Subscribe

The most in-demand skills in infosec

By Timo Goosen, penetration tester, developer and OWASP chapter lead.
Johannesburg, 21 Oct 2016
Timo Goosen, penetration tester, developer and OWASP Chapter Lead.
Timo Goosen, penetration tester, developer and OWASP Chapter Lead.

People often ask me what are some in-demand skills at the moment in information security (infosec) or in the IT world in general?

The answer to that question is an elaborate one. The infosec landscape is rapidly changing and is currently going through a bit of a makeover. There are many new roles opening in the infosec space, roles that never existed before or at least they weren't as in demand as they are now. Before I get to what kind of roles are hot at the moment, it is also worth taking a look at which skills are worth learning.

The IT industry, whether in infosec or not, moves so fast that if you want to stay in the race you will have constantly learn to stay up to date and you will have to learn even more to keep yourself marketable. The workplace demands more from its employees and there is often very little time on the job to pick up skills. The infosec space is especially low on time and if you are somebody who can teach yourself new skills and find enthusiasm and time to learn new skills in your free time, then you are bound to thrive in the infosec space. Don't take my word for it though, do your own research to verify my claims.

To program or not to program...

Currently the ability to programme is still in high demand. In the infosec space the ability to create Web applications is in demand for several reasons. Firstly, the ability to understand how complex Web applications work will be of great benefit if you are in the penetration testing space. Many companies, even smaller ones, have their own internal Web applications, even if these are just the Web applications used for accounting purposes. The ability to work with other people's legacy code is also beneficial in any organisation, as they might want to keep their applications up to date with the latest dependencies and perhaps they would like some bugs fixed or functionality added.

Any infosec organisation should have some scripts that they use on a regular basis and the ability to code will help you to create and maintain these scripts, Web applications or other custom code. There are obviously different platforms that you could code for, i.e. android, IOS, Windows or event Linux. Knowledge of any of these will help, for example if you are a mobile developer with knowledge of security then you are in high demand, as mobile security is becoming more niche every day. In the United States there are several companies that just do work on mobile security.

What you need to strive towards is the ability to be a breaker and a builder. Not all breakers are builders and not all builders are breakers. If you can be both then you are already employable. The ability to programme will even help you to understand how malware works and how it is created.

Top of my list of skills in demand is the ability to program and keep up with what is happening in the programming world.

Reading and writing go hand in hand

I would have never have believed this if someone hadn't told me a few years ago, but the ability to write is a very important skill in IT, especially in infosec. For example if you work as a penetration tester, you will have to be able to write reports on your findings. Keep in mind you will have to tailor your reports to suit your target audience. Simply put, you should be able to convey, in writing and in a practical and easy-to-understand way, some very technical findings. The great thing about writing is that if you are passionate about a given topic, then you have a voice needed and can speak with authority. This makes writing a lot easier.

The ability to write goes hand in hand with the ability to read. Consider taking a speed reading course. Many infosec professionals that I know, have trouble sleeping, and reading when you can't sleep can be a good way to pass the time. What to read? I recommend the Web Application Hacker's Handbook, but there are many more - just ask around at your closest infosec meetup. I try to stay up to date by keeping a book with me at all times when I travel, when I wait in a line to go for a check-up at the doctor, or when I wait for my car at the mechanic and so on.

Teamwork and communication are vital

The ability to work in a team is incredibly important in IT and also in infosec. Even if you aren't currently working in a team, you should be able to communicate with others around you and be able to share information of value with them. Social skills are also important in IT, believe it or not, as you are often expected to interact with clients. I've heard of some software development houses that look for people who mention working in customer service such as retail or in the hospitality industry, a clear indication that a person is willing to work hard, but also an indication that a person has the ability to deal with difficult people in a professional manner.

Networking is another vital skill that will never go amiss, and I don't mean networking in the IT sense of the word. I mean networking in the social sense. The ability to network with people online or face to face will help you open connections, find your company new clients, and find new opportunities to develop your career path.

Multiple operating systems

The infosec space demands the ability to work with multiple operating systems, even if it is just at the most basic level. The ability to work with, for example, either Linux or Windows servers is very important. If you can work with both, even better. If you can work with old Unix variants like Solaris, then you are one of very few people, and this is a great skill to have.

Big data and information security

Big data and infosec are moving closer and closer to each other, whether you like this or not.

More and more companies are starting to make use of either Splunk or the ELK stack (Elasticsearch, Logstash and Kibana). Users and attackers are creating an increasing the amount of log files and many organisations are not doing anything with them. The scary thing is that your organisation might not be able to detect if you have been compromised when it happens or if it already happened. There are many types of attacks that are either hard to detect or even impossible to detect. Your ability to process and not just log data will become increasingly important.

QA/testing engineers

QA or testing engineers are in demand. Infosec professionals are starting to incorporate security-related testing into their development process. If you have QA-related skills and an interest in security, then the future holds great things for your career. If you have programming skills to add to your skill set then even better, as the QA world is moving closer to automating mundane tasks with tools that require lots of programming knowledge.

At the end of the day, if you are spending time staying up to date and continually learning new things, then you are a highly sought-after human resource. A formal education is very seldom a requirement these days, as long as you have the skills or side projects such as code on GitHub to prove your worth, then we need you.

Share