From a career or professional perspective, information security (aka cybersecurity) is now a stable and growing profession. Information security jobs are expected to increase by 28 percent through 2026, according to the Bureau of Labor Statistics (BLS). With all the opportunity, landing a cybersecurity job can still be tricky.
Cybersecurity is a rising career field with a need for more security professionals in all industries and types of organizations. One of the greatest hindrances to mitigating cybercrime is the lack of qualified and skilled professionals trained in cybersecurity. Companies are looking to fill these roles. And there are numerous people interested in entering the field. There are three categories of people interested in joining the fight:
- Young professionals starting their careers
- Experienced professionals moving from one career into cybersecurity
- Professionals at all levels wanting to learn more about it to better protect their personal and business lives.
Choosing Your Cybersecurity Career Path
- