How to get started in cybersecurity: Career tips and advice for beginners
“Thank you for taking time out of your day to attend this interview for chief security officer of the company. We know everyone’s work schedule is packed, so we’ll try to make this brief. Now your resume says that your previous job was in… the mailroom?”
“Oh yes, I’m very good at sorting through threats quickly.”
“I see…”
When you're first trying to move into a new career, it can be an almost insurmountable goal sometimes. Yet it is something that is done by people every day, and while it's not easy, it is certainly possible. To that end, we're going to focus on three particular categories that you can work on which will certainly help you pursue a cybersecurity role: what you know, who you know and what makes you unique.
FREE role-guided training plans
What you know
Certifications and degrees help so much when it comes to gaining knowledge quickly about a particular subject. This isn't saying that you can't gain a world of information just from watching what goes on via different tech news websites, or even the nightly news when it comes to major breaches. Yet for quick, concise and accurate information for what you're going to use for a new career, certifications are the best bang for your buck.
To decide on what works best for you, let’s take a look at a basic example. An easy river can help you travel from point A to point B without a lot of difficulties. It may take a considerable amount of time, but eventually, if you keep at it, you will get where you want to go. A fast river can be difficult, challenging you to keep up with its demands and forcing you to adapt to new situations very quickly. It will not be easy, it may even cause you to crash multiple times before reaching the end. But you will make it to your destination quickly.
Let's take that example and look at passive learning and certification-based training or specialized college courses. Passive learning allows you to gather information as you come across it, something like what you run into daily at work. It can be very effective, but can potentially take a significant amount of time before you reach a point where you are comfortable with the knowledge base you've built up.
If we compare that to preparing for a certification, this immediately takes us from passive “as we get to it” learning, to active “this is what we need to do” training. This gives you a specific pathway to follow. What can make this a challenge though is that certifications want to get everyone to a baseline, and that can be difficult depending on what your current skill level is. Thankfully, there are many certifications out there with multiple skill levels for you to choose from. If you're just starting in IT as a whole, it can be highly lucrative to go through the 1-2-3 certification combo of CompTIA's A+, Network+ and Security+. These certifications give you a tremendous boost to confidence and knowledge at each tier, as well as help to move you along your career track quickly.
Certification bodies such as CompTIA will have study tools available on their websites such as beginner's guides or practice tests. YouTube can also give you an enormous amount of material to see if you're interested in a particular career track before you invest a lot of time and/or money into it. Once you decide on what certification you want to go with, the all-in-one book series is great as a reference guide and exam preparation tool and can be picked up from places like Amazon or your public library.
Also while we’re on the subject, do not discount how much you can get out of taking a stroll around your local library's website. Even if the book you are looking for is not available on-site, you may be able to request it be transferred in from another location. It might take some time, but it can save you a significant amount of money in the short term. The all-in-one series also covers more advanced certifications such as (ISC)²'s CISSP certification.
Shon Harris wrote the book on studying for this certification and is tremendously useful when starting to wrap your head around all of the content this certification covers. With the sheer amount of certifications present in IT and cybersecurity, however, some may have difficulty choosing which certification to go with, and what is treated as an industry standard. Who can you talk to about this? This brings us to our next topic.
Who you know
It seems like everybody knows at least one person working in cybersecurity now; the field has been around for some time, and demands for people to fill positions are expanding every year. If we're going for help with a new career path though, we need to try to contact as many people as possible to get plenty of insight into how we can go from where we are now to where we want to go.
Thankfully there are plenty of resources online, and plenty of organizations that specialize in bringing together people in the cybersecurity field. LinkedIn is an excellent resource when it comes to networking, and it has a large number of security groups that can help with introducing you to people that have been in the field for a long time. Groups such as the information security community and the information security network can be huge when it comes to obtaining contacts. Others such as CompTIA Connect and the Cyber Security Forum Initiative (CSFI) can help with planning and preparations when it comes to certifications or future projects. Groups such as these can be especially useful if the certification you are going for requires a sponsor or someone who already has it to vouch for you.
Security conferences are also a great way to network and meet people in your area that do this work daily. SecureWorld for instance holds conferences around the United States at different locations regularly, which can be a great first step. Depending on your current field and region, however, there can be even more specialized security conferences based on what the primary industry of the area is.
What makes you unique?
