UT Austin: infoSecEvaluations.setLocation(“Austin”); II

L-R: Jeremy Powell, Prof. Bill Young, Auston Holt

Jeremy Powell and I, both UT alumni, who are now information security consultants with atsec information security, gave a talk Friday morning at the University of Texas (UT) at Austin. We were guest lecturers at Professor Bill Young's Information Assurance and Security class where we presented on application security evaluations as a practical application of information security education.

Our lecture, titled: "infoSecEvaluations.setLocation(“Austin”);"focused on the real world evaluations of commercial products with security functionality. The presentation centered around products with general security functionality (access control, identification and authentication, logging, etc.) and products making use of cryptography.

How to get started in an Information Security career:

After the presentation, a student wrote to us and asked how to get involved in the industry. As a follow up, and for the benefit of all students looking to get into the field, here is a generalized summary of our personal recommendations.

• Complete your Computer Science (CS) degree (BA/BS)
• Take as many information security classes in school as you can!
• Take a variety of technical computer science classes:
  specifically on databases, networking, programming (a variety of languages), etc. - don't worry about how this might be tough on your GPA, the knowledge you pick up will be an asset to you on the job.
• Business classes:
  Use your non-CS electives to attain a business minor (or equivalent) to gain the business sense you need in your job (the UT Austin Business Foundations classes have been priceless for me).
• Learn about auditing and assessment techniques.

• Back up academic prowess with real practical experience:
• Take a job in the IT industry or get involved with software development, networking etc.
• Develop strong people skills for interfacing with customers and learn how to network.
• Get involved with the local Austin area chapters of organizations supporting IT security, for example:
• 2600 - Austin branch
• AFCEA Alamo San Antonio
• AITP Austin (Association of Information Technology Professionals)
• AHA! Austin Hackers Anonymous
• HackFormers
• IAPP (International Association of Privacy Professionals) Has an Austin Chapter.
• IEEE Computer Society - Austin Branch
• IGDA Austin International Game Developers Association
• InfraGard Central Texas
• ISACA:
• South Texas (San Antonio)
• Austin ISACA
• ISSA (Information Systems Security Association) : Austin branch
• OWASP Austin (application security group)
• Austin SPIN (Software Process Improvement Network)
• Consider joining a social fraternity to learn how to work with others together in a team (I am a member of Theta Chi for example).
• Try to make it out to relevant conferences and seminars. The local ones may be the cheapest and easiest to attend. For example:
• LASCON (AppSecUSA this year)
• Security BSides: Austin
• TRISC
• SXSW Interactive

• Find and use online specialized resources related to IT security: for example:
• Social-Engineer.org
• DEF CON®
• The SANS Internet Storm Center Daily Stormcast (a short M-F podcast)
• Linked In and Yahoo groups relating to IT security

• Find out about government supported security initiatives such as:
• Build Security In
• The UT Center for Identity

• Follow the information security companies and people that you're interested in. For example their websites, blogs, Linked In,Twitter and Facebook. They may even be posting some jobs! 

 

By Auston Holt, CISSP