Network security self-study notes + job introduction

News 2023-05-05 15:56:53 views: null

I am in this industry. Currently in Hunan, there is no need to talk about the salary, as high as it is.
The advantage of this industry is high wages, and the disadvantage is that you need to keep learning. You have to study hard, not with others, but yourself. I will explain in detail later. This industry is currently divided into several positions, namely
security operation and maintenance , security services, security research

Let’s not talk about operation and maintenance, the nature of the post is relatively single.
Security service post
Security service post is divided into security engineer, security service engineer, penetration test engineer , etc.
Among them, most of the security engineers deal with equipment, similar to network engineers . In the past, they debugged equipment , Debug according to the needs, and then retreat. Most of these positions will recruit some network engineer certificates, such as HCIE, HCIP, etc.
Security service engineer, referred to as security service, is to provide security services, debug equipment according to customer needs, let customers pass the level of protection, and then do some simple vulnerability testing (penetration testing), and do some simple reinforcement, etc., sometimes Do some safety training for customers.
Penetration test engineers , like hackers, do some penetration tests to let customers know what problems they have. Then, before the new business goes online, a penetration test will be done to check for any loopholes.
Waiting for the security assessment is the same as businesses passing the fire protection. There are also levels of network security. If you fail to pass it, you are not in compliance.

Security research
Security research is divided into vulnerability research and rule extraction.
I usually do some vulnerability mining for some software, website building systems , etc., and audit the code to see if there are any loopholes.
Sometimes a relatively new vulnerability is announced in the industry, and someone needs to reproduce it immediately and study the principle of the vulnerability. Then extract this vulnerability rule, also known as a feature, and then tell customers or R&D how to defend against this vulnerability and how to detect it with a firewall.
The rest of the work is relatively detailed, such as binary security, reverse engineering, Trojan horse avoidance, etc.

Of course, there may be some missing, please forgive me. By the way, in my eyes, operation and maintenance is IT security. I am quite envious, but I don’t know why many friends say that operation and maintenance work overtime is serious. . . . .

So what is the future of network security? Roughly from the market size, policy support, employment direction, salary and other aspects to judge.

market size

In the Ministry of Industry and Information Technology's "Three-Year Action Plan for High-Quality Development of the Network Security Industry", it is clearly required that the scale of my country's network security industry will exceed 250 billion yuan by 2023, and the network security industry will maintain a growth rate of more than 25% in the next 10 years. In the future, the scale of my country's network security market will exceed 1.4 trillion yuan.

However, the talents related to my country's network security industry are far behind the development of the scale. According to reports, the gap of my country's network security professionals exceeds 1.4 million.

Policy support

In recent years, China has introduced a series of policies for the cultivation of network security talents, and added a first-level discipline of network security to train network security talents:

In May 2019, the three standards of "Network Security Level Protection Requirements", " Network Security Level Protection Evaluation Requirements " and "Network Security Registration Protection Security Design Requirements" were promulgated, marking the opening of China's security 2.0 era.

On June 1, 2020, the "Network Security Review Measures" was officially implemented, and this incident was selected as the 2020 China's major cybersecurity incident.

On September 1, 2020, the " Data Security Law of the People's Republic of China " was officially implemented, which indicates that the state encourages the reasonable and effective use of data according to the law.

In addition to the legal level, cybersecurity talent training also covers university training, enterprise training, and training institution training, and these are all supported by the state level. The state even actively provides corresponding policies and benefits to encourage cybersecurity talent training.

In just a few years, network security engineers have become a "regular army", and have directly become a national strategic resource, becoming a scarce resource that many companies "will be hard to find".

Employment direction

Excluding some large enterprises and government agencies, the demand for security talents in small and medium-sized enterprises and private enterprises in some non-first-tier cities is gradually increasing, and the number of related positions available to job seekers is also increasing simultaneously. This means that the market demand for the network security industry is very strong, and there are plenty of opportunities and space for development, which is conducive to the influx of network security talents.

Salary

As for the salary issue that job seekers are most concerned about, it can be seen from the " 2019 White Paper on China's Cyber ​​Security and Functional Safety Talents " that the average annual salary of China's cyber security talents in 2019 was 242,900 yuan.

With the expansion of the network security market and the increase in market demand, the salary of network security talents will further increase.

The above introduces the prospect of network security, and the direction below is the information of network security tools

Network security must-install tools comprehensively introduce the basic theory of network security, including reverse, eight-layer network defense, assembly language, white hat web security, cryptography, network security protocols, etc., and closely combine the basic theory with the application practice of mainstream tools. It is helpful for readers to understand the implementation mechanism behind various mainstream tools.

interview questions

Exclusive channels to collect test questions from companies such as JD.com, 360, and Tianrongxin! Entering the big factory is just around the corner!

At the same time, the sections corresponding to each growth route have supporting videos:

Already classified them into categories.

Guess you like

Origin blog.csdn.net/zxcvbnmasdflzl/article/details/130220285
Recommended
Ranking
[Algorithm] greedy _ program scheduling issues
Spring 控制反转(IOC)
Data structure-6.6 figure
Indicates that the class or member method has abstract properties
Huawei v5 server installed Linux operating system
Postgresql source code analysis - creating ordinary tables
Chapter 10 Evaluation Classification Results
Cloud service Ubuntu 20.04 version uses Nginx to deploy static web pages
Java Exercise 17.1
Solve the problem that git cannot automatically push submission in IDEA Push failed: Failed with error: Could not read from remote repository.
Daily
More
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)

Code World

© 2018 codetd.com