My employer is putting together a position description for an IT Security Officer. We expect this to be a senior level sys admin with at least some specific security experience. What we are trying to figure out is if we should included any certifications in either the "required" or "desired" qualifications. I'm not particularly interested in general network certifications like a CCNA which touch on security concepts, but if there is some kind of "white-hat hacker school for the gifted" cert, or something in between, I'd love to hear about it.
A little more back ground: our corporate IT environment is MS (currently), so certs in that department would not hurt, but my understanding is that this position is going to be primarily focused on our production systems. Our production stack is primarily MySQL, NFS, and Java on Linux, but we are working on a project that will make the Solaris kernel a key component. We have Juniper SRXs at the edge currently, managed by a third party, but I'm trying to convince my bosses that we should replace them with pfSense managed by internal resources, partly for security reasons. Direct suggestions as well as "me too" comments are appreciated since we are trying to get a feel for concensus. _______________ Alan Johnson a...@datdec.com
_______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/