Working in Network Security
As with most areas of cyber security, network security is one that is continuously evolving as the threat landscape changes, technology advances, and the relevant tools and software upgrade accordingly. A specialised field, network security focuses on the protection of an organisation’s computer network infrastructure, both internally and externally, via data analytics and risk assessments. The Network Security Engineer will use the outcome of those assessments and findings to create procedures and policies as proper navigation for the system managers.
Network security is of unique importance within an organisation as those procedures and security policies are what act as a shield against unauthorised users who would endeavour to dismantle any firewalls and various security systems in place. Security systems undergo constant monitoring with the intention of preventing cyber criminals from infiltrating its programs, thus they are bound by layers and layers of protection integrated within the network’s system. Network Security Specialists or Information Security Analysts as they are also known, are responsible for designing and improving those computer systems to protect the company against potential threats and attacks.
In the event of a security breach, Network Security Engineers will work as part of a team of cyber security specialists brought in to resolve the situation and come up with a mode of attack against cyber criminals. Those working in cyber security of any specialism will also be expected to spread awareness of the importance of their work and educate people across the business about potential threats, malicious schemes and so on as it’s often human error that can result in a breach.
Working in network security, candidates will need to demonstrate an in-depth knowledge of computer networking, likely honed from building and rebuilding a home computer and truly understanding how its inner workings operate. Everything from subnetting and ACLs (Access Control Lists) to ports and protocols should be in your vocabulary along with experience with Cisco and/or Juniper systems. You should know how to configure firewalls, IDS/IPS, honeypots, routers and switches as well as have the expertise and skills to reinforce them.
Programming skills are not hugely essential to jobs in network security though having a good grasp of Python will probably be useful. It’s also wise to get yourself familiar with Linux, Windows and networking hardware as in this line of work you may find yourself faced with working on any number of systems or devices.
In terms of professional certifications, you can start with a CompTIA A+ (though individuals well versed in the functionality of their own computer will most likely breeze through this or find it unnecessary). The CompTIA Network+ teaches computer networking basics so is a good place to start. Then there is the CompTIA Security+, arguably the most popular network security certification, which delves into computers and networking security fundamentals as well as basic security skills.
Moving from the academic to vendor-specific comes the CCNA (Cisco specific; you can opt for a different vendor but Cisco is one of the major vendors in the IT network market) which will furnish you with the skillset and knowledge of such things as automation and network access in order to work effectively on a small to mid-size enterprise branch network and thus take on an entry-level job as network technician or field network engineer. The CCNP R&S is a useful one to help you deepen your knowledge and understanding and ultimately makes you a more valuable commodity.
Further certifications to consider are the CCNA Security and CCNP Security, particularly if you intend to progress through the ranks to Senior Security Engineer. The learning doesn’t stop there though, any aspiring network security specialist should have a passion for consuming the latest technologies, understanding how they work and what you can do with them.