So you want to move from the help desk to the security team
Everybody has a start in their chosen field. Sometimes this start is a calculated, deliberate choice and sometimes it is a product of both chance and luck. When I had my start in information security, it was an experience where at the end of the day I discovered that not only was information security my passion, but it was also dropped in my proverbial lap.
For those wanting to make the move from help desk to security, this move can be planned and executed without much difficulty. This article will detail how you too can make the move from help desk/service desk to a role on your organization’s security team. We’ll do this by exploring both how my move played out for me and what you should consider before making yours. By the end of the article, you will be in a much firmer position to decide whether you want to make this move too.
FREE role-guided training plans
My move to security
My first role in information technology was a help desk analyst role. I always had an interest and general knack for knowing my way around a computer, so it seemed like a natural fit. Let’s be honest, though — unless your organization is supporting thousands of users with an unstable information technology environment, you will get bored fast. It was not more than one day on the job before I discovered my next technological calling — security.
The best starting point for making your move is finding out whether your organization has a security team. Even if it does not, if you show enough interest and some information security knowledge, your supervisor may add security responsibilities to your plate. If you are currently in help desk and there is no way to expand your role to include security responsibilities, look for them at another organization.
How to make the jump
Making the jump from a help desk role to your organization’s security team is different for everyone and comes down to building your security skill set.
A good way to build this is to look for the opportunities that your organization allows to learn these security-related skills or demonstrate that you have these skills already. Think of these opportunities as more like a chance to make the make the absolute most of the work (or other) situations that come your way.
Impress
This may sound vague, but hands-down, impressing those in IT or information security management is your best way to move to the security team.
A great example is to find a way to automate some task or process on the help desk side to demonstrate to management that you have scripting skills. If you can successfully make the help desk role easier you can better justify moving to the security team, especially if you automated yourself out of your help desk role!
Volunteer
When you feel stuck in your help desk role and your organization cannot use what little security skills you have, volunteering is a great way to pick up some security skills for your resume. Though the concept of working for free may not be everyone’s cup of tea, think of it like this — you are being paid with skills instead of money.
One of the best ways to do this is to contact a local company’s security or IT team and ask if they need a security volunteer. Chances are they can use the help.
Shadowing
Shadowing is another great way to add security skills to your proverbial skills toolbox. If you see that there is a security-related project beginning, ask if you can shadow one of the team members as they work their part of the project. If you are lucky, it will be the project lead.
Solid ideas of projects you could shadow on include when new security devices get deployed, when your organization is migrating to a new security system or solution, or even some day-to-day tasks if you simply express your interest in security. You would be surprised how helpful and open security professionals can be when they find out you share their passion for security.
Online bug bounties
Another good way to pick up security skills recognition outside of work is online bug bounties. A bug bounty is a deal offered by many organizations, software developers and websites where volunteers offer bug reporting skills in exchange for recognition and compensation.
Of course you would have to have at least some skills to uncover security vulnerabilities to successfully perform a bug bounty, but if you do, you can learn a lot from participating in a bug bounty. Remember, being a good learner is possibly the best security skill to have.
HackerOne offers bug bounties and projects, which can be found here.
Earn a certification
Earning a security certification may give you the edge you are looking for in this jump to the security team. Information security professionals on a security team need to have an advanced level of security knowledge to be most effective. Certifications will help verify your security knowledge and will help improve the chances of anyone trying to join a security team. The two certifications I would start with are CompTIA Security+ and EC-Council’s Certified Ethical Hacker (CEH).
Best of all, many organizations offer sponsorship for IT and information security certifications.
Conclusion
It is entirely possible to make a career move from a help desk role to a member of your organization’s security team. I made the move myself based on my interest, initiative and good luck, as my organization had the need. If you are not in the same spot I was, put yourself out there by touching as many security tasks as you can or looking for this opportunity in another organization.
FREE role-guided training plans
Sources
- Transitioning from General IT to Cyber Security, Cyber Degrees
- What’s the Role of Help Desk in IT Security?, Samanage Blog
- How to Escape the Help Desk and Make More Money!, LeaderQuest
In this Series
- So you want to move from the help desk to the security team
- Top-paying cybersecurity jobs and salary trends for 2024
- The importance of IT certifications in boosting your career
- Understanding the role of a network engineer in IT
- The role of the chief information officer (CIO) in cybersecurity
- What is a network engineer and how to become one?
- What does a system administrator do and how to become one?
- Cyber security hiring: Tips and best practices
- Cybersecurity soft skills: Career benefits of public speaking
- CompTIA Data+ certification: Opening doors to new careers
- Surviving cybersecurity burnout: Tips from industry experts
- How to make a mid-career change to cybersecurity
- 7 top security certifications you should have in 2024
- The Changing Role of the Modern SOC
- Discover the top 5 information security management certifications
- CySA+ versus CASP+: Is the CySA+ good enough for a career in cybersecurity?
- The best cybersecurity jobs in 2023: Trends, roles and salaries
- Top 10 penetration testing certifications for security professionals (2023)
- How to land an entry-level cybersecurity job: Essential skills and certifications
- 133 cyber security training courses you can take now — for free
- Breaking down barriers: How to make cybersecurity more inclusive and diverse
- Computer forensics interview questions
- The digital security forensic analyst salary guide
- Applying linguistics to cybersecurity: The journey of Jade Brown, a 2022 Infosec Scholarship winner
- The Path to “Career 4.0”: Amy Bonus leverages humanities, FinTech experience to bring Cybersecurity to the layperson
- Security engineer: Degree vs. certification
- Cybersecurity engineer: CyberSeek
- Infosec Accelerate Scholarship winner highlights essential qualities of a successful cybersecurity professional
- Career skills, imposter syndrome and intelligence-led pentesting | From the Cyber Work desk
- Cloud security engineer interview questions and answers
- Prior preparation results in a big payoff for Jason Mondragon, an Army veteran transitioning into cybersecurity
- Infosec scholarship winner Kandice Kucharczyk salutes her mentors as she sets her sights high
- Which CompTIA cert is right for you: Security+, PenTest+, CySA+ or CASP+? [updated 2023]
- How VetsInTech and Infosec Laid the Path to Gaurav Panta’s New IT Career
- Infosec 2022 scholarship winner Anthony Torres: Bringing the Marine Corps ethos to the cyber domain
- Infosec Scholarship winner Chris Chisholm knows the power of service and diversity in cybersecurity
- Betta Lyon Delsordo, Infosec scholarship 2022 winner, is a true life-long learner
- A veteran transitions from military medical logistics to multi-national security analyst
- An Army National Guard member fast tracks his cybersecurity career transition with VetsinTech
- How a career harnessing Navy nuclear energy can power a transition to a Security+ certification
- What is a cloud administrator? Essential roles and skills
- Security control mapping: Connecting MITRE ATT&CK to NIST 800-53
- Should you take the CCSP/SSCP before the CISSP? [updated 2022]
- (ISC)² certifications: The ultimate guide [updated 2022]
- CCSP vs. Cloud+ [updated 2022]
- Data architect: The ultimate career guide
- The ultimate guide to ISACA certifications: Overview & career paths [updated 2022]
- I failed IAPP’s CIPP/C certification. Here’s how I recovered
- How learning to be "Always Flexible" helped a Marine in earning the Security+ certification
- How to learn and pass your next certification exam
- Mission accomplished: How one army veteran turned neurobiologist moved into cybersecurity
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
Professional development
Professional development
Professional development
Professional development
The role of the chief information officer (CIO) in cybersecurity