Hi all, I have around 5 years of exprerience in java/j2ee technologies. I am planning to shift to Security features like Identity Management,DataEncCryption ,Cryptography etc. My idea is to attain skills/knowledge of some niche areas to add up to my resume. But really I am not sure how the future for these technologies would be and will I be having an added advantage on having a knowledge and work experience on these topics. Can you all please share your thoughts on this step.? Also suggest me some good sites to learn these... thank you. regards, Shashi
As systems get more connected, and are being made more accessible through various networks, the need for security becomes ever larger.
Make sure that you learn about technologies, not just about particular APIs, or implementations for a particular language. Those are going to chnage in the future, while the underlying principles remain valid for much longer periods.
The Security FAQ links to a number of resources that help understand the problems and solutions. I recommend in particular the interview with Bruce Schneier and the comp.risks newsgroup.
It could be a great niche to get into, but at the same time, IT Security involves a lot more things than just programming. If you want to become good at it and become an expert, you need to learn much of the "10" Security Domains. Many of which include networking technologies and various other things.
Check out a book on CISSP. Research it as much as you can about IT Security, careers and so on. I've thought about moving more toward IT Security in the past, but I've always enjoyed creating, designing, building and developing things a lot more than what I'd be doing in IT Security. Yeah if i moved up the ladder I'd get a chance to design IT Security policies and so on, but there is no gurantee you'd wind up as a manager one day. As a software engineer, even in pigeon holed roles, I usually get a chance to create something.
So it really depends on what you think IT Security is and what you want to do. It can be a great career path, but understand, it can be a lot different than software engineering.
sorry for the delay I was out of station.. thanks a lot Ulf Dittmer , and William gates . Yes I understand that this field is lot different from software engineering .. I was told by my managers that Enterprise Security now involves learning lot of tools and implementing in the client locations.