How to Get into the Cybersecurity Industry
Everyone knows the cybersecurity industry is booming … and hiring! But how do you get started in an industry that’s so technical and challenging? The answer to this question is complicated as there’s no predetermined path that can guarantee success nor one piece of advice that will satisfy everyone’s questions.
As an industry founded on creativity (and, well, breaking things) many get their start and find their passion for InfoSec in an unconventional manner. For example, listen to our Jumpstarting Your Cybersecurity Career webinar. These four panelists each share their path to industry success, and none of them are the same.
This blog will detail the steps you can take to get into the cybersecurity industry in four major steps:
- Is the cybersecurity industry right for you?
- Degree options for those wanting a traditional path into cybersecurity
- Certification options for those wanting to get their feet wet in security NOW
- The types of cybersecurity jobs available to newcomers
Is the Cybersecurity Industry Right for You?
Before we talk about actually getting into cybersecurity, it’s important to ensure this career path is right for you. Let’s start with a quick questionnaire:
1. Are you a creative person by nature?
Do you enjoy figuring out how things work, dissecting said things, and looking for weak spots? Creativity and curiosity are must-haves in an industry where tactics, techniques, and procedures are growing and evolving so rapidly.
2. Do you enjoy being a part of a team and/or working with others?
While not an absolute requirement to enter the cybersecurity industry, it’s more than likely that you’ll either be a part of a team, leading a team, or working with an external third-party at some point in your cyber journey. Delegating tasks to others on your team, trusting in your teammates’ abilities, developing adequate communication skills, and more are all important soft skills helpful for security pros.
3. Are you willing to be flexible in order to accomplish tasks and hit goals?
Much like the path to a cybersecurity job, the work you do day-to-day is not easy and hardly ever has a straightforward answer. To be successful (and happy) in security you need to be flexible both in the time you work on different projects and the methods you deploy to get the job done.
If these three questions have you terrified, the cybersecurity industry may not be the best fit for you. However, if we just described your dream job, we may have just found your calling.
Obtaining a Cybersecurity Degree: A Conventional Path into Security
Once you’ve determined a fit from a workflow perspective, it’s time to get started on your path to landing your first security job.
Although many don’t follow a direct path into cybersecurity, the traditional college classroom setting offers more opportunities than ever before to learn about computer science and specifically cybersecurity. Cybersecurity degrees are now commonplace at many public and private institutions and are seeing substantial growth in popularity among students. These degrees, often a four year bachelor’s offering, provide a conventional way to learn both the technical and soft skills needed to prepare for work in cybersecurity.
With today’s massive cybersecurity talent shortage, the days of security work being hidden in online forums and well-kept secrets are gone. But that same talent shortage means that the less traditional paths are still wide open.
Acquiring Cybersecurity Certifications and Skills: Get Your Feet Wet in Security
Unconventional path for the win! You’ve probably heard that you don’t need a cybersecurity degree to work in cybersecurity. This statement is still true. At the end of the day, your future employer doesn’t care whether you went to school or not, as long as you’ve sharpened your skills through alternative methods.
One of the most popular of these methods is acquiring cybersecurity certifications. These certs offer evidence of a baseline of knowledge that should help get your foot in the door to security. Some of the most popular include the following:
- Offensive Security’s OSCP, OSWP, and OSWE
- SANS GIAC’s GPEN, GWAPT and GCPN
- eLearn Security’s eCPPTv2 and eCPTX
- Courses from Udemy, Cybrary, Coursera, and others
Which certifications you target should largely depend on the type of cybersecurity work you want to do, which we’ll touch on later.
Are certifications required to get into cybersecurity without a degree? Not necessarily, but as a new professional you will need to be able to tangibly demonstrate WHY an employer should hire you for a role.
Pro tip: Showcase your skills by creating a public GitHub account that demonstrates the programming and research projects you work on in your spare time.
Entry-level Jobs for Those New to the Cybersecurity Industry
Now that we’ve covered the soft skills recommended to work in cybersecurity and a couple ways you can jumpstart your career in security, it’s time to talk about the end goal of all this work… landing your first cybersecurity job.
If you’ve done your homework (either literally or figuratively), learned more about the industry and how it works, and perhaps even obtained a degree or certification, you’re well on your way to nailing the interview and entering the l33t world of cybersecurity. But once you get to the point of no return, which job should you pursue?
The honest truth is that a sexy penetration testing or red teaming job will, in most cases, have to wait until you’ve garnered a bit more experience. With that being said, some of the most common entry-level positions in the cybersecurity industry include security operations center analysts, security specialists, junior incident responders, and help desk personnel. Choose your path wisely and align it with your skillset and area of interest but keep in mind that you’ll pick up new skills as you go and be able to pivot accordingly.
How to Get into the Cybersecurity Industry
Employers are growing desperate for new cybersecurity professionals, but this doesn’t mean they’ll hire anyone who can work a computer. However, if you actually do the work, dedicate yourself to continuous learning, and gather tangible evidence of your knowledge, you can break into cybersecurity and have a long, successful career.
In your new career you’ll also want to use platforms like PlexTrac that make the cybersecurity teams you belong to more efficient, effective, and proactive. See PlexTrac in action by booking a demo today!