Looking for a Job in Cyber? Tips and Advice From the Pros
A career in cybersecurity can be rewarding, challenging, and, frankly, lucrative. But it’s not the easiest industry to break into: the skills required for a cybersecurity role are both niche and specific, the bar for entry is relatively high, and there are very few entry-level jobs available.
But don’t be disheartened. The cybersecurity industry is crying out for fresh talent. With hard work, a little luck, and the right advice, you can set yourself up for a long and satisfying career in cybersecurity.
With this in mind, we spoke to two industry veterans to get their thoughts on breaking into the industry. Tyler Reguly and Rick Oulette have more than 40 years of cybersecurity experience between them and have held some of the industry’s top positions. Few people are better placed to offer advice to new recruits.
So, without further ado, let’s dive into Tyler and Rick’s top tips for landing your first cybersecurity role.
Get Accredited
Very few – if any – cybersecurity roles don’t require a certification or qualification. Even the most entry-level roles will require some level of expertise. However, you don’t need to spend three years and tens of thousands of pounds to gain a certification: there are a vast number of initiatives and organizations that provide cybersecurity training and certifications for a fraction of the time and money you’d need to spend at university.
For example, Rick hired Gina D’Addamio after she switched from nursing to cybersecurity because she had completed Canada’s Accelerated Cybersecurity Training Program and earned three GIAC cybersecurity certifications in just seven months. Similarly, anyone wanting to kickstart a cybersecurity career can gain the skills needed for an entry-level role with ISC2’s Certified in Cybersecurity certification.
Prove Your Passion
Cybersecurity is a tough job. If you’re not passionate about your work, it will make you miserable. For Tyler, it’s the applicants who demonstrate their passion for the role that really stand out. When considering applicants, he’ll look for individuals who, for example, are involved in recognizable cybersecurity groups and forums or have their own GitHub account. Tyler points out that most entry-level applicants have similar knowledge and skill sets – it’s the extracurriculars that set the best candidates apart.
Play Up Your Soft Skills
If you’re changing careers, don’t discount the skills you developed in previous roles. Even though your last role wasn’t in cybersecurity, it is still valuable. Both experts recognize that someone with diverse experience can bring a lot to a cybersecurity role. Rick argues that candidates from other industries bring a “fresh perspective, an end-user viewpoint, and a beginner’s mind that fuels a curiosity and ability to think outside the box.”
Tyler has a similar perspective, arguing that a candidate with “life experience or other career experience is often going to be a much better hire because they have that experience to draw on.” As a manager of a large team, Tyler recognizes the importance of the soft skills developed in other careers for practical cooperation and communication, especially in the remote work environments so many companies have nowadays.
Be Willing to Learn
Arguably, the most important quality for a rookie cybersecurity professional is a willingness to learn. Both Rick and Tyler list a desire and ability to learn as high up on their wants for a potential candidate.
In the short term, as an entry-level employee, you’ll need to quickly come to terms with your new organization’s environment to become an influential team member. In the mid-term, the ability to learn quickly will help you gain new skills and move up the career ladder. In the long term, you’ll need to keep pace with the rapidly evolving cybersecurity landscape to understand and deal with new threats, technologies, tactics, and more.
Don’t Exaggerate
Overselling your abilities is a big no-no for cybersecurity hirers. Tyler says he comes across a surprising number of candidates that straight-up lie about their abilities. “I think this is a mistake that many new job seekers run into. They want to impress, so they list everything they’ve ever touched, even if they don’t know it enough to talk about it, and that isn’t very impressive,” he said.
To avoid this, Tyler says to make sure you learn the training materials you interact with. For example, if you list Wireshark on your resume, Tyler expects you to be able to answer questions related to Wireshark, not to say you completed a Wireshark room on TryHackMe.
Persevere, Persevere, Persevere
Finally, don’t give up. It took Gina a month of intense job-seeking and networking to land a role in cybersecurity, and it might take you even longer. But that’s no reason to lose heart. Your hard work will pay off if you persevere.
Moreover, persevering in your job search is attractive to employers. Tyler makes the point that he wants to hire people who aren’t going to give up the second a problem becomes difficult: pointing out to your interviewers that you’re several weeks or months into your job search and still going strong may well play to your advantage.
To conclude, landing your first cybersecurity role is no mean feat, but it is not impossible. Take the above advice on board, knuckle down, and – most importantly – keep plugging away. You’ve got an exciting career in cybersecurity ahead of you, so don’t let a little trouble getting your foot in the door stand in your way.