Re: researching job of "security auditor"

From: walterbyrd (walterbyrd_at_iname.com)
Date: 12/18/03


Date: 17 Dec 2003 16:33:29 -0800

First, thanks for all the replies.

jwmeritt@aol.com (JWMeritt) wrote in message news:<20031215141326.04265.00000992@mb-m29.aol.com>...
> You realize that there are Certified Information Systems Auditors, right?
> ..........................................................................

Yes. But you have to be IS auditor for several years before you can
even sit for the exam. Also, a CISA is not strictly a *security*
auditor - as I understand it. As I understand it most *systems*
audits are mainly concerned with financials.

I noticed that you both a CISSP and CISA. I realized those are about
the two most highly demanded certs in the industry. But, I don't think
either is specialized to IS security audits. I am thinking about
trying to get a GSNA - a sans/giac cert specialized towards security
audits.

My recent experience has been as a systems administrator with top
secret clearence. I did a lot of security related work, but I have
never been a security specialist. Of course, I am thinking about going
into security, me and every other unemployed systems admin.

btw: sorry in advance if I'm wrong about anything I posted.