Network security position

This document is not actually a career planning, but a classification description. The only benefit is to help you understand the skill requirements of different positions, because you have been busy recently, this article is far from reaching the details of the body of knowledge. We plan to add another real career roadmap when we are idle.

[Vulnerability mining/security technical researcher]
Target Audience: OS, network, application, communication media, and Protocol Security Vulnerabilities and defense methods, focusing on the underlying technology, with the highest technical requirements but not comprehensive, you only need to be proficient in one or two popular platforms. The research results are often analyzed by IDS, IPS, and vulnerability plugin. The latest technology may be converted to commercial value in the product, or be responsible for professional security services with the highest technology.

Main skills: C/C ++, ASM, OS kernel, debugger, disassembly, buffer overflow, logical programming errors, etc.

[Security Product Development]
Like other programmers, it is only for security products, with core engines and interface development. I don't need to talk nonsense about how to become a good programmer. The proposal on the internet is mostly

[Product engineer]
As the technical staff of the manufacturer, it generally provides after-sales technical support for its own products, such as FW, VPN, IDS/IPS, middleware, AV, AAAA, CF, UTM, Soc, terminal management, vulnerability/Patch Management, anti-dos, anti-spam ...... This position has general technical requirements, a certain system and network foundation, and can be used to deploy products skillfully. In addition, the capabilities of testing and troubleshooting are also important.

[Technical consultant/presales engineer]
As a manufacturer's presales, you must be familiar with your own products and solutions. presales focuses on architecture/solution design, presentation, documentation and other presale engineering capabilities (such as bidding and sales promotion skills) generally require years of work experience, after-sales or R & D background, understanding of specific industries-for example, work experience in telecommunications, finance or Si can enhance competitiveness, and have knowledge of professional security technical services and consulting services, this will make your knowledge background more strong, and project management skills are also necessary.

[Security service engineer]
I personally think that in the security engineering field, product selection and deployment are relatively simple and the threshold is high. Professional security services, regardless of the actual level of security service technicians in the industry, I just want to talk about the skill requirements of the following positions for my understanding. Such as penetration testing, security reinforcement, security outsourcing/security monitoring, emergency response, advanced security technical training, risk assessment, and other requirements on mainstream operating system platforms, network equipment, and databases, enterprise applications must be mastered to a certain extent and be integrated into the understanding of security and defense technologies. In addition, it is best for security service personnel to have knowledge of information security management and project management. Communication and document writing skills are required.

[Security architect]
Prior pre-sales engineers and security service engineers also need to write the overall solution, but they are not as professional as they are as high as security architects, security architects must be familiar with IT infrastructure, disaster recovery and backup, large-scale enterprise applications, security integration, network design and planning, typical deployment of network security products, and various communication standards and protocols, we need to understand the security trends and the overall security requirements of our customers, both in depth and in breadth, and require a lot of experience and technology.

[Information security consulting consultant]
Information security has both technical and management problems, such as traditional strategy, HR, and IT Consulting. Information security consulting is also the main service in professional services, such: risk assessment, ISMs building, Sox compliance ......
Information security cannot be separated from the business and actual needs of the enterprise. Otherwise, it will become a castle in the air. Information security management should be guided by the upper layer of enterprise management, and information security management should be the middle pillar, the underlying layer is a three-tier structure based on computer and communication technology. Of course, the final product of the sale is a three-tier integrated solution. Consultants generally need the following skills:
Familiar with various security standards-BS7799, iso13335, CC, SSE-CMM, IATF, sp800 ......
Related Knowledge domains-IT governance, ITIL/ITSM, MOF, COBIT, SOA, COSO ......
Consulting System-business management, process management, human resource management, information strategy, laws and regulations
Basic skills-Communication presentation, documentation, and Project Management
Technology System-All abve)

[CHO]
This does not refer to the director of human resources, but the legendary chief hacker officer, chief hacker. It is a more purely technical position with such positions in some foreign companies, from the name, we can see where his technology is biased. In fact, it should be the whitehat in the security textbook. From the perspective of know your enemy, the anti-hacking capability is indeed strong.

[CSO/ciso]
Generally, only a large organization has a Chief Security Officer or Chief Information Security Officer. Without an independent CSO position, information security is generally considered by CIOs, CTO, and coo, in fact, they are also responsible for playing the CSO role. Therefore, from another perspective, the information security management consultation should be in cxo's perspective. In fact, the senior consulting consultant can become a CSO from Party.

General and competitive certification:
Cissp, cism, CISA, bs7799la

Service providers:
Professional security companies in China: lvmeng technology, Starling stars, Tian Rongxin, Lenovo Wangyu, Anshi
Foreign Security Companies: ISS, McAfee, Symantec, checkpoint, trendmirco
Major IT companies: Microsoft, HP, IBM, Cisco, Juniper, F5, and varous vendors
Accounting Firms: PWC, E & Y, KPMG, DTT ......
Consulting Company: Accenture
Party A: enterprises such as China Telecom Mobile, finance, Major portals, e-commerce, and IT systems that play a key role in internal operation

Salary:
The position is of course an important factor affecting salary. In addition, the salaries of auditors/consultants, security architects and researchers are higher, and the salaries of foreign companies are generally higher than those of domestic enterprises, the salary of Party A is not necessarily higher than that of Party B. It mainly depends on the profitability of the Industry and Enterprise and the importance it attaches to information security. However, Party B's high-paying position is generally busier than that of Party, the essence is to use time for salary, which is not necessarily very affordable from the perspective of behavioral economics.

Career Development Route
Researcher-senior security researcher
Developer-Project Manager
Product engineer-Security Service Engineer-presales technical consultant
Product engineer-Security Service Engineer-Security Service Project Manager
Product engineers, security service engineers, and technical consultants have two development directions:
1. technical orientation-security architect
2. Management-Consulting
If you are not interested in the current perspective, you may wish to change the role switching between Party A and Party B. If you are married and want to settle down, you can go to party A if you do not want to go on a business trip.
Of course, the above is just a theoretical formula. In real life, where can I experience the "ceiling "?

Knowledge Architecture
It can be divided into technical system and management system.
Technical System:
Understanding of attack and defense technologies
OS, network, application, data protection and related
TCP/IP protocol suits
The research focuses on the underlying technology and the architecture focuses on the network.

Security Management System:
Various information security technology/management standards, audit and internal control standards
Collection of traditional management
Consulting and auditing

Others:
Understanding of Customer business
Communication, documentation, presentation, project management and sales skills