|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Aarón Mizrachi (unmanarc
gmail.com)
Date: Sun May 31 2009 - 02:03:39 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sábado 30 Mayo 2009 08:47:47 Stephen Mullins escribió:
> I think that this is a huge growth area in IT due to regulatory
> compliance issues for private sector organizations such as hospitals.
> I think that much of the work is and will continue to be travel
> oriented, but that it pays better than your typical 9 to 5 in an
> office somewhere.
>
> The trend is just as you describe, the government is creating
> legislation that will force organizations to do annual audits. I
> think this creates an environment in which the "technical skills" you
> describe are less valuable than the Information
> Assurance/Certification and Accreditation skills demanded for
> compliance.
>
> I imagine the transition would be fairly easy, provided you have some
> "people skills" and good written communication abilities to go along
> with your technical skills.
I agree, legislation will request for a formal audit, not for a simple
pentesting.
Some other legislations in another countries, force banks to make anually
pentesting, not a formal audit.
The Reason: the budget for "IT Security" in this countries is too short.
---------------------
I have a question:
What master, phd, specializations and certifications on information security
are recommended for the next years?
>
> Steve
>
> On Fri, May 29, 2009 at 11:18 AM, <listerlihim.org> wrote:
> > Has anyone transitioned from a purely technical background in InfoSec to
> > the Audit field?
> >
> > What trends are emerging with increased regulatory scrutiny on the rise.
> > Govt/PCI requirements.
> >
> > As I am not familiar with the CISA certification or the audit field of
> > work, I'm not sure if this would be a step backward or beneficial to a
> > penetration tester or someone with purely technical skills in InfoSec.
> >
> > ------------------------------------------------------------------------
> > This list is sponsored by: Information Assurance Certification Review
> > Board
> >
> > Prove to peers and potential employers without a doubt that you can
> > actually do a proper penetration test. IACRB CPT and CEPT certs require a
> > full practical examination in order to become certified.
> >
> > http://www.iacertification.org
> > ------------------------------------------------------------------------
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can
> actually do a proper penetration test. IACRB CPT and CEPT certs require a
> full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------
--
Ing. Aaron G. Mizrachi P.
http://www.unmanarc.com
Mobil 1: + 58 416-6143543
Mobil 2: + 58 424-2412503
BBPIN: 0x 247066C1
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.10 (GNU/Linux)
iEYEABECAAYFAkoiK9kACgkQ2ixydRu83wAYHQCeLYb2MNV5SoZUeLJ+vXe+R3xy
m3kAnjJnktvXNYpOEV3aKjvjXZb8tU5e
=f50m
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]