As we start the new year out with all our resolutions … maybe one of your goals is to get a better job. Well earlier this month I came across an article that may provide some insight into some of the “hot jobs” for 2012 and beyond. As originally posted by GovInfoSecurity.com based on a study by Dice.com, they found the following jobs to be the ones to focus on.

• Security Analyst
• Security Architect
• Application Security
• Security Engineer
• Network Security

In our general demographic (i.e., DC in the government sector) the biggest opportunities seem to be as Security Analysts, Security Engineers, and Network Security pros. If you’re looking for the biggest paycheck, although not as much fun, and are a bit more seasoned go for Security Architect positions. Also I found it strange that forensics wasn’t mentioned anywhere. GovInfoSecurity.com previously discussed how forensics was THE field to get into. We pointed out some of these posts here and here.

It’s nice to have a study like this one that points out where the biggest opportunities may be however my overall advice is still to find a job you love. At least maybe this list will give you some starting points as you navigate through your career to discover that love.

via GovInfoSecurity.com

Information security is one of those rare fields – it has more job openings than people to fill them. Dice.com, the largest IT job site, confirms this job growth and indicates a 79 percent increase in the total number of information security jobs posted on the site from September 2009 to September 2011.

Based on a review of job postings, here are the five hottest jobs for information security pros in 2012…

Continued here.

#####

Have any other suggestions for jobs to focus on in 2012? Let us know in the comments below. Today’s post image is from GovInfoSecurity.com.

This position over at Technica looks like a great opportunity for any of the more seasoned among us. It requires a masters, 5 years experience, and someone that really knows how to reverse engineer malware. And I can tell this manager knows how to hire the right kind of people … “Required Technical Certifications: None Required“.

Department: Direct Services

Category: Information Assurance/Security

Clearance Level: DoD Secret

Years of Experience: 5 YRS

Education: Masters Degree

Company Description

Technica is an innovative provider of high quality information technology solutions, process engineering and information assurance expertise. Our award winning teams focus on building strong customer relationships to ensure the absolute best solutions to difficult challenges. We have a well established track record of success and are experiencing double digit growth, primarily in the federal sector. Consider joining our team if you have true commitment to excellence, along with the desire to perform and compete at a world class level. Welcome!

Description

Serves as subject matter expert with in-depth experience in intrusion analysis, threat detection, hacking tools and techniques, forensic analysis, mobile security, reverse engineering of malware, honeypots, and Unix & Windows operating systems.

Programming experience a definitely plus. Experience with IDA Pro,OllyDbg, Ruby, Python, Perl.

Masters Degree with minimum 5 years cyber experience preferred.

Required Technical Certifications: None Required

Travel Requirements: No Travel

Find out more details and how to apply over at Technica’s Career site.

#####

If your organization is interested in posting their career opportunities here, head on over to our Job Board page for all the details. Today’s post image is from TechnicaCorp.com.

For the past few years forensics has been a very strong field in which to develop an infosec career. The new curve though comes with the proliferation of “cloud.” As more and more organizations migrate services into the cloud, forensics in these challenging environments has created another “hot” specialization in which to ponder a potential career move.

For those that are interested in getting a foothold into this high-demand niche, I read a good interview with Rob Lee yesterday that stressed five skills you need to posses in order to help you become one of the chosen few.

• Upstream Intelligence: Understanding data from upstream providers (e.g., ISPs)
• Legal Skills: Knowing when data can and connot be requested
• Technical Background: Changing your perspective from static to dynamic data analysis
• Soft Skills: Knowing how to convince others that they need to help you
• Collaborative Skills: Working well with other groups in order to understand the big picture

The article concludes with a section on salary and career scope. Although the average forensic examiner brings in a measly $81K a year, those that focus in on specialties like cloud can command over six figures.

Not interested in forensics … regardless if it’s in the cloud or not? There’s always other opportunities to find hot jobs. And a 0% unemployment rate in our field really ups the odds of finding that satisfying position.

via GovInfoSecurity.com

When it comes to collecting forensic evidence from cloud providers and determining whether a data breach has occurred, what used to take two weeks now takes a month for Greg Thompson, vice president of enterprise security services at Scotia Bank.

“Often we find it is a challenge to get sufficient forensic data from the cloud to prove the event or action did occur,” says Thompson, who oversees the forensics team at Scotia bank, the third largest bank in Canada.

Specifically, he finds the move to cloud services more challenging for forensic practitioners than the traditional methods of acquisition of evidence in pursuing an investigation. In addition to not having access to a full suite of forensic data, including net flows, log files and hard drive images in a cloud environment, now there also is a strong dependency on a third party whose system settings and administration may differ. “This often stretches the time-frame needed to make conclusions on a case, as we have to deal with legal implications and inconsistencies in how data is overall collected and maintained.”

Continued here.

#####

Today’s post image is from LightHouseDT.com. See ya!

The forensics field is hot right now … tons of demand but a very limited quantity of qualified people. You think this is a field you’d like to get into? Well, the folks over at GovInfoSecurity put out a nice article last week for those that are interested. It features five skills you need to get started.

via GovInfoSecurity.com

It appeared to be a classic case of embezzlement. Jean-François Legault, a lead fraud examiner at Deloitte, was investigating a client case, and he knew that an executive was hiding corporate funds. But he didn’t know where the money was going.

In a traditional fraud investigation, there would have been a lot of interviewing and reviewing of documents. However, in this case, Legault and his team simply seized the suspect’s computer. Then, using forensics analysis to review the hard drive, Legault’s team followed the data trail on e-mails and documents and were able to see accesses to online bank accounts and bank statements. Further analysis of the digital evidence led the investigators to the amounts that were being transferred out from the company which matched them perfectly with the amount in the executive’s bank statements.

