Andy O'Donnell entered the IT security field more than 12 years ago. He has worked at all levels of security and currently practices as a senior security engineer and analyst. He has worked with the Department of Defense and federal, state and commercial customers. O'Donnell earned his bachelor's degree in information systems, followed by his master's in management information systems, both from Auburn University. He also blogs regularly at About.com Internet/Network Security, where he tries to assist people with their security matters.

Why did you decide to pursue this career field?
It sounded interesting and rewarding and I felt that it was an area that wasn't already overcrowded with other job seekers.

What type of preparation did you do to get into this field, such as educational and work experience?
IT Security more than any other field puts a lot of emphasis on being certified. This is essential, as many government regulations require security professionals who work for the government to have certifications as a preemployment condition. I attained a bachelor's and master's degree in IT and then studied for and passed certifications such as Security+, CISSP [certified information systems security professional] and several others.

If your education was directly related to your career, what types of classes and projects did you have to do?
My BSBA [bachelor of science in business administration] and master's degrees weren't directly related to my current field. There weren't any programs that focused on IT security when I was in college, but many of the classes I took in college were useful in what I do now.

How did your education help you in your career?
My education was essential in allowing me to attain senior-level positions that I would have otherwise not been considered for.

What was your career path like in this field? For example, did you begin in one position and advance through others to reach where you are now?
I started as an intern while still in college. I worked my way up from the very bottom of the security field to the senior position I am now. I believe that working at all the different levels has helped me to understand what roles everyone has, which helps me to be a better leader.

What types of skills is someone required to have to work in your position?
The skills required for an IT security professional include strong critical thinking skills, an understanding of networking and computers, as well as strong attention to detail.

What do you do on a typical workday?
My typical workday involves working with government leadership and software developers to determine the impact of security vulnerabilities found in their systems and explain to them what they need to do to fix them so they can comply with government security rules and regulations.

Do you plan to advance to another position within your career field? If so, to what position and why?
I hope to move to an executive-level leadership position so that I can help educate leadership at all levels about threats to systems security and how to best prepare for future threats.

What type of person do you think is best suited for a job in your field?
A person with a thick skin who can handle pressure would do well in the security field. IT security is a serious business and companies put a lot of faith in their security people. If we mess up, there can be very serious consequences not only to ourselves but also to the customers we serve.

Do you have any advice for those who are looking to launch a career in your field?
My advice is to get a degree in IT security followed by industry-recognized certifications like the CISSP and CISM [certified information security manager]. To advance further after several years of on-the-job experience, a master's degree would definitely help.