Many private companies are turning to the military and law enforcement agencies to find computer forensics and security professionals. Some officers are leaving their posts for jobs in the corporate world, sometimes doubling or even tripling their salaries.
That's what Jose Granado did in the early '90s, when he left his job as a regional crime investigator at the Air Force's Office of Special Investigations. Now, as the national leader for Ernst & Young's profiling practice, he is what he calls a "white-hat hacker," breaking into clients' IT systems and then making recommendations to make them more secure.
How does one make the transition from the world of the military to private business?
Here's Granado's advice:
- "Forensics work takes a thorough knowledge of Unix and NT," says Granado, since forensics examiners must go deep into operating systems to retrieve deleted files and other evidence of security breaches. A knowledge of networking and routing is also increasingly important, since more and more computer crimes involve the Internet and e-mail, Granado says.
- The business world takes some getting used to. "There's always that bottom-line issue that you have to take into account," he says. As a result, he says, it's important to pitch security and forensics recommendations with a business's cost concerns in mind. Granado suggests reading business periodicals, taking business classes if possible and studying up on the specific industry you hope to enter.
- Granado also advises that forensics experts broaden their base of skills to include general IT security skills and knowledge on how to set security policies and procedures within a company. Since there is no internationally recognized certification for forensics specialists, he suggests getting a Certified Information Systems Security Professional certificate, the most widely recognized credential of its kind.
Security Risk and Reward
Stories in this report:
- Want to Save Some Money? Automate Password Resets
- Knowldge Quest
- Companies Need Security Pros With More Varied Skills
- Finding Answers
- The Enemy Within
- The Threat of XML
- SOAP, Other Protocols Specify Security for XML
- The Problem With Power
- Top 10 Security Mistakes
- Playing By Europe's Rules
- False Alarm?
- An Ounce of Intrusion Prevention
- Deadly Pursuit
- IDS Products and Prices
- Should You Outsource IDS?
- Who He Is
- Manager Offers Primer On Computer Forensics
- Unlocking Secure Online Commerce
- Too Late For Digital Certificates?
- Giving Users Back Their Privacy
- Feeling Safe With IT Security Deals
- Finjan's Software Bolcks Active Content Threat
- Security Statistics
- The Guardian
- Congress Considers Slew of Bills That Will Affect IT, E-Commerce
- U.S. Legislators Ponder Masses of Bills; Outlook Remains Murky
- Rule Changes May Further Protect Company Security Data
- Getting Started in Computer Forensics
- PKI Carries the Mail for U.S. Postal Service
- Security by Syntax