Responsible for maintaining corporate computer systems, network security engineers need to think like black-hat hackers so that they can thwart unauthorized-access attempts.
Over the course of any given day at the office, network security engineers are tasked with implementing, maintaining, and integrating server, LAN and WAN architecture; maintaining and overseeing perimeter security solutions like firewalls; and assessing, troubleshooting, and fixing network issues.
CCNA Security Instant Pricing – Intense
Aspiring network security engineers who want to take the traditional route typically earn at least an undergraduate degree in computer science, and credentials such as the certified network security engineer certification definitely help to get a foot in the door.
Asked about the skills required of network security engineers in 2014 compared to in 2009, Kevin Jones, the senior IT security architect for Thycotic Software, a Washington, DC-based provider of password security management solutions for organizations, had plenty to say. A Microsoft MVP, Jones has been a featured presenter at numerous IT and security events including IANS Forums, ISSA, ISACA and software development clinics. He has also been in the IT security industry for more than seven years.
What follows is a Q&A between Intense School and Jones:
Q: What led you to become a network security engineer?
A: At the time, it was born out of necessity at a business. As security trends became more prevalent in small organizations, a need grew out of it. Businesses small and large should have a security engineer, either on staff or a part-time consultant.
Q: Can you discuss some of the hard skills you need as a network security engineer in 2014 as compared to those you needed in 2009?
A: There is certainly more complexity in most networks these days due to the cloud. There is more to consider when thinking about perimeter security when the cloud is getting involved. Basic programming knowledge is very useful, such as automating certain tasks with PowerShell or another scripting language.
Q: What about soft skills? Is there are difference when comparing 2014 with 2009?
A: As more businesses adopt BYOD (bring your own device), regular employees are playing a bigger role in the overall security of an organization’s data. This often requires education and training of employees to help them understand what kind of risks are involved when accessing company data on personal devices, and how to avoid exposing company data. Depending on the organization, this training can fall on a security engineer in the organization. Even if the formal training is contracted to someone else, network engineers must be persistent in reminding staff about security, all while not causing undue stress and making the employee’s job difficult.
Q: What sort of challenges do you face in 2014 that you did not face in 2009?
A: The cloud has become more prevalent in businesses small and large. Since the cloud by nature is very disconnected geographically, securing assets that the company doesn’t actually own is more challenging. This also means that organizations are becoming more connected with one another, so often, as a network security engineer, you may have to work with another company’s security engineering team to accomplish a common goal. This can be especially difficult if the organizations have different goals in mind. Attackers are becoming more clever in the way that they deliver payloads, such as using ICMP packets. Keeping up with these trends can be difficult and engineers need to make sure they are able to quickly adapt to new environments.
Q: Is it possible to become a network security engineer without going a traditional route?
A: Sure. I didn’t exactly go the traditional route myself. Originally I started as a network engineer responsible for laying out new CAT6 cabling and keeping a series of DSLAMs running. Even then my formal education was to be a math teacher.
Q: What sort of career advice would you give a student in college or university who wants to become a network security engineer?
A: Learn security at a broad level as well, with a focus in network security. Having a basic understanding of how cryptography works and other security is hugely valuable.
According to PayScale.com, aspiring network security engineers can also look forward to plenty of upside on the financial compensation front. Specifically, the company said that network security engineers can expect to make between $51,000 and $118,000 annually.