Jared Manwell

Prof. Phillip L. Nelsen

Business 1010
21 July, 2016
The Network Security Engineer:
With the ever growing stockpile of information being readily available over
personal and business networks, the need to secure this data is as important as the
information itself. Gone are the days of large paper file rooms with clerks managing
and organizing tons of hard copies of data. Gone are the days when all you had to
worry about was securing your file room from onsite break ins. In todays world
information is available everywhere, and theft of your data can come from the other
side of the globe. Corporate information including: research and development, financial
statements, employees and all other proprietary information needs to be secured from
would be hackers. Enterprise networks are big, they need continuity and redundancy,
and most importantly they need to be secured from outside threats. The need for highly
trained professionals is a constant in todays ever changing network infrastructure.
Today more than ever the Network Security Engineer is a necessary ally in the world of
cyber-security.

So what is a Network Security Engineer? Simply put, they are tasked with
securing your network via firewalls, virtual private networks, intrusion detection,
network data control, anti-virus solutions and designing a secure local area network. So
this brings up a few more questions that I will answer in the following pages. What are
the knowledge requirements? How much schooling and experience is needed? How
much do they make? How much of their day does their job take up, and can you be
there for your family other than financially? My need for financial security is great, but
being there for my children is just as important.

Then Ill go over the growing or

shrinking need for this position in the world, as well as some snippets of interviews
with network engineers in the field to round out the real world life of a network security
engineer.
Looking to the future, the network security field is growing and will continue to
grow. According to a 2015 Fortune magazine article CEO Michael Brown warned that
the United States faced an impending shortage of cyber security professionals and
predicted thered be a shortfall by this year. This past June, he updated his forecast,
suggesting that the demand for security professionals could reach six million people
globally by 2019, with nearly 1.5 million new positions that would need to be filled.(1) I
also managed to find the job outlook via the Bureau of Labor Statistic, bls.gov, that gives
more good news for the future of this position. They see the position is projected to

grow 18 percent from 2014 to 2024, much faster than the average for all occupations.(2)
This seems to be pretty close to the par that Ive encountered while researching this
position. And as I continue to study networking and security, it becomes quite clear
that network security isnt something you set up and walk away from. This is
something that needs to be tested and maintained on a daily basis. So it comes as no
surprise that the outlook looks incredibly hopeful for an aspiring IT guy like myself. A
paper published by Sans.org titled Determining the Role of the IA/Security
Engineer(3) had some interesting information as well. In a survey conducted by
surveymonkey.com, 72% of respondents reported that an IA engineer position existed at
their job. 4% reported that they didnt have that position but had plans to create one.
This paper is from 2010 as well, so adding the results of this survey with the
governments projection for the future and Im feeling pretty good about furthering my
education along these lines.
But how much schooling does one need? According to bls.gov, a bachelors
degree is needed to start. Computer Science, software engineering, systems engineering,
information systems are a list of degree fields that they list as well. They go on to list on
average you need 5-10 years of experience and your skill set needs to be quite
impressive. IT support skills, familiar with Unix/Windows, monitoring and securities
systems infrastructure, SPAM control, IDS analysis, Microsoft Office suite, network

operating systems, SQL, LAN, Cisco, laptop and email encryption, ability to identify
phishing attempts, efficiency in detecting computer viruses, knowledge of audit
functions, computer lab systems and security compliance are some key skills. And they
mention the need for some security certifications such as CISSP. From personal
experience Im sure this is just one certification you need to be considered for this
position. Cisco has a handful of other certifications that you would most likely need like
the CISM, or SANS GIAC in your toolbox as well. But this all makes sense, network
security can be complicated. And lets not forget when your pushing at a six figure
salary in any tech field, your bosses want to feel confident in your skills. I wouldnt
want to pay that much for someone who couldnt keep my information data base secure.
Armed with the education needed to work in this field, the goal begins to come
to light. I will absolutely need a bachelors degree, as well as certifications proving my
knowledge has been tested. Building a resume with experience seems to be another
mountain to climb as well. But now I want to hear from those in the field. What did
they do to get their foot in the door? What types of things would they suggest for a
student interested in the field? So I began looking at interviews with those in the
industry. One mentioned the importance of good communication and documentation
skills were mentioned in A day in the Life of an Information Security Professional.(4)
The article goes on to say that his day to day responsibilities consist of reviewing

security architecture and analyzing security scans. This seems to be echoed in another
interview Interview: J. Wolfgang Goerlich, Cyber Security Strategist for Creative
Breakthrough. (5) Mr. Goerlich mentions that listening is a fundamental soft skill,
and that he relies on his technical knowledge and background but that Creativity
comes into play in collaborating with customers and partners to develop solutions. Then
it comes down to communicating the strategy and plan. In sum, my job requires deep
technical skills with broad communication and collaboration skills. What this means
to me is I cant be satisfied working with my electronic friends, maintaining the direct
flow of information all day. I have to network myself. Keeping the lines of
communication open and allowing the ideas and goals to be understood by all parties to
ensure goals and targets are attained. Another common part of the job is teaching, they
say that teaching is one of the most critical aspects of the job. You can have your
network impenetrable, but all it takes is one employee to bypass the measures and let a
threat into the network.
As far as becoming a network Security engineer, the road is long and financially
satisfying. Being able to think on your toes and communicate with employers and coworkers about each others vision for security is key. The ability to teach about phishing
threats and virus laden emails are also important to your overall success. Having a
strong background and knowledge of your field is a must, this is definitely not a career

where you can fake it. Throughout the interviews and articles I havent come across
anyone mentioning that the hours are insane or rigorous so thats a plus as well. But it
does become apparent that the field is ever changing, and what these professionals are
doing now may not be exactly what Im going to be doing years from now. But as
things change, the industry will change as well as the certifications needed. But one
thing has been made abundantly clear in my research, they all love their job. Every
person who was interviewed made mention of the fact that then enjoy their job and the
rewards it gives.

1. "Cyber Security's Ever-growing Brain Drain." Fortune.com. N.p., 9 Sept. 2015.

Web.
2. Bureau of Labor Statistics, U.S. Department of Labor, Occupational Outlook
Handbook, 2016-17 Edition, Information Security Analysts,
on the Internet at http://www.bls.gov/ooh/computer-and-informationtechnology/information-security-analysts.htm .
3. Dutcher, Brian. "Determining the Role of the IA/security Engineer."Www.sans.org. N.p., 15 Mar.
2010. Web.
4. "A Day in the Life of an Information Security Professional." N.p., n.d. Web.
5. "Interview: J. Wolfgang Goerlich, Cyber Security Strategist for Creative Breakthrough." InfoSec
Resources. N.p., n.d. Web.
6. Hamilton, Gillian. "Day in the Life of a Cleared Network Engineer." N.p., 23 Jan. 2015. Web.