Security's Everyman

Security's Everyman

Monday, November 20, 2006

The Big Question

Michael Farnum of The Information Security Place blog wrote a post about the pros and cons of being either a generalist or a specialist when it comes to IT. This is the big question facing most people when they decide on going into IT. I know that for myself I often struggle with this question even after 10 years in IT. Just in case that comment didn't give it away I consider myself a generalist with a strong foundation in Security.

When I first got into IT I considered programming. Then I figured out that I don't think like a programmer. Then I went down the Novell path because that is what my employer wanted. Then I moved into the world of NT and decided that becoming an MCSE and a MCT was the way. The I discovered that there really was a use for all the OSI stuff that I had to learn and realized that some really exciting stuff could be done in the world of Cisco. That's when I discovered security. Ever since then I have focused my energies on Security and learning more and more about how to keep my systems safe and teach others how to do the same.

I guess being an specialist is my desire, but being a generalist has been my lot in IT. As I have gone from place to place I have never really been able to focus solely on security because I've always been with smaller companies. I like that in many ways because it keeps variety in my job, keeps me up on other areas of IT besides security and helps me see how security fits into other areas that I might miss otherwise.

I think that someone coming into IT should spend a few years as a generalist just so they get a good foundation of different technologies and then as they mature focus on where your passion is. If it's programming, security, networking, dba, whatever it is do it with all you have.

1 comment:

LonerVamp said...

Nice post! I got here via Michael Farnum posting about you! :)

I enjoy being a generalist because it lets me get involved with and learn lots of stuff. But I also really want to continue to be a specialist. I want to specialize in security, but even inside that I want to someday specialize every further (vuln assessments, wireless, or pen-testing).

The way I look at it, being a generalist pays my bills. Being a specialist is something I would love to do, but the cards definitely have to fall in the right place for me to be able to pursue that. Until then, I'll keep myself a joat at work and work on my specializing in free time. :)

Creative Commons License
This work is licensed under a Creative Commons Attribution-NC-SA 3.0.