EH-Net

Ethical Hacking Discussions and Related Certifications => Security => Topic started by: LittleBoy on October 26, 2011, 08:38:34 AM


Title: Change career from programmer to Info Sec
Post by: LittleBoy on October 26, 2011, 08:38:34 AM
hi guys
I have asked this question at a couple of other places but i havent got a satisfactory answer

Im a .NET developer with 4 yrs exp based in mumbai, working at a MNC .Im pretty good as a programmer.

I want to switch my career to Information security.

Im thinking of doing a certification, is it going to help me get a job in this field.
Also is my previous experience be of any use.

What certification should i go for? and what profile would i be offered?. How easy would it be to get a job in this field?

Any advice would be helpful.

Title: Re: Change career from programmer to Info Sec
Post by: 3xban on October 26, 2011, 11:29:14 AM
There are a few areas where programming comes in handy.  Malware analysis and reverse engineering come to mind.  As for your background with .NET development, have you considered focusing in Application security testing or Web App Security?  You may also be interested in exploit development. 

Also Microsoft currently offers enterprises the option to teach their devs about Web Application Security with .NET and ASP.NET.  I don't know if there are any particular certifications associated with it though.

Title: Re: Change career from programmer to Info Sec
Post by: LittleBoy on October 27, 2011, 01:22:43 AM
Thanks for the quick reply
Can you please give me more info on
Exploit development,
Malware analysis and reverse engineering.

Which programming languages i need to know?
Which cert i would require?
Job Opportunities in these areas?

I don't want to work only on any specific set of technology like Microsoft, its very boring and very very easy, no thinking required, everything is provided to you.

which are the other fields in info sec that involves programming?

Title: Re: Change career from programmer to Info Sec
Post by: 3xban on October 27, 2011, 08:17:30 AM
From what I researched myself, Assembly is a big one to know if you want to reverse engineer.  Also knowledge of Python and C is probably helpful as well. 

For Analysis, there are a number of tools available and a nifty book - Malware Analyst's Cookbook (http://www.amazon.com/Malware-Analysts-Cookbook-DVD-Techniques/dp/0470613033)

That will get you started with the analysis portion.  There are also some reverse engineering resources out there too.  I believe we have a forum section for that material as well.  Browse through there. 

As far as Certs, well you can browse the GIAC certs, they have one in particular for reverse engineering - GREM (http://www.giac.org/certification/reverse-engineering-malware-grem), SANS FOR610 is the related course.  You can browse the reference list of the course to get an idea of what you will need to learn.  Also Lenny Zeltser is a good person to follow on Twitter.  He has a decent site as well.

Aside from Malware Analysis and reverse engineering, exploit writing involves programming.  You can review the SANS curriculum (http://www.sans.org/security-training/curriculums/index.php) for APPSEC to see if anything there interests you. 

That should get your started.  You can also do job searches based on the certs to see what the market looks like.


Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com