How to Become an Information Assurance Technician
If information technology attracts you and the desire to jump into the field is really high, then you might want to consider becoming an information assurance technician. This job is for people who are passionate about information system and data protection. Generally, an information assurance technician is responsible for designing firewalls, monitoring usage of data files, controlling and restricting access to information to only authorized personnel so that information security can be safeguarded, and working to ensure network protection. An information assurance technician is also expected to remain updated about the latest happenings in the IT industry and keep an eye on the latest viruses and cyber threats so that information assets of an organization can be secured.
For the beginners who might confuse information assurance with any other term like information security, but it’s a completely different domain. Let us clear the confusion. It is the practice to ensure that the right information is available to the right individuals when they need it. An information assurance technician’s job entails assuring information and handling all the risks that are associated with storage, processing, and transfer of information as well as the software or process used for it.
As an information assurance technician, a person must have the capability, skills and knowledge to protect the integrity, secrecy, authenticity, accessibility, and non-repudiation of data. Although, information assurance is mainly concerned with digital information, however in some organization it also extends to analog and physical form. An information assurance technician should be able to deploy proper protection mechanism for data that is being transferred. Moreover, information assurance technician also needs to ensure the protection of data at rest as well.
What does an information assurance technician do?
Information assurance technicians are responsible for providing comprehensive security to information systems. Generally, governments and businesses hire information assurance technicians to protect their information systems and ensure smooth functioning of day to day affairs. An information assurance technician is supposed to ensure business continuity by devising effective risk mitigating strategies. They are also expected to conduct a periodical risk assessment of the information systems and implement the strategies as and when needed. However, the responsibilities of an information assurance technician reduce a bit in case if the person is working with a government department as they don’t need to have expertise in fraud management, business management, accounting, and criminology, which are mandatory to have if a person is working for a profitable entity.
Usually, information assurance technicians starts off by making a list and classifying information assets that the employers want protected. The second part of their job is to assess all the potential risks that may affect those information assets and identify vulnerabilities of those assets that can be exploited by someone. After the identification of vulnerabilities, information assurance technicians analyze the likelihood of a threat and its impact on the system or information assets. The impact is generally calculated on the basis of the cost a threat may incur to the company.
After completing the assessment of risk, an information assurance technician is then expected to develop a plan for managing all the risks identified earlier. The risk management plan should include the strategies to mitigate, accept, remove or transfer the risks while identifying appropriate detection, prevention, and response techniques. In order to devise a comprehensive risk management plan, the technician can seek help from internationally recognized frameworks.
The countermeasures that an information assurance technician is expected to propose would become part of the technician’s job description and such measures are likely to include using firewalls and anti-virus along with defining procedures and policies for information management. The person would also need to conduct training sessions to create awareness among employees about managing information and keeping it secure. An information assurance technician should also have excellent coordination skills to implement the backup plan, the person may have to coordinate with other teams of the organization as well. They should also be able to understand the cost associated with each countermeasure and the value it would bring. Therefore, it can be said that an information assurance technician cannot possibly eliminate all the risks and thus should have the ability to manage the risks in the best way possible.
After the implementation of a risk management plan, the next expectation of an employer is to test and monitor the results by performing its audit. The tasks of assessing risks and managing them are on-going, which means that information assurance technicians have to revise these plans periodically in order to keep the information assets safe, secure, and accessible.
Roles and responsibilities of information assurance technicians
The primary responsibility of an information assurance technician is to ensure the availability of information to the people who authorized to access it at the right time. Information assurance technician is expected have the skills to identify risks associated with information or data, test the resilience of information system, ensure system safety, and utilize the right architecture so that utility of information only to authorized users can be enhanced. Whereas, with these measures, information technician is also expected to prevent any and all attempts of unauthorized access. An information assurance technician should be able to use trust management for the benefit of a company.
Although information assurance is a different domain altogether, it shares a deep bond with information security and continuity of business. Information assurance technicians’ jobs are more related to the strategic management of risks to information system at a business-level than on the creation of security tools and applications to protect information assets of a company.
Thus, it can be said that an information assurance technician’s job is not only linked to defend an organization’s information assets against all the threats from cyber-criminals, hackers, and viruses but also to look after matters concerning corporate governance including regulatory compliance, privacy, crisis management & recovery, auditing, & continuity of business. Moreover, information assurance is a field that requires the person to have expertise in accounting, business management, forensic science, fraud examination, system engineering, criminology, user experience, security engineering, and computer science. On the other hand, information security is primarily linked with computer science only. This is the reason, information assurance technicians are considered to assume the responsibility to manage and assess information of an organization.
An information assurance technician must have excellent programming skills and should be able to understand multiple languages in order to identify vulnerabilities and risks associated with an information system. Moreover, they are also expected to have a basic understanding of fundamental security concepts including confidentiality, privacy, access, control, and authentication among others as these skills are necessary in designing firewalls, creating risks management plans, and providing access to authorized users only.
As identified in the section of roles and responsibilities, risk analysis expertise are necessary to become an information assurance technician. This would warrant the understanding of risk analysis principles so that the cost of risks can be calculated for the businesses. Having a working knowledge of network infrastructure, malicious codes, and network protocols are also necessary for this job. You should also have knowledge about known intruder techniques and how to stop any cybercriminal or hacker from accessing important information or stealing valuable data.
To become an information assurance technician one must develop four important soft skills mentioned below:
An information assurance technician should have excellent command over verbal and written communication skills. The job demands that the person must communicate with various teams and stakeholders to ensure absolute protection of information assets of a company and thus communication skills are mandatory.
This requirement is mandatory for almost every person who wish to work in any organization as the contemporary business environment demands all employees to coordinate with each other. Every team member should be aware of their responsibilities and work as a team to complete all the assigned tasks within the given deadline. Moreover, being a team player also means that an information assurance technician should also keep in mind the overall team objectives and contribute positively to help the entire team accomplish the goals.
Integrity and discretion
As per the job nature, an information assurance technician should be trustworthy as the person will be managing confidential information of its employer.
Organizational and problem-solving skills
Another important characteristic that an information assurance technician should have excellent organizational and problem-solving skills, since the person has to deal with complex data and information sets. It is mandatory for an information assurance technician to develop these skills or the risk of running into trouble is very high.
To become an information assurance technician you need to have at least a bachelor’s degree in computer science, computer engineering, mathematics or other closely-related subjects with excellent command over the software development process. However, merely a bachelor’s degree won’t make you eligible to apply for an information assurance technician’s job as you will also need to have additional certifications related to information assurance as well as knowledge or an advanced business management degree with IT focus. Most of the employers will consider your profile if you have relevant certifications along with required degrees.
If you are applying for a position in any government department then you need to have at least DoD 8140 Information Assurance Certification to be considered for the position. This certification is needed along with a bachelor’s degree and 3 to 4 years of experience in a similar capacity. However, if you wish to join right after graduation then you have to start in a junior role in cybersecurity department of any company and then earn experience and certification to become an information assurance technician. However, for senior-level positions, you have to acquire extensive experience, DoD’s 8140 assurance certification along with other trainings and certifications in cyber-security, auditing, accounting, business management, forensic science, fraud examination among others.
How much information assurance technicians earn?
According to the data made available by CareerBuilder, an information assurance analyst generally earn something between $67,000 and $141,500 per annum, whereas CareerBuilder has calculated the median salary of information assurance analyst at $100,000. However, the compensation structure of every organization is different and it is highly likely that the employers located in major cities where the cost of living is high will pay higher salaries to information assurance technicians than the employers who want to hire information assurance technicians for cities with lower living cost. Secondly, an individual with excellent communication skills can negotiate a higher package compared to the people who are not good at communication.
Relevant certifications that can help you land your dream job
There are numerous certifications that you could and should obtain in order to further your career as an information assurance technician. Since they are expected to have knowledge over various cyber security and business related concepts. However, we have created a list of a few cyber security courses that you should checkout:
- Certified Ethical Hacker by EC-Council
- CompTIA Security+ by QuickStart
- Certified Information Systems Security Professional by ISACA
- SANS GIAC Security Essentials by GIAC
- Certified Ethical Hacking by QuickStart
Moreover, for additional courses related to information security, you can browse QuickStart’s huge library of courses and can select the ones based on your need and passion.
Sample Resume for Information Assurance Technician
Jane Doe – Information Assurance Technician
Address: | M: | E:
AREAS OF EXPERTISE
Information Protection Plans
Developing Security Policies
Implementing Security Policies
A problem solver with excellent analytical and communication skills, I have acquired master’s degree in Computer Science and in a period of 5 years worked in different capacities in the IT departments of fortune 500 companies and the most recent position is information assurance analyst.
4/16 – Present
Information Assurance Analyst
XYZ, Inc. NY
3/12 – 3/16
Information Assurance Officer
ABC Corp., NY
Master’s in Computer Science 9/12
University of California
Bachelor’s in Mathematics 12/09
University of California
- CompTIA Security+
- Certified Ethical Hacker
- CompTIA Network+
Excellent written and verbal communication
C, C++, C#, Python, PHP, Java
Common Interview Question
If you are applying for the position of information assurance technician, then your knowledge will be tested by employers on the basis of the functions they expect you to perform. Therefore, it is important to research about the company and job role before going for an interview. Usually the flow of all interviews remain the same, the hiring manager begins by asking general questions before moving on to the specific ones. These include questions like;
- Please tell us about yourself and your previous job experiences
- Why do you want to switch from your current job?
- What are your strengths and weaknesses?
- Would you like to share something with us that is not part of your CV?
- What are your career aspirations?
- Where do you see yourself in the next five years?
- What would you like to do once you obtain this position?
- Give us an example of a situation in which you were the team leader and successfully resolved a team conflict
- Share an incident when you prevented a breach in the system.
These questions are usually aimed at developing good rapport between the interviewer and interviewee. Once that is established, the hiring manager moved on to the technical questions, which test your knowledge and help them assess your skill set. Some of the common questions that you may be asked by most of the employers are:
- What is the importance of keeping information safe and secure for an organization?
- How would you stop unauthorized access to information?
- What policies would you put in place to ensure the security of information assets?
- When in transit, what methods you would recommend to ensure data protection?
- How would you calculate the risk of any possible threat on the business?
- What methods would you employ to detect frauds?
The questions an interview might ask you for the role of information assurance technician mainly depend on the company’s profile and what they expect you to do. However, in order to secure the job you should be mentally prepared to answer any relevant question that comes at you. It is vital to note here that the role of information assurance technician is continuously changing and thus you need to stay updated about the latest happenings in the industry, which can be made possible by enrolling in online certifications available at QuickStart or any other reliable source of education.