If you are a novice who wants to get started in the network security industry, if you are a college student majoring in network security, if you are a novice looking for a job, then you must read this article carefully. After all, knowing yourself and the enemy will win every battle, and only by knowing the talent needs of the industry can you better exert your own advantages.
When you open recruitment websites such as BOSS Direct Employment and Lagou, you will find in the navigation bar on the homepage that it is difficult to find guidance information for network security positions. If you want to accurately find network security-related positions, you need to search for network security Keywords will do. Compared with the popular Internet, the network security industry is a relatively niche, sophisticated and specialized sector, and there is relatively little information on the Internet for the entire industry and talent needs.
Therefore, if you want to deeply cultivate in this industry, you have to understand the needs of the network security industry in advance, and you need to analyze in detail in terms of talent needs, salary, career selection channels, and technical capabilities.
- Characteristics of Talent Demand
The figure below shows the overall supply and demand changes in the network security industry from 2019 to the first half of 2021. Among them, 2020 was severely affected by the epidemic, and there was a negative growth of -8.48%. However, with the resumption of work and production in the post-epidemic era, Enterprises' demand for network security talents has also increased, with an increase of 39.87% in the first half of 2021.
From the perspective of the distribution of demand for network security talents in various industries, the IT information technology industry has the largest demand, followed by the Internet industry, and the combined proportion of the two has reached more than 70%. The reason is that IT information technology and the Internet industry are deeply dependent on computers, mobile communication equipment, network infrastructure and so on.
From a geographical point of view, most of the jobs in the network security industry are located in first-tier cities such as Beijing, Shanghai, and Guangzhou. The top five cities in demand for cyber security talents in 2021 are Beijing, Shenzhen, Hangzhou, Shanghai and Chengdu. Among them, the demand for network security talents in Beijing and Shenzhen is far ahead of other cities. This is also a reference for friends who are planning to find a job. The employment pressure in cities with high demand for jobs will be much lower, and development opportunities will also increase.
- Salary and treatment
The salary level is generally the most concerned issue for practitioners. They also have to go to work. Who doesn't want to get a high salary? According to data, the salary level of the network security industry has been growing steadily. In the first half of 2021, the average recruitment salary in the network security field reached 22,387 yuan/month. Different positions have different salary levels. Technical posts and product posts have higher salary levels than other posts due to higher requirements for job capabilities in various aspects. The main reason why the average salary level of the cyber security industry is higher than that of many other industries is that most companies hope to recruit experienced and skilled talents. Of course, the main reason is that we are currently in an environment where network security talents are scarce. If companies want to recruit suitable talents, they must show their advantages in salary and benefits.
- Summary of career selection channels
The career selection channels for cyber security practitioners are nothing more than friend recommendations, recruitment websites, employer applications, and job fairs. However, more than half of the practitioners in the network security industry find suitable jobs through friends' recommendations and exchanges, and applications to employers. It can also be seen from the career selection channels that the network security industry is quite different from the traditional Internet. The network security industry has a relatively strong "circle culture", so it relies heavily on the network of contacts.
- Enterprise needs and capacity enhancement
With the rapid development of Internet technologies, the challenges in the field of network security are becoming more and more complex, and the requirements of enterprises for the capabilities of network security practitioners are also increasing. When recruiting, enterprises tend to look for network security talents with rich work experience, solid technical foundation, strong practical and communication skills, and a certain ability to withstand pressure. Relatively speaking, academic diplomas and competition experience are not particularly important for employers ability traits. The huge shortage of security professionals, high requirements for practical capabilities, and strong technical pertinence make the network security industry not so strict in terms of academic qualifications. College graduates with outstanding skills and high comprehensive quality can also find a good job.
From the perspective of ability improvement methods, about 60% of network security practitioners improve themselves by actively undertaking and following up projects, continuously taking the initiative to study and research, and participating in various research and social trainings after work. Skill level and overall quality. In addition, some practitioners will enrich themselves by participating in two safety competitions and going to school to learn.
- some advices
Compared with ordinary practitioners, network security practitioners work less overtime, have less employment pressure and competition pressure, and do not pay special attention to academic qualifications. As long as the technology is strong enough, the salary of a junior college can also be higher than that of a master’s degree. At the same time, you can go to The major SRCs dig holes to earn some pocket money. But compared to ordinary programmers, network security practitioners need to rely more on experience and experience, and need to endure loneliness.
Moreover, learning network security is actually not that simple. The learning courses on the Internet are incomplete, and it is difficult to find free and reliable ones; paid courses are more likely to be tricks, and the learning period is boring and difficult to have a sense of accomplishment. . Only by finding a reliable and interesting learning base like ours can you better enter the network security industry.
The following is a more reliable network security learning roadmap, if you are a zero-based novice who wants to get started, you can refer to it.
Web security-related concepts
Familiar with basic concepts (SQL injection, upload, XSS, CSRF, one-word Trojan horse, etc.).
Google/SecWiki through keywords (SQL injection, upload, XSS, CSRF, one-word Trojan horse, etc.);
Read "Mastering Script Hackers", although it is very old and has errors, it is still possible to get started;
Watch some infiltration notes/videos to understand the whole process of actual infiltration, you can Google (infiltration notes, infiltration process, intrusion process, etc.);
Familiar with penetration-related tools
Familiar with the use of AWVS, sqlmap, Burp, nessus, chopper, nmap, Appscan and other related tools.
