Information security (IS) is one of the most in-demand areas of IT. In this article, you will learn about the professions of IB and how to switch to IB with any background.
To discuss

 How to become an Information security specialist
What is information security?
Information security (IB, English Information Security, short. InfoSec is a set of methods to protect data from unauthorized access or modification both during storage and during transfer from one computer to another.

In practice, the attention of information security specialists is focused on one of the components of data security: confidentiality, integrity and accessibility. So, when storing medical information, we focus on confidentiality. Integrity is most important for financial transactions – no money transfer should be incorrectly credited or debited. To ensure that information is available in press releases, Governments ensure that their websites and systems are kept down to a minimum.

Overview of specialties in the field of information security
The development of technology creates security problems. Cybersecurity Ventures estimates that 3.5 million vacancies will be opened in the information security industry by 2021, and global spending on digital security will exceed $1 trillion. According to the MIT Technology Review, of the candidates applying for the relevant positions, less than a quarter have the necessary qualifications.

The responsibilities of an information security specialist may vary, but the role can be reduced to a simple formula: to protect company data from hacking. Let's look at the lists of popular specialties in the field of information security.

Technical specialties of IB
The Penetration Specialist (pentester) is responsible for checking applications, systems and networks for vulnerabilities.
The Infrastructure Security Specialist is responsible for analyzing the security requirements of the organization's systems, as well as for installing and configuring security solutions in corporate networks.
An application security engineer ensures security at all stages of the software development lifecycle, including the design, coding and development, testing and deployment phases.
A cloud security engineer deals with the security of digital cloud platforms.
The reverse engineer analyzes malware to understand how they work, how they can be identified and eliminated.
The direction of compliance (English compliance, English translation consent, compliance) ensures the security of internal computer systems, servers and network connections.
DevSecOps is dedicated to integrating security testing into continuous integration and continuous delivery pipelines.
CISO (Chief Information Security Officer) is the head responsible for the security of information and data of the organization.
An information security auditor checks computer systems that may be under attack.
A specialist in forensics (computer forensics) collects evidence from computers, networks and other data storage devices to investigate cases of digital crimes.
IB Technical presale combines technical knowledge and sales skills to provide advice to current and potential customers.
An information security technical writer collaborates with incident response analysts, engineers, and threat analysis specialists to document technical information.
IB Management specialties
The Information Security Administrator helps the organization implement the best solutions according to their security needs.
Security managers manage the organization's information security policy.
The Information Security Director (eng. chief information security officer) is an executive–level manager who directs strategy, activities and budget to protect the information assets of an enterprise.
Skills for the job
A higher education diploma in information security is required only in government institutions. In other cases, it is enough to complete certification programs, special courses and self-development of competencies.

The technical background of an information security specialist
First you need to master the basics of Computer Science.

Programming, markup languages, coding

Depending on the specifics of the direction: it will be useful to have knowledge of low-level C++ and Java languages, as well as scripting Python, PHP, jаvascript to ensure the security of web applications.
Assembler and disassemblers.
Regular expression skills (regex).
Linux / MAC bash scripts.
Operating systems and database management

Windows, UNIX and Linux operating systems.
Management of SQL- and NoSQL-type databases.
Networks

System and network configuration.
TCP/IP, computer networks, routing and switching.
Network protocols and packet analysis tools.
Firewall, intrusion detection and prevention protocols.
Knowledge of PacketShaper, load balancer and proxy.
Virtual private networks.
Non-technical background
People with experience in project management, technical writing, law, or physical security functions can qualify to work in the field of cybersecurity by honing some skills and obtaining the necessary certificates. However, initially you need to get fundamental knowledge in the field of IT.

The CompTIA IT Fundamentals certification is an introduction to basic IT knowledge and skills that help professionals decide if a career in IT is right for them. This is also the first certification you need to complete for your security career if you don't have a technical background. 
A selection of resources for self-study
Books
Security in Computing is an overview of computer security with an emphasis on networks, operating systems and software devices.
Crafting the InfoSec Playbook – how to develop your own incident detection and threat analytics tools.
Gray Hat Hacking (English) – reverse engineering tactics, ethical ways to hack servers and browsers, the business side of ethical hacking.
Information security. Protection and attack – a detailed explanation of conducting security audits and penetration tests for various systems, as well as modern solutions for routing, wireless communications and other areas of information security development.
Certificates
For those who do not have experience or knowledge in the field of IT, obtaining a series of certificates from CompTIA will prepare them for their first job in information security. And for those who are already in the IT field, certification is a sure way to move into the field of cybersecurity, move up the career ladder or even join an international information security company.

Ethical Hacker (CEH) – shows that you understand and know how to look for weaknesses and vulnerabilities in target systems, and use the same knowledge and tools as a malicious hacker, but in a legitimate way to assess the security status of the target system. This certification is most beneficial for those who already work in the field of programming and want to get a job in the field of security..
A Certified Information Security Manager (CISM) allows you to manage and develop information security systems in enterprise-level applications or advanced security practices.
A Certified Information Security Professional (CISSP) shows that you have the knowledge and technical skills necessary to develop, manage and manage security standards, policies and procedures.
A HeadHunter search shows that there are about 90 open vacancies on the market that require or prefer candidates with a CISSP certificate. The average salary is 190,000 

Online platforms
Cybrary is a free video course on all the most common cybersecurity certificates.
The Open Web Application Security Project (OWASP) is a free course on web application security.
OpenSecurityTraining.info (English) – materials for self-training in CISSP modules.
Blogs
Web Application Security: Just about Complicated is a blog dedicated to web security.
InfoSecurity is a hub on GeekTimes about tools and practices in the world of information security.
Cloud Academy (English) – regularly updated materials on the topic of Cloud Security.
DZone Security Spotlight is a blog on DZone about application security, web security and network security.
Career prospects
Analytical forecasts show that from 2018 to 2028, the demand for information security workers will grow by 32% (a VPN may be required to access the report). The demand for information security analysts will be particularly high, as such analysts will be needed to create innovative solutions to prevent information theft and other computer network problems.