You are currently signed in as .
0 Items in Your Cart
Vault Guides are THE source for insider insight on career information and employer reviews. Shop Vault Guides
Industries & Professions /
Internet Security Specialists
The duties of an Internet security specialist vary, depending on where he or she works, how big the organization is, and the degree of sensitivity of the information that is being protected. The duties are also affected by whether the specialist is a consultant or works in-house.
Internet security usually falls under the jurisdiction of a systems engineering or systems administration department. A large company or government agency that deals with sensitive information probably has its own Internet security department or team that devotes all of its time and energy to Internet security. Many firms, upon connecting to the Internet, give security duties to the person who is in charge of systems administration. A smaller firm might hire an Internet security specialist to come in and set them up with security systems and software.
A firewall is a system set up to act as a barrier of protection between the outside world of the Internet and the company. A specialist can tell the firewall to limit access or permit access to users. The Internet security specialist does this by configuring it to define the kind of access to allow or restrict.
Primarily, Internet security specialists are in charge of monitoring the flow of information through the firewall. Security specialists must be able to write code and configure the software to alert them when certain kinds of activities occur. They can tell the program what activity to allow and what to disallow. They can even program the software to page them or send them an e-mail if some questionable activity occurs. Logs are kept of all access to the network. Security specialists monitor the logs and watch for anything out of the ordinary. If they see something strange, they must make a judgment call as to whether the activity was innocent or malicious. Then they must investigate and do some detective work—perhaps even tracking down the user who initiated the action. In other instances, they might have to create a new program to prevent that action from happening again.
Sometimes the Internet security specialist is in charge of virus protection or encryption and user authentication systems. Viruses are programs written with the express purpose of harming a hard drive and can enter a network through e-mail attachments or infected portable storage devices such as CD-ROMs and flash drives. Encryption and authentication are used with any network activity that requires transmission of delicate information, such as passwords, user accounts, or even credit card numbers. These professionals are also responsible for ensuring that their company is meeting all government security requirements.
Secondary duties can include security administrative work, such as establishing security policies for the company, or security engineering duties, which are more technical in nature. For example, some companies might deal with such sensitive information that the company forbids any of its information to be transmitted over e-mail. Programs can be written to disallow transmission of any company product information or to alert the specialist when this sensitive information is transmitted. The security specialist also might be in charge of educating or training employees on security policies concerning their network.
Internet security consultants have a different set of duties. Consultants are primarily in charge of designing and implementing solutions to their clients' security problems. They must be able to listen to and detect the needs of the client and then meet their needs. They perform routine assessments to determine if there are attack-prone areas within the clients' network and, if there are, find ways to correct them. A company might employ a consultant as a preventive measure to avoid attacks. Other times, a consultant might be called on after a security breach has been detected to find the problem, fix it, and even track down the perpetrator.
Secondary duties of an Internet security consultant include management and administrative duties. He or she manages various accounts and must be able to track them and maintain paperwork and communications. Senior consultants have consultants who report to them and take on supervisory responsibilities in addition to their primary duties.
A benefit of using consultants is bringing new perspectives to an old problem. Often, they can use their many experiences with other clients to help find solutions. The consultant does not work solely with one client but has multiple accounts. He or she spends a lot of time traveling and must be reachable at a moment's notice.