The role is a fairly new one in many companies, and qualified candidates are in high demand. Learn how one IT security engineer landed his current job, the skills and training that helped him get there, and where his sights are set now. Credit: Thinkstock When Scott Copeland got his associate degree in network administration back in 2004, the community college he attended didn’t offer IT security courses, “but it gave me the foundation to learn more about network security,” he says. His determination and thirst for learning led him to his current job as an IT security engineer at FedEx Services in Memphis, Tenn. download What it takes to become an IT security engineer | PDF downloadCSO OnlineGetting startedAfter being laid off in 2008 from his first IT job in tech support and systems administration, friends encouraged Copeland to use his networking talents to get a certification that would boost his career. He studied for three months and earned his Cisco Certified Network Associate (CCNA) certification in routing and switching. “CCNA was the biggest helper [for my security career path],” says Copeland. “It’s one of the hardest network certifications in the industry.” Also, he notes, “because it ties networking for firewalls and VPN, it has security components to it.” He also scoured daily posts on Reddit, the news aggregation and discussion website, to learn as much as he could about network and IT security, and to keep up with the latest threats.He sought out temp work to hone his security skills and found a contract security job at FedEx. “We upgraded the VPN client,” Copeland says. “I did technical writing for our user manual, and I still maintain that today. I also did VPN support tickets and started doing firewall tickets.” When the project ended, he landed his first full-time network security position at Southwest Tennessee Community College. Two years later, he re-joined FedEx Services in his current full-time role. “My specialty is VPN, and I also do firewalls,” Copeland says. “On a typical day, I’ll do change requests — the tickets to add or make changes to the firewall — I’ll review the VPN logs, work with developers, [help with] change management” and handle some compliance issues, he says. A role in fluxThe IT security engineer position is a fairly new role for most companies, and the responsibilities and scope of the position are still in flux, says Victor Janulaitis, CEO of Janco Associates Inc., which issues an annual report on new technology positions and job descriptions. “The role and responsibilities are in high demand,” Janulaitis says, because the job focuses on quality control within the IT infrastructure. “That is one of the things that has been cut back on in the last several years as IT organizations have been trying to maintain and control costs,” and as they continue to outsource, he says.Broadly speaking, the IT security engineer works on the operational data center systems and networks. This person helps the organization understand advanced cyber threats and helps create mitigation strategies to ensure that networks are protected, according to the Janco job descriptions report. CSOThe logical career ladder for the IT security engineer, according to Janulaitis, would be to move into a senior IT security engineer role and then to project manager or a systems and programming position.Copeland will earn his four-year degree in organizational management in May. He plans to get his Information Systems Security Professional certification next year when he will have the required four years of security experience. His five-year plan is to become an IT security manager. “Always continue to learn more about IT security,” he says.It takes nothing at all to be a commenter, head over to our Facebook page. download What it takes to become an IT security engineer | PDF downloadCSO Online Related content news Bug in EmbedAI can allow poisoned data to sneak into your LLMs The vulnerability can be used to deceive a user into inadvertently uploading and integrating incorrect data into the application’s language model. By Shweta Sharma May 31, 2024 3 mins Generative AI Vulnerabilities news OpenAI accuses Russia, China, Iran, and Israel of misusing its GenAI tools for covert Ops OpenAI’s generative AI tools were used to create and post propaganda content on various geo-political and socio-economic issues across social media platforms, the company said. By Gyana Swain May 31, 2024 4 mins Generative AI news Okta alerts customers against new credential-stuffing attacks Hackers are using credential-stuffing to attack endpoints that are used to support the cross-origin authentication feature. By Shweta Sharma May 31, 2024 4 mins Identity and Access Management Vulnerabilities feature 3 reasons users can’t stop making security mistakes — unless you address them Understanding what’s behind employee security mistakes can help CISOs make meaningful adjustments to their security awareness training strategies. By Ariella Brown May 31, 2024 5 mins Data Breach Risk Management PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe