With increasing threats from hackers and cracks in the security of data available online, information security analysts are a busy lot! Meet Amit Vilas Shahane who is currently working with Rage Frameworks/CreditPointe, an organization that provides services in relation to Wealth Management Performance Analytics, Business Banking, Intelligent Business Process Automation, Real Time Supplier Risk Monitoring, Continuous Credit risk Assessment etc.
Original Link :
What is your current position, career focus and total years of experience?
I am working as Senior Information Security Analyst for more than 2 years with Rage Frameworks/CreditPointe. Information security analysts are valued for their ability to protect an organization’s data and information from cyber-attacks. I have been working in the same domain for more than 5 years. I would like to gain more experience and success in the same area. In the initial years of my career I was associated with many good organization such as SonicWALL, Symantec, SSP UK etc.
How did you get started in such an offbeat, unconventional and unusual career? What motivated you to get into this career?
As per my primary interest, I opted to study Computer Science and decided to pursue a B.E. In the third year of engineering, I attended a seminar on hacking by very young hacker in India. After that, I was motivated to select a career in cyber security after realizing how interesting and challenging this field was. I did some research about the same and by the end of my 4th year in college, I had decided to make my career in information security.
What is this career like?
Cyber security is quite an interesting career option. An information security analyst is responsible for protecting all sensitive information within a company. He/ she is responsible for ensuring that all networks have adequate security to prevent unauthorized access.In order to perform these responsibilities effectively, the information security analyst should have in-depth knowledge about every aspect of information security within the company. His main job is to analyze the security measures of a company and determine how effective they are. The security analyst is also responsible for creating documentation to help the company in case there are any breaches.
Cyber-attacks have been on the rise around the globe, with hackers and other criminals targeting businesses – large and small to steal valuable information or bring computer networks to a halt. As a result, the organizations are becoming cautious and have hired separate teams for information security. This profile has immense scope in the upcoming days.
What is a normal work day in the life of an information security analyst?
This question is difficult to answer. My schedule is quite flexible. Normally my day starts with checking mails and scheduling meetings accordingly. Some specific job responsibilities include allotting tasks to juniors, responding to queries raised by users, looking for the report prepared by the team, monitoring everything to spot unusual activities and addressing them as required. I conduct InfoSec awareness training weekly as part of the induction process. In between, I have to keep myself updated with the latest InfoSec related news and forums.
How was your journey from your first job till the current one? Where do you see yourself 5-10 years from now?
I started my career as a Product Support Engineer in SonicWALL, working in shifts and handling customers globally. I joined Symantec after that as Product Support Analyst and worked in all shifts. The work was quite challenging which improved my technical skills and took them up to a good level. I was always passionate about pursuing a Masters in Cyber Security abroad. I had very great time in UK while pursuing Masters, learning a lot about my chosen field as well as about life, in general. Once back in India, I got an opportunity in CreditPointe as Sr. Information Security Analyst. So overall my job experience till now has been awesome.
After 5-10 years I see myself as a CEO of my own cyber security organization which will work mainly in cyber forensics investigations.
What specialized training and education did you choose to succeed in this field? What inspired you to build the skills?
While pursuing B.E., I was motivated to develop my career in information security. After B.E., I did a CCNA certification which helped me a lot in getting my first job in Network Security. After gaining some years of work experience, I decided to opt for Masters in Information Security and Forensics and for that I quit my job in Symantec. I pursued my masters from the University of Bedfordshire, U.K. which really helped me to succeed in this field. Recently in 2014, I completed a CEH (Certified Ethical Hacker) certification from EC-Council.
My ambition and passion to become successful have been inspiring me to build these skills. I still have a long way to go ahead.
Which skills have you found most helpful, and which ones will be most important in the future?
According to me, soft skills or Emotional Intelligence (EQ) such as being self-aware, having the social skills to interact well and empathize with others is as important as technical expertise.
Both technical and communication skills together will help us in delivering the objectives. People with good technical skills but inefficient communication skills, don’t interact well with clients or vendors. Making it difficult to survive in the technical domain in the long run.
What have been your best experiences and challenges while working in this field?
My experience till now has been very exciting and thrilling. I have learnt a lot and met some of the best people in this field which has motivated me to boost my career in a positive way.
What recommendation would you give to prospective students who want to advance in this field? What education & skills do they need to focus on, over others?
Information Security is a very interesting and challenging field. In order to enter this field, you will need technical expertise. Similarly, various certifications such as Security+, CEH, ISO 27001 etc. can be done in order to advance in this field. If you are from an IT background then it will be easy to enter this field. If not, then I would personally suggest you to go for a CEH (Certified Ethical Hackers) certification first. It will provide you with an opportunity as a beginner in this field. If you are hardworking and passionate, you can grow in this field.
Do you have any other ‘words of wisdom’ that you would like to pass on?
Someone wise once said, “On the path to success always lie big Os. Some read them as Obstacles, and others read them as Opportunities”. So always carry a positive attitude.
Always remember, you have within you the strength, the patience and the passion to reach for the stars to change the world. Our mind gets affected by external entities. There is only one way to fail and that is to quit. So do your SWOT analysis and work hard.