+ Complete Review Guide: Core 1 Exam 220-1101 and Core 2 Exam 220-1102 Rating: 5 out of 5 stars5/5CompTIA A+ CertMike: Prepare. Practice. Pass the Test! Get Certified!: Core 1 Exam 220-1101 Rating: 0 out of 5 stars0 ratingsMike Meyers' CompTIA A+ Certification Passport, Sixth Edition (Exams 220-901 & 220-902) Rating: 4 out of 5 stars4/5Mike Meyers CompTIA Security+ Certification Passport, Sixth Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5How to Get Started as a Technical Writer Rating: 4 out of 5 stars4/5Understanding Cisco Networking Technologies, Volume 1: Exam 200-301 Rating: 0 out of 5 stars0 ratingsCompTIA Network+ Practice Tests: Exam N10-008 Rating: 0 out of 5 stars0 ratingsCompTIA Security+ Certification Study Guide, Fourth Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5CompTIA CySA+ Practice Tests: Exam CS0-002 Rating: 0 out of 5 stars0 ratingsCompTIA Data+ Study Guide: Exam DA0-001 Rating: 0 out of 5 stars0 ratingsMike Meyers' CompTIA A+ Certification Passport, Seventh Edition (Exams 220-1001 & 220-1002) Rating: 2 out of 5 stars2/5CompTIA Security+ Certification Study Guide: Exam SY0-201 3E Rating: 0 out of 5 stars0 ratingsMicrosoft Office 365 for Business Rating: 4 out of 5 stars4/5AWS Certified Cloud Practitioner All-in-One Exam Guide (Exam CLF-C01) Rating: 5 out of 5 stars5/5Hacking : Guide to Computer Hacking and Penetration Testing Rating: 5 out of 5 stars5/5Security + Study Guide and DVD Training System Rating: 4 out of 5 stars4/5
Reviews for Building a Life and Career in Security
2 ratings0 reviews
Book preview
Building a Life and Career in Security - Jay Schulman
Building a Life and Career in Security
A Guide from Day 1 to Building A Life and Career in Information Security
Jay Schulman
Continue to Get Information On Growing Your Information Security Career at:
JaySchulman.com
Copyright © 2015-2017 Jay Schulman
All rights reserved.
Smashwords Edition
Building A Life and Career in Security
Table of Contents
Why I Wrote This Book
How You Should Use This Book
Chapter 1. Day 1
Chapter 2. Security Bootcamp
Chapter 3. Year 1
Chapter 4. Year 10
Chapter 5. Where To Go From Here
About The Author
Other Books By Jay Schulman
One Last Thing...
Why I Wrote This Book
From college to today, my career has taken an atypical road. I did not wake up in High School and say, I want to be in information security.
In fact, I thought I should stay away from technology altogether because it was too fun to make into a career.
While I have had great mentors throughout the years, I have agonized over many decisions and, in hindsight, made some goofy choices. Overall, I have been very lucky.
Some of that luck created lessons that are teachable. As I have looked at my own path and helped others along their journey, I believe there is a framework for success in information security.
My goal in writing this book is to give you the confidence to grow your own career in information security. I have analyzed my career and the careers of others to design a plan to build a successful career in information security.
Nothing in this book is going to teach you the content. Instead, my focus is on how you can use the content you know and expand your knowledge base to give you an advantage in getting a promotion or moving to a new opportunity.
In the short term, this book can be your mentor to guiding your career. As you will read in the chapters ahead, I encourage you to get your own mentor to help you on a day-to-day basis with the unique problems you may face. (Make sure they have read the book too!)
Thanks for reading the book and I hope you find it valuable.
How You Should Use This Book
The book is a more in-depth guide to what I write about at JaySchulman.com. I have put together a set of bonuses including videos and supplementary materials for readers of the book. To get the bonuses, go to JaySchulman.com/book-bonus and download them now.
The book itself is split up into three sections, Day 1, Year 1 and Year 10. Before you jump right to where you are in your career, I would encourage you to read the book straight through. I think this is especially true if you are going to mentor someone in security.
Day 1
Day 1 is for people just starting their career in information security. It is great for people thinking about information security as a career or just about to start a job in the field. If you have been in security longer than a year, I encourage you to read this chapter so you can better help others you work with or learn how to mentor to help someone who