The thing that a lot of people mistakenly believe is that when you change careers, you leave behind all of that knowledge and experience to never be used again. In actuality, this can be a boon to you, due to knowing how to use additional tools and resources, which can give you a leg up once you begin working in cybersecurity.
For example, say that you were previously in the service industry. You worked a day in and day out taking care of things for people. When you start working in cybersecurity, you can better understand just how dangerous certain things can be in that field and explain to others more easily how they can adjust certain practices to make the situations safer.
FREE role-guided training plans
Begin your career in cybersecurity
It can be frightening to change career tracks, but it can be done and becomes significantly easier with the assistance of others who have already gone down this path. Be sure to use all of the resources you have at your disposal.
Sources:
CISSP All-in-One Guide, Shon Harris
In this Series
- How to get started in cybersecurity: Career tips and advice for beginners
- Top-paying cybersecurity jobs and salary trends for 2024
- The importance of IT certifications in boosting your career
- Understanding the role of a network engineer in IT
- The role of the chief information officer (CIO) in cybersecurity
- What is a network engineer and how to become one?
- What does a system administrator do and how to become one?
- Cyber security hiring: Tips and best practices
- Cybersecurity soft skills: Career benefits of public speaking
- CompTIA Data+ certification: Opening doors to new careers
- Surviving cybersecurity burnout: Tips from industry experts
- How to make a mid-career change to cybersecurity
- 7 top security certifications you should have in 2024
- The Changing Role of the Modern SOC
- Discover the top 5 information security management certifications
- CySA+ versus CASP+: Is the CySA+ good enough for a career in cybersecurity?
- The best cybersecurity jobs in 2023: Trends, roles and salaries
- Top 10 penetration testing certifications for security professionals (2023)
- How to land an entry-level cybersecurity job: Essential skills and certifications
- 133 cyber security training courses you can take now — for free
- Breaking down barriers: How to make cybersecurity more inclusive and diverse
- Computer forensics interview questions
- The digital security forensic analyst salary guide
- Applying linguistics to cybersecurity: The journey of Jade Brown, a 2022 Infosec Scholarship winner
- The Path to “Career 4.0”: Amy Bonus leverages humanities, FinTech experience to bring Cybersecurity to the layperson
- Security engineer: Degree vs. certification
- Cybersecurity engineer: CyberSeek
- Infosec Accelerate Scholarship winner highlights essential qualities of a successful cybersecurity professional
- Career skills, imposter syndrome and intelligence-led pentesting | From the Cyber Work desk
- Cloud security engineer interview questions and answers
- Prior preparation results in a big payoff for Jason Mondragon, an Army veteran transitioning into cybersecurity
- Infosec scholarship winner Kandice Kucharczyk salutes her mentors as she sets her sights high
- Which CompTIA cert is right for you: Security+, PenTest+, CySA+ or CASP+? [updated 2023]
- How VetsInTech and Infosec Laid the Path to Gaurav Panta’s New IT Career
- Infosec 2022 scholarship winner Anthony Torres: Bringing the Marine Corps ethos to the cyber domain
- Infosec Scholarship winner Chris Chisholm knows the power of service and diversity in cybersecurity
- Betta Lyon Delsordo, Infosec scholarship 2022 winner, is a true life-long learner
- A veteran transitions from military medical logistics to multi-national security analyst
- An Army National Guard member fast tracks his cybersecurity career transition with VetsinTech
- How a career harnessing Navy nuclear energy can power a transition to a Security+ certification
- What is a cloud administrator? Essential roles and skills
- Security control mapping: Connecting MITRE ATT&CK to NIST 800-53
- Should you take the CCSP/SSCP before the CISSP? [updated 2022]
- (ISC)² certifications: The ultimate guide [updated 2022]
- CCSP vs. Cloud+ [updated 2022]
- Data architect: The ultimate career guide
- The ultimate guide to ISACA certifications: Overview & career paths [updated 2022]
- I failed IAPP’s CIPP/C certification. Here’s how I recovered
- How learning to be "Always Flexible" helped a Marine in earning the Security+ certification
- How to learn and pass your next certification exam
- Mission accomplished: How one army veteran turned neurobiologist moved into cybersecurity
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
Professional development
Professional development
Professional development
Professional development
The role of the chief information officer (CIO) in cybersecurity