Information SecurityComputer Engineer

Tim WarrenCompany: Neuberger BermanIndustry: Financial Services We manage investments for

people and institutionsLocated: New YorkTitle: Lead Engineer/Vice President

What my office looks like

What Is Information Security Information Security is the process of keeping

information secure: maintaining Confidentiality Integrity Availability

The terms information security, computer security and information assurance are frequently used interchangeably. These fields are interrelated and share the common goals of protecting the confidentiality, integrity and availability of information; however, there are some subtle differences between them.

Information Security Programs Companies build programs to run their Infosec departments Infosec programs are built around the core objectives of the CIA triad:

Confidentiality Integrity Availability of IT systems and business data.

These objectives ensure that sensitive information is only disclosed to authorized parties (confidentiality) prevent unauthorized modification of data (integrity) guarantee the data can be accessed by authorized parties (availability).

What are the subject mater areas of Information Security

Information Security Organizations

Large enterprises create a dedicated security group to implement and maintain the organization's InfoSec program.

The security group is generally for conducting risk management, a process through which vulnerabilities and threats to information assets are continuously assessed, and the appropriate protective controls are decided on and applied.

The goal in part is to protect the organization from

Ransom warePhishing Attacks Identity TheftMalware

Information Security OrganizationsJobs within the information security field vary in their titles, but some common designations include : Chief Information Security Officer (CISO)

$103,071 - $214,236 Chief Security Officer (CSO)

$64,735 - $200,000 Security Engineer

57,254 - $125,073 Information Security Analyst

$49,478 - $102,185 Security Systems Administrator

$41,197 - $97,375 IT Security Consultant

$53,206 - $108,696

Employment outlook

Driver of Increased Demand

What do I do?

Information SecurityIdentity Management(IdM)

In computer security, identity and access management (IdM) is the security and business discipline that "enables the right individuals to access the right resources at the right times and for the right reasons". It addresses the need to ensure appropriate access to resources across increasingly heterogeneous technology environments and to meet increasingly rigorous compliance requirements.[1]

IdM covers issues such as how users: gain an identity the protection of that identity the technologies supporting that protection

(e.g., network protocols, digital certificates, passwords, etc.).

What does my day look like?

Daily

Ensure that User records where processed in over night batch jobs Communicate to hiring mangers their users status Check application logs for errors Update project status Plan for afterhours and weekend changes New project initiation Engineering for new integrations Level 3 support

Systems Active Directory – For authentication and group membership Virtual Directories for authentication and attribute extension Secure Token – Token for 2nd factor authentication Public Key Infrastructure PKI, SSL/TLS Certificates and encryption Single Sign On(SSO) User Onboarding systems Help Desk management of users Employee Information systems

Additional Questions Education requirements after high school?

A minimum of an Bachelors Degree for entry level positions For advance positions at least 5+ years of additional experience

What should students take to prepare themselves for this career? Mathematics Programming Psychology

Advice The security landscape changes day to day. Ground yourself in the basic concepts you need to

know such as Fundamental computer science or how a computer works. CPU’s, RAM, registers, gates, etc TCP/IP networking and routing

Resources Your Librarian – Yes your library Security Now – Podcast/Webcast

https://twit.tv/shows/security-now How the Internet works https://twit.tv/shows/security-now/episodes/309 How SSL/TLS Works https://twit.tv/shows/security-now/episodes/195

SANS Institute – Information Security Resources https://www.sans.org/security-resources/