This case illustrates exactly how fraud – and the fraud examiner’s role – have evolved.

“Our role is changing in the fact that we see fraud being perpetrated in a new manner everyday via malicious software, banking trojans and online theft,” says Legault, senior manager, Forensics & Dispute Services at Deloitte. “Technology is acting as an enabler for both the fraudster and investigator. As the fraudster uses technology to commit fraud, they leave a trail of bread crumbs on the computer they used, that we can, in fact, recover and follow.”

Continued here.

Just a quick reminder that the Computer Forensics Show Infosec Conference event starts tomorrow, February 4th. See our original post for more information. View our Calendar for a complete list of infosec events in and around the NoVA area.

When describing the importance of the upcoming Computer Forensics Show Conference, enewschannels.com writes: “for some companies, it is not a question of if one of their computers will be used as evidence in a legal matter, it is a question of when.”

Due to the increasing use of computers to carry out crimes, the February Computer Forensics Show Conference taking place in Washington, DC, seeks to inform Lawyers, infosec Professionals, and Accountants about the importance of Computer Forensics in their respective industries.

Why is this especially relevant to those in the infosec field? According to the Conference’s website “the rate of fraud, abuse and criminal activity on IT systems by hackers, private contractors and even employees is increasing exponentially” making the need to be educated about Computer Forensics a necessity, not an option for those in the infosec industry.

With two separate Conference Tracks open to IT and infosec professionals—a General IT Security Track and an Advanced IT Security Track—the Conference has a wide variety of respected speakers, including Richard P. Mislan—of Purdue University and CERIAS—Jeremy Wunsch of LuciData, Inc., and Craig Labovitz, of Arbor Networks.

Labovitz will give a presentation entitled “Global Internet Darknet Analysis & Techniques,” Wunsch a presentation covering “Internal Threat Management,” and Mislan will give a highly anticipated presentation on “Mobile Device Forensics.”

Want more details? Check out the breakdown of the Conference below.

• Who: Richard P. Mislan – Purdue University and CERIAS – Jeremy Wunsch of LuciData, Inc., and
  Craig Labovitz, of Arbor Networks.
• What: Computer Forensics Show Conference
• When: 02/04 – 02/06/2009
• Where: Washington DC Convention Center (801 Mount Vernon Place NW Washington, DC 20001)

For more information on the Computer Forensics Show Conference, see its description in our Infosec Conferences section. View our Calendar for a list of similar infosec events in and around the NoVA area. Learn more about the Computer Forensics Show Conference by visiting the Conference’s website.

Here is some information regarding this week’s Tuesday ISSA – DC Chapter infosec meetup event. This talk looks great. You even get a copy of the bootable USB software used during the demonstration. Of course if it comes on a USB stick, I’d be leery about putting into a non-test computer. If anyone happens to make it to this talk, I’d be curious to know the name of the bootable forensics Linux distro used.

• Who: Inno Eroraha, NetSecurity Corporation
• What: Computer Forensics Jujitsu
  • A cyber crime has been committed. The computer used has been identified and is still up and running. The user (“suspect”), “Natalie Kampbell,” is claiming that a malware on the system must have downloaded the illicit pornography onto the computer on her behalf. You have been recruited as the forensics professional to conduct this investigation involving Ms. Kampbell, who was still sitting at her computer when the investigators showed up at the doorstep. What steps would you take to find reasonable evidence? The above scenario is too common today. This presentation walks through the steps that a first responder can execute to produce necessary forensics artifacts that can withstand legal scrutiny of opposing counsel, using just a USB boot disk loaded with forensics tools.
• When: 9/16, 6:30 – 8:00 PM EST
• Where: Radio Free Asia (2025 M Street NW; Washington, DC 20036; in the first floor conference room)

For more information on the ISSA – DC Chapter, see its description in our NoVA Meetups section. View our Calendar for a complete list of infosec events in and around the NoVA area. Here is a link to the page with information on this meetup.

Here is some information regarding this week’s Wednesday ISSA – Baltimore Chapter infosec meetup event.

• Who: Ron Gula, Tenable Security
• What: Forensics
  • Ron Gula will discuss the use of network data, log data, system configuration data and other types of information to identify incidents and perform forensic investigations.
• When: 8/27, 4:30 – 6:30 PM EDT
• Where: SPARTA (7110 Samuel Morse Dr., 2nd Floor; Columbia, MD 21046)

For more information on the ISSA – Baltimore Chapter, see its description in our NoVA Meetups section. See our Calendar for a complete list of infosec events in and around the NoVA area. Here is a link to the page with information on this meetup.

The NoVA Sec infosec meetup event back in April featured Aaron Walters discussing memory forensics. I’m not much of a forensics person at this point and so much of the information was over my head. Richard Bejtlich however has recently posted his notes from this session for those interested. See our original post for more information.

Here is some information regarding this week’s Thursday NoVA Sec infosec meetup event. This looks to be an excellent follow-up to Scott Moulton’s “Flash Drives & Solid State Drives Data Recovery Comparison to Hard Drives: Animated” talk during this year’s ShmooCon on Saturday.

• Who: Aaron Walters
• What: Memory Forensics
• When: 4/24, 7:30 PM EST
• Where: Fishnet Security (13454 Sunrise Valley Dr. Suite 230; Herndon, VA 20171; 703-793-1440)

For more information on NoVA Sec, see its description in our NoVA Meetups section. Here is a link to the post about this meetup.