Professional development

Three steps to start a career in cybersecurity

November 1, 2019 by Jeff Peters

The shortage of cybersecurity professionals has grown to nearly three million globally, with 498,000 openings in North America. There have never been more opportunities for those looking to start or transition to a career in cybersecurity, but how do you even get started?

To celebrate National Cybersecurity Awareness Month, we talked to CompTIA’s Chief Technology Evangelist James Stanger about how to start a cybersecurity career. Here are three takeaways from our YouTube livestream, “Breaking into cybersecurity with CompTIA.”

1. Start building your IT and security skills

If you’re looking to get your start in cybersecurity without any experience, you’re not alone. According to Infosec’s “2019 Cybersecurity Industry Report,” only 8% of cybersecurity professionals began their careers directly in an information security role. 

Luckily for you, CompTIA has built certifications around these entry-level skills and job roles, ranging from the help desk to network support to security administrator. Exploring these certifications will teach you the skills you’ll need to land an entry-level role.

James talked about three of CompTIA’s certifications and how they’ll help you get started in cybersecurity.

  • A+: This introductory certification will help you build a foundation of IT skills required for entry-level technical support roles
  • Network+: Building on what you learned in A+, this certification will teach you how to configure, troubleshoot and oversee networks
  • Security+: The Security+ establishes a baseline of security concepts and practical skills that will help you throughout your career

2. Explore entry-level careers

In addition to exploring entry-level IT and security skills and knowledge areas, it can be useful to look ahead to roles you may want to pursue. To help organize the many cybersecurity job openings available, CyberSeek created a career pathway that outlines the 10 most popular cybersecurity roles. Explore the four most common entry-level cybersecurity roles, their common skills and their associated training courses to see what sparks your interest:

  • Cybersecurity specialist: Requires knowledge of how to perform essential cybersecurity duties such as network security, vulnerability assessments and intrusion detection
  • Cybercrime analyst: Requires an understanding of how malware compromises a system and the methodologies behind digital forensics, including identifying, preserving, extracting, analyzing and reporting on cybercrime evidence
  • Incident analyst: Requires an understanding of security operations, a solid foundation of technical skills related to information and network security, and strong communication skills
  • IT auditor: Requires an understanding of internal auditing procedures, risk assessments and compliance requirements

3. Get hands-on experience

Getting hands-on experience is crucial to help stand out in entry-level interviews, James said.

“The main way you’re going to do anything useful in the IT space is — I call it ‘learn by playing.’ You’ve got to play with the technology. The only way you’re going to [progress in your cybersecurity career] is to learn by doing.”

During the livestream, James demonstrated how you can set up a virtual desktop using free tools. You can do everything from teaching yourself how to troubleshoot computers and networks to using tools like Metasploit to exploit vulnerable systems — all for little or no cost.

Check out his live demo below.

You can also get hands-on training by signing up for a free Infosec Skills account, which includes unlimited access to:

  • 100+ learning path with 1,000+ courses
  • 100+ hands-on labs via interactive cyber ranges
  • Skill assessments and certification practice exams
  • And more.

“The only way you’re going to really learn how to do things is by playing around with them,” James said. “There’s my main advice. Get a mentor and then play around.”

Posted: November 1, 2019
Jeff Peters
View Profile

Jeff Peters is a communications professional with more than a decade of experience creating cybersecurity-related content. As the Director of Content and Brand Marketing at Infosec, he oversees the Infosec Resources website, the Cyber Work Podcast and Cyber Work Hacks series, and a variety of other content aimed at answering security awareness and technical cybersecurity training questions. His focus is on developing materials to help cybersecurity practitioners and leaders improve their skills, level up their careers and build stronger teams.