How to secure an information security job


Rexanne Gali, Principal Consultant of the Technology division shares her advice on how to secure an information security job.





There has been a growing interest in information security lately, especially in relation to finding information security jobs. Jobs in the information security space are in high demand, with the trend being expected to continue for the next three to four years. That is why it is no surprise that more and more people want to get into information security. Some are ahead of the pack and are well positioned while others are just about to embark on a career shift.

Many things have been written about how to get a job in information security. I’ve read through some of these materials and thought of finding the common points on how one gets hired based on my own experience as an IT recruitment specialist in information security.  

1. Strong Fundamentals. One must first have the knowledge and experience managing servers, networks/cloud services, firewalls and doing some development such as scripting in order to gain the necessary experience and skills to be able to start a career in information security. For some it can also be an advantage if one learns how to program using Python, JavaScript, C or Assembler.

2. Be Specialised. If one is keen to pursue a career in information security, it’s important to focus your efforts and energy in one area of information security and then build your expertise from there. The areas that you can specialise on can be Security engineering, or defensive security, security auditing, information assurance / incident response, application security, etc. 

3. Get Certified. Certifications can definitely make a candidate desirable to many hiring leaders. There is great value in getting certified because as a beginner it gives you a better understanding of the basics and as you progress in your career you can take more advanced certifications to further enhance your capability. Recommended certifications include Network+, Security+, CEH, CISSP, CISA/CISM, and SANS (GSEC/GPEN/GWAPT).

4. Practice Makes Perfect. Setting up a hands-on security lab can definitely help enhance one’s craft. It is a great venue to be able to work on projects to try different tools, make them work for you and in the process learn more.

5. Community Life. Get involved in the community and talk to many information security professionals. You can list down cyber leaders to follow online and also global hacker groups. You can also attend conferences or be part of an organisation that can help build your network in the information security community.

6. Know the Business. Although technical capability is important, it will be good if one also has an understanding of the needs of the business. Try to gain business skills that will help you understand the impact of your work to the business and see how else you can add value.  

Pursuing a career in information security can be quite a daunting task especially for those who are looking to have a career change. If you are all set to take that leap of faith, now is the best time to take action. Take the time to talk to mentors or consult experts who can share their knowledge about the industry and about the market. They can give you first-hand information on what’s happening in the market and also advice you before you take that next step.  

For more customised recruitment consultation, please contact Rexanne Gali at +63 2 841 9312 or email


Check your salary 


Negotiate your salary 


Sign up for
job alerts 


Find out what
you're worth 


View our webinars 


Latest jobs in the Philippines