0

I'm an IT technical writer with 6 years of experience looking to transition to a career in information security. I have good knowledge of software, databases, and cloud computing with a year or so of experience in system security documentation (NIST 800-53). What I lack is any formal training or education in information security. My college degree is also completely irrelevant.

My question is given my experience, would completing a masters or certification get me hired as an information security analyst at software companies? Alternatively, I would be open to working for consulting agencies that help companies achieve FISMA or FedRAMP certification. My main concern is that I do not want to take a huge step backwards from my current salary of $80,000 in the Minneapolis area.

Many thanks!

JN1212
  • 1
  • 1
  • 1
    This question is really broad and subject to a lot of different variables. This is the sort of thing that can be answered with some informational interviews with companies in your area. Besides, you're entire question is, "what types of roles could I land after completing either a masters program or certifications?" You're asking for unbounded answers from an unbounded set of constraints. – schroeder Nov 24 '16 at 07:36
  • My question is more narrow than you suggest as I am asking that given my background. The implied second question I suppose is to what extent my background would make a difference? Obviously, not all individuals have the same career prospects after completing a masters or certificate. – JN1212 Nov 24 '16 at 07:41
  • 1
    "IT technical writer" is the same as saying "I work with computers". Technical writing has a broad spectrum of experience and possible specialisation and you don't outline that, and neither could you in this forum. I appreciate that you are a unique individual with unique interests and expertise, but certainly you can see that both your question, and your unique situation, are too complex to tackle here. This is why you need to do info interviews with companies in your area who can read your resume, assess your skills, and ask you the detailed questions to get to an answer that fits you. – schroeder Nov 24 '16 at 07:49
  • Thanks, I appreciate the advice and see your point! I will try to do some information interviews. Thus far, I've spoke to the director of infosec at my own company, but unfortunately, the team is already at full capacity and downsizing. – JN1212 Nov 24 '16 at 08:01

1 Answers1

1

Consider what sort of role you are looking for. Information Security is a very wide field. Do you want to be a Penetration Tester? Do you want to be a SOC analyst? Do you want to be an ISO27001 Auditor? If you are not sure, I would suggest spending some time understanding the different types of role in the Industry and considering which ones fit your skill set given that you don't want to start from scratch.

Once you know what direction you are going in then you can start looking at an appropriate certification program or some other way of building a bridge for your transition.

Good luck!

tghosth
  • 21
  • 1
  • The ideal role would be information security analyst or manager for cloud-based software. I would also be interested in working for consulting agencies that help companies achieve FedRAMP or FISMA certification. – JN1212 Nov 24 '16 at 07:57
  • Maybe add that info and any other info you have to narrow down the question to your original question text. – tghosth Nov 24 '16 at 08:02
  • Also look at this question: [link](http://security.stackexchange.com/questions/3772/what-are-the-career-paths-in-the-computer-security-field) – tghosth Nov 24 '16 at 08:06
  • Thanks, I will take a look. Also, I edited the question. – JN1212 Nov 24 '16 at 08:17
  • @JN1212 maybe also expand what you mean by Information Security Analyst. – tghosth Nov 24 '16 at 13:57