Running head: INFORMATION SECURITY 1

Information security (E-protfolio)

Craig Kuepper

Business 1010-407
INFORMATION SECURITY 2

Abstract

This article review a career path in information security. The beginning talks about the

general description of the career path. Information about how to get to the position that you want

along with educational prerequisites are described. There is a personal interview with my dad

(Brian Kuepper) about the intricacies of his job in the information security department. The

article finishes off with the pros and cons of this type of career along with how I would fit into

this career path.

INFORMATION SECURITY 3

Job Description

Information security is increasingly becoming a major career path for many millennials.

The availability of jobs in this sector of work is in high demand and is still increasing. The text

book describes online businesses as having the most potential for growth and expansion, they

are also the most vulnerable to threats, such as security breaches and viruses(Solomon et al,

283). The online business world is expanding and many companies cant survive without an

online presence but that means they are subject to hackers trying to steal information. The far

reach that the internet allows comes at a cost and the many positions in information security

protect the information critical to a company and their customers. The purpose of information

security is to protect the confidentiality, integrity and availability of computer system data from

those with malicious intentions (What is Info). The main duties that accompany this career

vary depending on what section you go into but there are a few general responsibilities. A few of

the tasks are: plan and implement security measures and controls, conduct internal and external

security audits, analyze security breaches to determine their root cause, defining and

implementing corporate security policies and security awareness training programs (Armerding).

My original proposal was a white hacker which is in the same field of information security. I

decided to change my career to what my dad has chosen as a career in information security.

Information security is a very useful field and is instrumental in most major businesses. This is

why I chose to review and analyze this career option.

There are many options available in the information security, one of which is an

information security analysist. This job requires you to protect sensitive information and attacks

towards a companys system. Most of the job is monitoring and preventing attacks toward the

companys system. The annual salary for this job runs from $49,003-$102,219. Another job in
INFORMATION SECURITY 4

this field is security architect. They are responsible for analyzing the threats after the security

breach has occurred. They recommend solutions to issues that their systems are having along

with educating the different departments about how to us the systems. The annual salary range

for this field is $81,845-$147,873

The job that I originally chose under this field is a penetration tester, sometimes referred

to as a white hacker. There main job is to test the systems and firewalls to see the weaknesses in

their security. This job is essential because if no one tests the system than you dont know the

potential threats that could access the information. This type of job would have prevented

security breaches like when PlayStation was hacked and all the customers information was

stolen. This job has an annual salary of $45,192-$120,163(how to land the best jobs)

Career Path

The path to get into this area of work requires knowing which jobs to apply for, along

with what skills and educational expertise will help you reach your desired position. A poll by

Zogby Analytics in which they polled 1000 people ranging from 18-26 years old in age reported

that they would like to enter a career in that made the internet safer, although they didnt know

how to get to this position (Hulme). My dad personally entered this career through word of

mouth among our neighbors. Someone heard about the job that he was working at and offered a

job in information security that would offer better pay. My dad was uneasy about the decision

because he hadnt worked in this field before but he took the job anyways. He has since worked

his way up through the chain of command and acquired more training and technical skills

focused towards his career. Just like any other job, often more experience trumps what degree

that you have. Practical and technical skills often in this career provide better opportunities and

help you find a stable job. Another factor in finding a job is just knowing the interviewing basics.
INFORMATION SECURITY 5

A resume can be a powerful tool but when it is done incorrectly it can be to your detriment. The

information sector contains a lot of specialty words which if misspelled or misused can ruin your

credibility and cost you a job. Putting the right credentials on your resume, for example work

experiences that applies to the job really increases your odds (Hulme). The biggest asset you can

have or display is job experience just as in any career. This is always a good thing to include into

you resume.

General Education Experience

There are many certifications and qualifications towards a career path in information

security. There are four main certifications that are very influential in the information security

realm. A CISSP or certified information systems security professional this is required to work at

the department of defense which has increased pay. The CISM or certified information security

manager focuses towards risk management and compliance. The CISA or certified information

system auditor focuses towards auditing and assessing critical information within the systems.

Another certification is the GIAC or global information assurance certification, this area focuses

more towards investigating the issues and problems within a system and making sure hackers

dont penetrate your system(how to land the best jobs). All of these systems help to boost your

chances of getting a better salary within a bigger company. There are very special circumstances

like my dad when he was just offered the job without much technical training, but most often

they want the trained professionals. Along with certifications is the amount of experience that

you have in the field. With every job experience always plays a factor but within the information

technology field, this is crucial. The systems that you have to use and the codes that you have to

know mostly come from experience using them. Whenever I walk into my dads office and see

his computer it is mostly black with a lot of white letters, number and symbols. According to the
INFORMATION SECURITY 6

University of Sand Diego to get hired at a higher level in the cyber security field it is typical

that employers will be looking for at least 8-10 years of experience (how to land the best

jobs). The other aspect is focused more towards continual education. The internet and

technology is ever changing and will not stop. This is why it is crucial to stay current with the

different systems and methods that play a critical role in protecting the information of customers.

