The value of using standards in IT security hiring

From the employer’s perspective, the process of filling IT free exam papers positions and developing career paths for these employees can be difficult. Organizations are scrambling to put together accurate job descriptions and finding it hard to identify job task needs. Further, IT managers and HR staffers are often unsure how to accurately match the experience, education, and certification of job candidates to openings.

This situation leads to unrealistic and unmet expectations by employers and is equally unsettling for job seekers. Acquiring the correct mix of experience, education, and certification to qualify for security jobs is tough when there are conflicting opinions on what constitutes the correct mix. One gauge managers and would-be security pros can use to measure expertise is a comparison to CompTIA’sSecurity+ Exam Objectives. These objectives can be used to write job descriptions, effectively evaluate candidates, or to create career paths for pros looking to move into a security role.

The central discussion concerned the issue of what constitutes the minimum acceptable level of IT security knowledge for a person to effectively perform an information security role. The consensus of these leaders from the public and private sector was that individuals demonstrating foundational-free Microsoft questions capabilities would understand communications security, infrastructure security, operational/organizational security, basics of cryptography, and have a well rounded knowledge of general security concepts—access control, authentication, attack and malicious code risk reduction, auditing, logging, and system scanning, as well as the nuances of social engineering and the risks associated with it. The group concluded that foundational-security knowledge required, on average, either two years of on-the-job networking experience with some emphasis on security or equivalent classroom and laboratory work.

As the committee steered the development and launch of a new security certification, CompTIA Security+, each of the above subject areas was fleshed out, detailing what constituted foundational knowledge mastery. These details were published and are available today on the CompTIA Web site.

Employers and job seekers now have a public document that lays out the knowledge required to perform foundation-level work in security. This de facto standard is available to everyone—from employers developing job descriptions, to employees preparing themselves for their first or next job in free CompTIA exam papers, to educators developing course objectives.