How to break into information security

Demand for information security specialists has soared in the last decade due to increasing rates of cybercrime. There is a severe shortage of talent for entry-level information security analyst positions. But trying to break into information security can seem like an overwhelming endeavor. This post introduces the three IT infrastructure foundation areas and the two career routes of information security and offers tips and resources for novices and cyber-warrior wannabes to get started in information security through entry-level security analyst roles.

For a continually updated flamin’ blazin’ version of this post (as a LinkedIn article): How to break into information security.

A booming labor market
Three information security foundation areas
Computer networking
Operating systems
System administration
What is IT infrastructure?
Two information security career routes
Training resources

You may also be interested in IT career paths – everything you need to know.

A booming labor market

There’s never been a better time to get into information security.

Worldwide, the cyber workforce shortfall is approximately 3.5 million people. According to the U.S. Bureau of Labor Statistics,

Employment of information security analysts is projected to grow 35 percent from 2021 to 2031, much faster than the average for all occupations. About 19,500 openings for information security analysts are projected each year, on average, over the decade. Many of those openings are expected to result from the need to replace workers who transfer to different occupations or exit the labor force, such as to retire.

The U.S. Bureau of Labor Statistics further reports that the median annual salary for information security analysts is $102,600.

This salary is more than double the national median earnings of workers across all industries ($45,760). Cybersecurity salary potential tends to be so high due to the delicate nature of the job and the increasing economic demand for cybersecurity professionals. (Forbes Sep 7, 2022)

Significant career opportunities exist for Canadians.

The Information Communications Technology Council of Canada reports that there will be a need for approximately 50,000 cybersecurity practitioners by 2023, with an additional 100,000 roles for support positions. (EC-Council)

Information security analysts need to develop foundational technical knowledge in the three IT infrastructure foundation areas – networking, operating systems, and system administration – so as to be able to identify, assess, and mitigate information security threats, or to administer and improve the security and capabilities of computer systems.

Beside the technical skills, information security analysts need workplace or soft skills to be able to succeed in their jobs, notably, analytical skills, problem-solving skills, and communication skills. Information security analysts should be detail oriented and have a burning desire to learn new skills and remain informed about emerging cyber threats.

Three information security foundation areas

Computer networking

Key networking topics/skill areas include,

Network devices
The five-layer model (the TCP/IP model) and the seven layers of the OSI model
Network services like DNS and DHCP
Cloud computing, everything as a service (XaaS), and cloud storage
Types of cyber attacks
Network security solutions, ranging from firewalls to Wifi encryption options
Multi-layered, in-depth security architecture
Best practices for securing a network

Operating systems

Key OS topics/skill areas include,

Linux; Windows Server/Active Directory: database and services (IAM), DNS Server, DHCP Server, and Group Policy
Navigating Windows and Linux filesystems using a graphical user interface and command line interpreter
Setting up users, groups, and permissions for account access
Installing, configuring, and removing software on the Windows and Linux operating systems
Configuring disk partitions and filesystems
Managing system processes
Working with system logs and remote connection tools
Operating system security – antivirus, least privilege access control, etc.

System administration

Key sysadmin topics/skill areas include,

Best practices for choosing hardware, vendors, and services for an organization
How to manage infrastructure servers
How the infrastructure services that keep an organization running work; cloud computing
Managing an organization’s computers and users using the directory services, Active Directory, and OpenLDAP
Backing up an organization’s data and recovering its IT infrastructure in the case of a disaster
Planning and improving processes for IT environments
Assessment of various types of malicious software
The three As of information security: authentication, authorization, and accounting
How encryption algorithms are used to safeguard data and their benefits and limitations

What is IT infrastructure?

Systems and networking – we’re really talking about IT infrastructure.

The IT infrastructure is comprised of the components required to operate and manage enterprise IT environments. “IT infrastructure can be deployed within a cloud computing system or within an organization’s own facilities” (redhat.com). The components of IT infrastructure include,

hardware, software, networking components, an operating system (OS), and data storage, all of which are used to deliver IT services and solutions. IT infrastructure products are available as downloadable software applications that run on top of existing IT resources—like software-defined storage—or as online solutions offered by service providers—like Infrastructure-as-a-Service (IaaS). (redhat.com)

Hardware includes “servers, datacenters, personal computers, routers, switches, and other equipment. The facilities that house, cool, and power a datacenter could also be included as part of the infrastructure” (redhat.com). Software refers to,

the applications used by the business, such as web servers, content management systems, and the OS—like Linux®. The OS is responsible for managing system resources and hardware, and makes the connections between all of your software and the physical resources that do the work. (redhat.com)

Network components “enable network operations, management, and communication between internal and external systems. The network consists of internet connectivity, network enablement, firewalls and security, as well as hardware like routers, switches, and cables” (redhat.com).

IT infrastructure can be traditional or cloud. With traditional infrastructure, the components—like datacenters, data storage, and other equipment—are managed and owned by the business within their own facilities. With cloud infrastructure, the components and resources needed for infrastructure services can be rented from a cloud provider like Alibaba, Amazon, Google, IBM, or Microsoft.

IT infrastructure management is “the coordination of IT resources, systems, platforms, people, and environments” (redhat.com). Common technology infrastructure management types include OS management, Cloud management, Virtualization management, IT operations management, IT automation, Container orchestration, Configuration management, API management, Risk management, and Data management.

Two information security career routes

You can break into information security as an information security analyst through an enterprise analyst role or a security operations center (SOC) analyst role.

Enterprise analyst roles are possible through a system administration/system engineering or network administration/network engineering route. The former IT infrastructure domain focuses on software. The latter on hardware. Within those two broad roles/domains, taking care of security can be a specialization or a function, as in a system security analyst or network security analyst.

Possible enterprise information security analyst entry-level roles include Cybersecurity Analyst, System Analyst, Jr. Cyber Security Engineer, Jr. network security engineer, Vulnerability Assessment Analyst, and Penetration Tester/Ethical Hacker.

SOC analyst roles are associated with MSSPs. Nearly 6 in 10 financial service providers own a security operations center (EY Global Information Security Survey 2018-2019). SOC analysts take on two cybersecurity roles – defensive (Blue Team) and offensive (Red Team or ethical hackers). Defensive roles include Incident Responder and Forensic Investigator. Offensive roles include Cyber Operator.