Just as in other fields such as nursing you have to stay current with the different procedures, and

it is the same with information security.

Career Outlook

A career in this field is very lucrative and will provide great job stability. Theft through

the internet is very prevalent in our society and in the business world. Cyber crime cost the

global economy over $400 billion each year(how to land the best jobs). The need for people in

this career is every increasing and will continue to move up as more companies become reliant

on technology and internet resources.

Biography information security

I interviewed my dad who works for Wells Fargo bank in the information security sector.

He works in the risk section of his firm. In his field he manages risk and patches servers. He

patches servers once a month and installs new software twice a year so that everything in their

firewalls and servers have the most current technology. His hours are pretty stable, he works a

standard 8am-5pm. He often has to work odd hours if there is an emergency or they have a major

project that they are working on. Every little while he goes on call, in which he has to be

available at all times to patch servers or detect issues in the firewalls. Everything that he works

with is encrypted. The phone that he uses for work has a password and the information contained
INFORMATION SECURITY 7

on it is encrypted. When he signs into work he has to type multiple passwords so that he can gain

access to the servers that he needs to fix or change. When he accesses a server he has a two-

factor identification password in which he has a standard password along with a key fob that

generates 6 random digits every 15 seconds. He has to type his password along with the certain

set of digits every time he accesses a server so that his password is not stolen. Often, hackers will

put sniffers on the wire which record every key stroke that is made on the computer. This is

why they go to such great lengths to encrypt everything that they do on the servers and on their

computers. There is always someone watching and waiting for an opportunity. When he first

started out he was in desktop support and worked his way up to the position that he has now. In

the beginning he was paid hourly but as he worked his way up he moved on to a salary which

increased his pay. He loves career choice and would suggest it to most people

Pros and cons

There are many positive aspects to the information security sector. I found most of my reasons

through training FYI. The biggest benefit towards a career in information security is that jobs

will grow up to 18% from 2014-2024 (Pros and Cons of Being). Having job security is one

of the biggest benefits towards a career in this field. There are many jobs that have high turnover

and when the market crashes a lot of people lose their jobs. The need for information security

jobs is at a steady increase and will continue to grow. The other major benefit is being able to

work from home. My dad has worked for Wells Fargo since I was little and he has always been

around because he worked form home most of the time. The opportunity to be home with family

is such a great benefit that makes this career very appealing.

The negative aspects to this job is being in front of a screen for long periods of time. The

entirety of the job requires that you have to be in front of a screen. This means that you have to
INFORMATION SECURITY 8

sit on a chair like a desk job for the entire shift. The other major issue with this type of career is

that it has high responsibility (Pros and Cons of Being). The very nature of working on servers

is risky because if you mess something up you have the potential to let hackers into the system.

This means that you have to be very cautious about what information that you divulge. This can

be stressful which can be difficult for people who dont deal well with stress.

How I fit

I feel like this could be a good option available to me. I have never known exactly what I

want to do in my career path. This is a very appealing career because I would get to spend time

with family. The other option that I have been researching is real-estate investing. This would

also provide the opportunity to be at home around family although I would have to travel to see

the houses. I dont feel like this is a definite fit for me because I find computers interesting but I

cant sit at a chair for that long of a time. I will keep this career in consideration although I dont

see it as my primary path.

INFORMATION SECURITY 9

References

Armerding, T. (2017, July 11). How to write an information security analyst job description.

Retrieved November 13, 2017, from https://www.csoonline.com/article/3206308/security/how-

to-write-an-information-security-analyst-job-description.html

How to Land the Best Jobs in Cyber Security [Includes Salary Data]. (2017, August 22).

Retrieved November 13, 2017, from https://onlinedegrees.sandiego.edu/best-jobs-in-

cyber-security/

Hulme, G. V. (2015, March 10). Six entry-level cybersecurity job seeker failings. Retrieved

November 13, 2017, from https://www.csoonline.com/article/2894193/it-jobs/six-entry-

level-cybersecurity-job-seeker-failings.html

Pros and Cons of Being an Information Security Analyst. (n.d.). Retrieved November 13, 2017,

fromhttp://trainingfyi.net/article/pros-and-cons-being-information-security-analyst

Solomon, M. R., Poatsy, M. A., & Martin, K. (2015). Better Business (4th ed.). NY, NY: Pearson

What is Information Security (IS)? - Definition from Techopedia. (n.d.). Retrieved November

13, 2017, fromhttps://www.techopedia.com/definition/10282/information-security-is