COO at Orpheus Cyber, Cyber Security Awards and American Cyber Awards Judge, Industry Speaker.
getty
For years we have talked about the talent shortage within cybersecurity. While that persists, we have a new talent problem now: There are not enough entry-level roles. Many have heeded the news that this is an industry with high salaries, high potential and a desperate need for people. However, they are finding that the gap is for highly experienced candidates with specialist knowledge. The cybersecurity industry has shown itself to be incredibly adaptable and I have no doubt that the industry will create roles for this next generation of talent. While that happens, here are five things that potential candidates can do to plan their cybersecurity careers.
1. Research The Industry
Cybersecurity is a niche field for most businesses but there are a large number of different roles within it. These roles are not always similar and while it is possible to move between disciplines throughout your career, when you are starting out, you need to have an idea of the area you wish to target. Most people imagine that a role in cybersecurity is a penetration tester, or an ethical hacker, breaking into computer systems. But there are roles for people doing the opposite of that, building the defenses rather than trying to find the gaps. There are also roles for people analyzing the threats, writing policies, delivering training and even auditing the systems in place.
To research the industry, use free or low-cost resources to start to find out more about these disciplines. If there are one or two areas that sound interesting to you, research those a bit more in-depth. Look at what courses exist and what job titles you could have, and find out more about what you would want to do.
2. Speak To People In Your Target Role
Once you have an idea of the job you are targeting, find someone in that job who you can speak with. This can be as simple as finding people with that job title on social media and asking them if they would be willing to speak with you. You may also be able to find mentoring programs that would connect you with relevant people.
Ask these people what a typical day looks like for them. Find out what challenges they have. Consider the career path they took and how you may be able to emulate that. Empowered with these answers, you may now have a better idea if this is really the role for you. If it is, you have also been given an insight into skills you may need to build, potential talking points for an interview and how you can move forward.
3. Copy The Careers Of Others
Cybersecurity isn’t mature enough yet to have strict career paths. While to me this is exciting and full of opportunity, for those starting out, it can be challenging to know how to get started. If you look at the careers of others, it can give you an idea of what you may need to do. I recommend looking at people in the job you are targeting now and jobs that may be of interest in the future.
One thing you will most likely notice is that there are almost as many paths as there are people. Consider any key themes or certifications that appear often. Consider paths that are exciting to you as an individual. Most importantly, take confidence in that whatever you do, you can’t go that far wrong.
4. Take Certifications Only If You Have To, Or Want To
One of the questions I hear the most is “What certifications do I need?” No certification guarantees you a job. No one certification is relevant to all roles. There are some roles, like penetration testers, where certifications are highly relevant. Others, like threat intelligence, have far fewer certifications and are typically not required or valued as much as experience. If you are required to take a certification or it is clear that it is a barrier to entry to your dream job, then take it. Otherwise, take courses or certifications that interest you. Take them because learning excites you, and make sure it is within your budget.
5. Build Your Network
This is the most important thing you can do, and it will be incredibly important for starting and building your career. Building your network means making connections, engaging with them often and adding value to them when you can.
Building a network can be easier at industry events, but if that isn’t possible, many professionals are open to building their network virtually. A great way to get started is to connect with anybody creating content. They might be on a podcast or posting on LinkedIn. Comment on the content they have created and connect with them. Sending them other content they might find interesting is a great way to add value to them. Consider asking them for a phone call or to refer you for a job at their company once you have started to build that relationship.
Cybersecurity remains a great industry to build a career within. Getting started, as with any industry, can feel tricky, but it is an industry that is incredibly welcoming. The industry wants to attract new talent and is growing, and once you get started, the possibilities are endless!
Forbes Human Resources Council is an invitation-only organization for HR executives across all industries. Do I qualify?