To understand the purpose and usage scenarios of such tools, first use the software name Google/SecWiki;
Download the backdoor-free versions of these software for installation;
Learn and use, specific teaching materials can be searched on SecWiki , for example: Brup's tutorial , sqlmap ;
Once you have learned these commonly used software, you can install Sonic Start to make a penetration toolbox;
Infiltration Operations
Master the entire stage of infiltration and be able to infiltrate small sites independently.
Look for infiltration videos on the Internet to watch and think about the ideas and principles, keywords (infiltration, SQL injection videos, file upload intrusion, database backup, dedecms exploits, etc.);
Find a site/build a test environment for testing by yourself, remember to hide yourself;
Thinking about penetration is mainly divided into several stages, and what work needs to be done in each stage, such as this: PTES Penetration Testing Execution Standards ;
Study the types of SQL injection, injection principles, and manual injection techniques;
Study the principle of file upload, how to truncate, double suffix deception (IIS, PHP), analysis vulnerability exploitation (IIS, Nignix, Apache), etc., refer to: upload attack framework ;
Study the principles and types of XSS formation, the specific learning method can be Google/SecWiki, you can refer to: XSS ;
To study the method and specific use of Windows/Linux privilege escalation, you can refer to: privilege escalation ;
You can refer to: Open Source Penetration Testing Vulnerable Systems ;
Follow the security circle dynamics
Follow the latest vulnerabilities, security incidents and technical articles in the security circle.
Browse daily security technology articles/events through SecWiki ;
Pay attention to practitioners in the security circle through Weibo/twitter (if you encounter a big cow’s attention or a friend’s decisive attention), take time to check it every day;
Subscribe to domestic and foreign security technology blogs through feedly/fresh fruit (not limited to domestic, usually pay more attention to accumulation), if you don't have a feed, you can look at aggregation column of SecWiki ;
Cultivate the habit of actively submitting security technical articles to link to SecWiki every day for accumulation;
Pay more attention to the latest list of vulnerabilities, and recommend a few: exploit-db , CVE Chinese library , Wooyun , etc., and practice when encountering public vulnerabilities.
Follow the topics or videos of domestic and international security conferences, and recommend SecWiki-Conference .
Familiar with Windows/Kali Linux,
learn Windows/Kali Linux basic commands and common tools;
Familiar with common cmd commands under Windows, such as: ipconfig, nslookup, tracert, net, tasklist, taskkill, etc.;
Familiar with common commands under Linux, such as: ifconfig, ls, cp, mv, vi, wget, service, sudo, etc.;
Familiar with common tools under Kali Linux system, you can refer to SecWiki , "Web Penetration Testing with Kali Linux", "Hacking with Kali", etc.;
If you are familiar with the metasploit tool, you can refer to SecWiki , "Metasploit Penetration Testing Guide".
Server security configuration
Learn about server environment configuration, and be able to discover security problems in the configuration through thinking.
For IIS configuration in Windows2003/2008 environment, pay special attention to configuration security and operation permissions, you can refer to: SecWiki-Configuration ;
The security configuration of LAMP in the Linux environment mainly considers the operation permission, cross-directory, folder permission, etc., you can refer to: SecWiki-Configuration ;
Remote system reinforcement, restrict user name and password login, and restrict ports through iptables;
Configure software Waf to strengthen system security, configure mod_security and other systems on the server, see SecWiki- ModSecurity ;
The Nessus software is used to perform security detection on the configuration environment and discover unknown security threats.
Script programming learning
Choose one of the scripting languages Perl/Python/PHP/Go/Java to learn programming of commonly used libraries.
Build a development environment and choose an IDE. The PHP environment recommends Wamp and XAMPP . The IDE strongly recommends Sublime . Some Sublime skills: SecWiki-Sublime ;
Python programming learning, learning content includes: grammar, regularization, files, network, multi-threading and other common libraries, recommend "Python Core Programming", don't read it;
Write the exploit of the vulnerability in Python, and then write a simple web crawler, see SecWiki-crawler , video ;
Learn PHP basic grammar and write a simple blog system, see "PHP and MySQL Programming (4th Edition)", video ;
Familiar with the MVC architecture, and try to learn a PHP framework or Python framework (optional);
To understand the layout or CSS of Bootstrap, you can refer to: SecWiki- Bootstrap ;
Source Code Audit and Vulnerability Analysis
It can independently analyze script source code programs and find security problems.
Familiar with the dynamic and static methods of source code audit, and know how to analyze the program, see SecWiki-Audit ;
Find and analyze the vulnerabilities of open source programs from Wooyun and try to analyze them yourself;
Understand the causes of Web vulnerabilities, and then search and analyze them through keywords, see SecWiki-Code Auditing , Advanced PHP Application Vulnerability Auditing Technology ;
Study the formation principles of web vulnerabilities and how to avoid such vulnerabilities from the source code level, and organize them into a checklist.
Security system design and development
Able to establish their own security system and put forward some security suggestions or system architecture.
Develop some practical security gadgets and open source to reflect personal strength;
Establish your own security system and have your own understanding and opinions on company security;
Propose or join the architecture or development of large security systems;