The security field has a much-discussed skills shortage and an abundance of jobs. Experts regularly urge hiring managers to consider a broader, less homogenous pool of candidates. However, many aspiring cybersecurity professionals still find it difficult to break into the field without traditional credentials.
The following five tips can help you get into cybersecurity without experience.
1. Research, research, research
A successful career in cybersecurity requires curiosity and a love of learning. So it makes sense that one of the first steps in breaking into this field involves research. Read wide and dig deep to learn about:
the cybersecurity roles you might one day want to have; and companies you might want to work for one day.
Role research
Ultimately, the typical practitioner focuses on developing expertise in one area of cybersecurity. But to begin with, pursue a broad understanding of various security domains, which, in turn, helps inform your future career choices.
Aim to learn something about each of the following:
Each of these areas requires different soft and hard skills and suits certain personalities and preferences better than others. Look for expert content on blogs, podcasts and YouTube — try Gerald Auger’s and TechTarget’s channels — to help you figure out which specialties resonate the most.
Success in cybersecurity requires curiosity and a love of learning.
Once you’ve identified a position you’re interested in, such as cybersecurity analyst or pen tester, for example, search for people who currently hold similar titles on social media. Send a message and kindly ask for 15 minutes of your time.
If they agree, go to meetings ready to reflect on their day-to-day tasks, what they like and don’t like about their jobs, and how they’ve navigated their cybersecurity careers to date. Their insights can help you decide if a particular role is right for you and, if so, how to go about it.
Research organizations
A good way to find out about potential employers is to read online posts from current and former employees. Search social media sites, such as LinkedIn and Twitter, as well as smaller, security-focused communities on Slack, Discord, GitHub, etc.
2. Development of cyber security skills
Once you’ve identified an area of cybersecurity that interests you, start working on mastering the basics and acquiring technical skills.
Although many entry-level employees today have degrees in computer science or related subjects, some combination of self-directed learning, cybersecurity bootcamps, online courses, and professional certifications can provide the necessary educational and hands-on experience to help land the job. that first job.
The educational resources that are most relevant vary depending on your target domain and related skill sets. For example, if the goal is to become a security analyst in a security operations center, start by studying data security as well as common cyber security threats. Check out resources like LetsDefend, RangeForce, and TryHackMe.
If you want to be responsible for incidents, you need a deep understanding of network security, computer forensics, cybercrime and attack techniques.
Aspiring pen testers should consider learning a programming language, such as Python or Java. They also need several other skills, including a good understanding of web application security, network security, and OSes, including Windows, macOS, and Linux.
While some cybersecurity jobs require candidates to have a bachelor’s degree, they don’t necessarily have to be related to computer science or engineering. Other employers do not require degrees, but prefer the candidate’s skills, knowledge and willingness to learn.
3. Certificates for cyber security
Some of the most successful cybersecurity professionals do not have industry certifications, so they are certainly not necessary for success. Additionally, certifications are useful in catching the eyes of recruiters and hiring managers and getting past automated resume screening systems.
For someone just starting out in cybersecurity and looking for entry-level positions, investing in an educational curriculum that culminates in evaluation and certification can be beneficial. CompTIA Security+ is one such offering that provides a solid foundational understanding of the field and has a high degree of professional credibility.
Other reputable certifications include CISSP, Certified Information Security Manager, and Certified Ethical Hacker.
4. Soft skills
Although soft skills are not often discussed in the cybersecurity community, they can set job candidates apart from the competition.
Consider those with work experience as sales clerks in the retail industry, for example. They could apply their customer service expertise in a customer-facing security role and their social skills to build relationships and bridges between security colleagues and other stakeholders in the organization.
Highlighting such soft skills in initial job applications, during the interview process and on social media can help an aspiring security professional stand out from the crowd.
5. Social engagement
In today’s digital environment, social networks are not just for socializing. LinkedIn, for example, is a great place to network with security professionals, learn about the field, and build a professional brand. Consider these tips to get the most out of the platform:
Follow strategically. To generate a curated feed, try subscribing to:
Relevant hashtags. The Top-Hashtags site has a good list for cyber security.
Cybersecurity Industry Leaders and Practitioners. Identify individuals whose views interest you and press the bell icons on their profile pages to be notified when they share new information.
Industrial organizations. Professional groups such as the Information Systems Security Association International, (ISC)2 and ISACA regularly publish useful educational and informational content on their sites.
Get involved. Make meaningful comments on others’ content and contribute to professional conversations.
Share. Consider posting about your professional journey and what you learn along the way, with the goal of sharing information and demonstrating expertise. Many potential employers and partners appreciate an active professional presence on social networks.
For example, you might consider writing about past or current work experience and explore how it overlaps with information security. Military, legal and police professionals, for example, often have strategic knowledge and investigative skills that are easily transferable to the field.
LinkedIn and Twitter can also be good places to learn about community groups and events, both digitally and in person. In addition, DEF CON groups, BSides, Meetup and others offer educational and networking opportunities for everyone from beginners to seasoned cybersecurity professionals.
Security will almost certainly continue to see a growing job market for years and decades to come. Being purposeful, investing your time and energy wisely, and keeping an open mind can go a long way in opening the door to a new career in cybersecurity.
Comments are closed.