Caption: What are the best certifications for becoming a network security engineer?
At the time of writing this blog post (July 2016) a Google search for ‘network security engineer vacancy’ showed that LinkedIn has 13,808 vacancies to fill, and indeed.com has 27,549 positions on offer. And that’s just the first two of 861,000 results which Google found!
So it’s safe to say that the world needs network security engineers. Website CSO online predicts a shortfall of 1.5 million network security employees by 2019. Hardly surprising when you think about the increasing frequency and cost of corporate hacking.
But how do prospective network security engineers go about getting the right qualifications and, conversely, how do companies make sure they’re getting the right skill set to keep hackers at bay?
We’ve done a little research to keep employers and IT professionals up-to-speed with the whole issue of network security skills.
Network security engineer accreditations.
In the US, an entry-level credential can take three to nine months and the cost of the exams is in the region of $300 to $600.
Cyber Degrees (link below) reported that employers will often contribute to the course of network security certification for engineers:
- 65% of respondents reported their employers completely paid for certification training
- 15% of employers shared the costs.
In 2014, a survey of cyber security job recruitment adverts found that the top five certifications employers look for are:
Cyber Degrees list four key accreditations for network security engineers.
Cyber Degrees also cited GSEC and CISSP in their ‘top four’ accreditations:
CEH: Certified Ethical Hacker
CCNP Security: Cisco Certified Network Professional Security
GSEC / GCIH / GCIA: GIAC Security Certifications
CISSP: Certified Information Systems Security Professional
Six tips for a network security plan and agenda.
The InfoSec Institute (link below), who also provide specialist technical accreditation, give an in-depth review of the priorities for network security engineers in the workplace. Here’s the condensed highlights from their article:
- Do the basics. Like setting up firewalls, anti-spam, virus checking and implementing password policy.
- Develop network security policies. Includes proactively finding vulnerabilities and develop a security risk management strategy.
- Define a business continuity and disaster recovery strategy. It’s important for network security engineers to conduct regular impact assessments.
- Test new systems before implementation. Applies to adding new hardware, and also to switching on existing servers which might have old vulnerabilities.
- Review security logs. It’s good practice to check logs for irregular access patterns at least on a weekly basis.
- Resolve vulnerabilities on-site and off-site. Great network security engineers can also help remote users to play their part in preventing hacking opportunities.
SecludIT provides real life remediation tips for security engineers.
The Elastic Detector daily vulnerability detector from SecludIT (and the the ‘try before you buy’ S-Diag network scan) can help new and established network security engineers to work through the above six steps of a security plan.
“There’s no better way than learning by doing,” says SecludIT CEO Sergio Loureiro. “Our vulnerability scan not only checks the network for over 60,000 vulnerabilities … but we also provide IT security teams with remediation tips, so they can fix any problems themselves. Elastic Detector and S-Diag are the ultimate ‘in job’ training program.”
Sergio explains that the one-shot S-Diag trial can be easily completed in a morning, and gives extra benefits for network security teams. “In addition finding vulnerabilities and providing remediation tips, S-Diag also includes a management report which shows at-a-glance where the network has weaknesses. This report can be the basis of a security plan that is presented to the C-Suite. S-Diag also includes a one-to-one phone review between a SecludIT specialist engineer and a member of the client’s IT team.”
This means S-Diag has HR as well as IT benefits. For the cost of a typical network security accreditation course, S-Diag will give a deep scan of the network and help security teams to build their skills by actually fixing those vulnerabilities themselves.
Find out more about having a ‘zero disruption’ S-Diag vulnerability check on your network. There’s no financial risk either. If your network is free of the 60,000+ vulnerabilities we check for … the diagnostic is free.
Where to take a network security engineer training course.
We were impressed by the information and courses provided by two online training companies. There are many more … but IT professionals who want to increase their network security skills could start by reviewing these two sites: