In recent years, information network security has aroused widespread concern from all walks of life, and more and more network security talents are favored by major companies. The following is how I organized to become a network security engineer. Welcome to read!
With the development of Internet and the popularization of IT technology, network and IT have increasingly penetrated into daily life and work. Social informatization and information networking have broken through the barriers of information application in time and space, and the value of information has been continuously improved. At the same time, however, information security incidents such as webpage tampering, computer virus, illegal system intrusion, data leakage, website fraud, service paralysis, and illegal exploitation of loopholes have occurred from time to time.
Basic qualities of qualified engineers
Network security engineers are usually divided into pre-sales and after-sales categories. The pre-sales engineer is mainly responsible for the technical work in the pre-sales stage, such as user communication, proposal design and tender writing. After-sales engineers are mainly responsible for equipment installation and debugging, system testing, technical documents and other after-sales work. The division between pre-sales and after-sales engineers is not absolute. Sometimes an engineer has to do both pre-sales and after-sales work in a project.
A qualified network security engineer should generally have the following qualities:
Mastering the basic theory of computer and network, only mastering the theory and technology can we design and plan a network environment correctly and reasonably.
Proficient in network equipment debugging technology, hacker attack and defense technology, information security technology, data analysis technology. These skills are necessary for network security engineers.
Proficient in the design of network management platform and network security solutions. Being able to design the corresponding network system and application system is an important symbol for engineers to master their skills.
Good oral and writing skills. Writing ability and eloquence are important basic qualities in all stages of network security implementation, such as user communication, scheme and tender writing, tender presentation and answering questions, user training, and completion document writing.
Computer English level is high. In network security, English can be seen everywhere, and it is one of the main languages in product introduction, product configuration and quotation, product technical documents, training and other materials. The more high-end products, the more common English is used. Sometimes English listening and speaking skills are needed, and English writing skills will be tested in international bidding projects.
Good interpersonal communication skills and ability to cooperate with others. Network security is a systematic project, which needs the cooperation of many people. Communication and cooperation with colleagues, suppliers, users, manufacturers and construction teams are essential. A network security engineer should be a person who is good at communicating with people and establishing good relations with them.
Able to solve problems on the spot under pressure. The technical work of network security is often tense and busy, especially when users encounter technical problems in on-site installation and debugging or after-sales fault maintenance. There are few resources available at the scene, the call support is inconvenient, and the eyes from users are more. This environment is a comprehensive test of engineers' IQ, EQ, technical level and debugging experience.
Extensive knowledge. Network security involves a wide range, and engineers should be versatile and proficient in technology in order to communicate with users easily and avoid the embarrassing situation that we are at a loss when the user topic deviates from the project theme.
Honest and trustworthy, doing things first.
All promises to customers should be earnestly fulfilled. Only by doing things well first can we work easily!
Refining the highlights of products and showing your technical advantages are the basic skills of technicians.
good to great
If you want to be an excellent network security engineer, you must work hard in the above aspects. But in addition to these basic qualities, from my experience, there are still some things that need special attention.
Seriously study the basic theory, but pay more attention to technology and products.
Learning theory can prove the basis of technology, and the clarity of theory is conducive to clear thinking in practical work. Technology and products are closer to the requirements of network security practice. In the final analysis, a network security project is to choose the right product, realize the corresponding technology and function on the product, and finally meet the relevant needs of users. A person who is proficient in theory but not familiar with technology and products cannot become a qualified network security engineer.
Engineers should pay more attention to technical trends and new product information and organize them into corresponding words for later use.
Analyze more successful cases and conduct more on-site debugging.
Engineers who are new to the network security industry will not have too many cases, let alone the opportunity to undertake large-scale comprehensive projects. At this time, they should pay attention to learning other people's successful cases, learn technology and skills from case analysis, master design ideas, and be familiar with related products and their prices.
On the other hand, we must strive for more opportunities to go to the user's site for installation and debugging, and combine the special tests in the company's network to improve the technical level as soon as possible and improve the ability to solve problems under pressure.
The combination of scheme design and installation and debugging promotes the improvement of their skills.
Pay attention to improving writing ability, oral ability and quick response ability. In the practice of network security projects, we should consciously improve our writing ability, oral ability and quick response ability. The importance of writing ability and speaking ability has been introduced above. Quick response ability refers to the ability to quickly understand the meaning of the questions raised by the other party and give corresponding answers immediately. This ability is very important in the process of user communication and bidding. The purpose of communicating with customers is not to give a technical speech. It's important to let customers talk, so give yourself a chance to listen.
The writing scheme should have its own characteristics, and the template is not a scheme! Writing technical proposal is the basic job of pre-sales engineer. Often working overtime all night is to write this proposal. It seems that the bigger the company, the thicker the proposal. I have seen some of them reaching thousands of pages, but I am not sure how many "rich" technical proposals customers can read.
General companies have certain templates for writing technical proposals, which are easy to apply. Otherwise, it is not easy for engineers to write hundreds of pages of articles in a few days. Templates are mostly the following routines, some of which are like stereotyped writing:
1, customer status description.
2. Description of customer requirements (problems to be solved in the scheme).
3. Basis of scheme design (theory, regulations, standards, models, etc.). ).
4. Overall design of the scheme.
5. Detailed design of the scheme.
6. The scheme includes a list of software and hardware.
7. Business analysis of scheme construction (optional).
8. Technical parameters and descriptions of the products involved.
9. Company profile.
Among them, customers are most concerned about the fourth and sixth parts, so many engineers try their best to save trouble, and most of the other parts are plagiarism. In fact, the first, second and seventh parts are about your understanding of the customer's business, which is the key part of whether the solution you make is suitable for the customer's needs, and it is also the place where the customer can really understand your solution to attract him.
I have encountered such a thing. One of our old customers, who buys network security products again, needs us to submit a proposal for budget application. During the communication, the customer said, "You don't have to write your suggestion. I know all the basic models, that is, I will say those safety models. Finally, will I make a list of equipment, or should I implement it so that I can buy more equipment? Ha ha! The plans written by your engineers are basically the same. " Our leader has watched it n times ... "
"Our company's security solution template is like this, and there has been no big change. This time, it's not that engineers are lazy to change their ways. Many salespeople ask pre-sales engineers to hand in a plan one day, and it can't be done without such "similarity". Over time, many engineers have become accustomed to this "garbage" plan.
Because this customer has been working with us for a long time, and we know their business better, so this time we have made great efforts to analyze their business problems, focusing on the security threats that the customer's business is currently facing and the expected analysis of the protection effect of this scheme. Of course, these need to be written by yourself, and there are few templates to refer to. The customer accidentally saw it and said, "We didn't even think clearly about the problems in our business. It seems that this safety planning is too worthwhile ... "
Because this scheme meets the needs of customers, it was quickly approved and entered the bidding stage. Of course, our scheme has the best applicability and the project is very smooth.
In fact, such things are often encountered by pre-sales engineers. The role of templates is to avoid omissions when writing solutions, rather than simply applying them. Most IT technology solutions are aimed at solving customers' business problems, because IT equipment is the supporting system of customers' business, which has no "influence" on customers' business and is of no value to customers. Just from the perspective of promoting the "speed-up" of customers' business, your solution is what customers need, and IT is to really help customers transform IT service departments from cost centers to profit centers. Actually, service is valuable, and service is also an IT product.
Pay more attention to the knowledge, technology, products and information related to network security.
Just as we should avoid studying hard at school, we should also avoid falling into network security and being short-sighted. Extensive knowledge is also the need of network security projects. All information related to information technology, including knowledge, technology and product information, should enter our field of vision and become the object of understanding.
Getting involved in a wide range of information does not require mastering the knowledge and technology you are exposed to, but mostly focuses on understanding, and you can learn further when you use it in the future. Extensive information can also help us find new topics, expand communication space and establish a better technical image when communicating with users.
Help your colleagues and you will feel happy at work.
Engineers are part of the sales team, and the other part is of course the sales staff. It is acceptable for the whole team to work together for the same goal, but as a team, it is also important to have the same working habits and methods. Knowing your partner's habits and working together will "get the message."
Salespeople also have their own "difficulties". Engineers should not only solve the technical problems in the sales process, but also cooperate with the sales. In order to cooperate better, they should understand the characteristics and specific needs of salespeople. Of course, salespeople are generally better at communicating with people, which is more helpful to technicians, especially in dealing with people. As we all know, technical communication ability is very important for an engineer. We have been saying that only by understanding the customer's needs and thinking from the customer's point of view can we make a plan that truly meets the customer's needs. So shouldn't you spend more time getting to know your work partners?
Those things outside of technology.
Besides improving your professional skills, you can't help but think about many other things, such as how to improve your overall quality, such as future career development.
Plan well, don't follow your heart! Plan according to your ideal decision. Carefully arrange your own trajectory. From which industry to start, gradually understand this industry, don't change jobs frequently, especially for a little salary. In the long run, this money is nothing at all. When you have so many years of experience in an industry, money is not a problem at all in the future. Frequent turmoil is not the best policy. Finally, you don't know anything about any industry, and you will always be a novice!
Be a master of technology? Or do you want to be a master of comprehensive quality? If being an engineer all the time is not your wish, then don't concentrate on technology. If you want to develop in other directions such as management, technology is only one of your pillars in the future, and you need to know more about other fields. When we are in the enterprise, we often look down on a person and say that he "knows nothing, why do you get so much money and why do you get promoted!" This is a common and typical pedantic remark of engineers. People may be good at management, understanding leadership intentions, coordinating departments and so on. Therefore, we must cultivate our abilities in many aspects, including management, affinity and communication skills. And become a master of comprehensive quality, the future development direction is often broader.
Learn from everyone. Don't just associate with engineers, thinking that they have a common language. In fact, it is more important to associate with other types of people. If one day you want to be a boss or a senior manager, you will face these people all day. Understanding their experiences, thinking habits, hobbies, learning their problem-solving models and understanding the phenomena and problems in all corners of society are great capital for future development. Without these, they will be clumsy, stumble, encounter many difficulties, pay a lot of tuition fees, and the probability of success will be greatly reduced! In addition, read more books on other subjects, such as finance, psychology, philosophy, taxation and law. , you can do some accumulation for the future, which may be more useful!
Seize the opportunity to change to technical management or marketing. If your own characteristics and timing are right, you may have a greater future if you switch to management or sales. Moreover, if you do technical management and marketing, you didn't do it for nothing before, and you will need it in the future. Engaged in management can cultivate their own leadership ability, engaged in sales can cultivate their own market concepts and thinking, and at the same time accumulate huge contacts for their future development.
We should establish a good relationship with every customer! This can prepare for future development. Make friends with customers and establish a relationship of mutual trust, so that customers can call you first if they want to buy products. This is also a good opportunity to get in touch with the market and cultivate market awareness.
Learn to sell yourself. In addition to being competent, you should also be able to speak and write, create conditions for others to know yourself, and learn to use every opportunity to promote yourself. It is necessary to establish your own brand image! Otherwise, how does the boss know that you are capable? Sell yourself early, and the opportunity will come to you! It's a good idea to have a personal homepage! ! In particular, we must cultivate our reputation in the industry, be famous, have a high salary and have opportunities.
As a migrant worker, stress-free work will silently kill the "edges and corners" of your youth and make you mediocre.
The work of network security engineer is hard and difficult to do, but it is precisely the most exercise of a person's will and ability. Technically, an excellent network security engineer is more "extensive" than R&D personnel, because he is exposed to the products of various competitors; From the market point of view, the network security engineer's product sense of smell is more acute than sales, because he understands the needs of customers. If you know what kind of technology is popular and practical, what kind of products will sell well and what customers need most, won't you be taken seriously? Therefore, personally, I have always believed that network security engineers, as the best "link" between technology and market, will have the widest job choices in the company in the future.
Especially those young people who have just graduated, their lives will last for decades. It is obviously not a good soldier to quit without a few charges. It's too early to charge. For young people, there is plenty of youth, so there is no word failure in the dictionary of young people. If you lose your "penniless" and start from "zero", it will be the same as now.
Someone once made such a metaphor: a good enterprise is like a big car, which can carry everyone forward together and give you the feeling of home; You are lucky to join this train. You must contribute to make it run faster and more steadily, but in many cases, you must keep up with its speed and don't let the handlebar leave you behind.
I hope my experience can help my colleagues, and I hope everyone will have a bright future.
Job responsibilities of network security engineer
Because information security is related to the security of the country and society, according to the laws and regulations of information security in China, in general, the government and enterprises should use domestic information security products and equipment as much as possible. Based on this, relying on domestic mainstream security vendors and domestic mainstream information security technologies, we locate the training objectives of information security professionals, conduct analysis, research and discussion with enterprise front-line engineers and industry experts, determine the job responsibilities of network security engineers, and clarify the skill objectives of the course Information Security Technology and Implementation.
1, receiving business, service, management, regulations and technical consultation related to information security.
2. Deal with network failures of enterprises, institutions or individual users, and provide information security technical support for enterprises, institutions or individual users.
3. Conduct basic knowledge training on network security for enterprises, institutions or individual users to improve users' awareness of information security.
4. Provide installation and configuration services of safety products to enterprises, institutions or individual users.
5. According to the security requirements of customers, provide the security design scheme of enterprise information system.
6. Provide customers with security testing services according to the actual configuration of customer information systems, evaluate the vulnerabilities and weaknesses of customer information systems and provide test reports.
7. Providing other services related to information security technology.
8, complete other tasks assigned by the leadership.
9, responsible for coordination with other departments.
10, responsible for contact and coordination with customers.
;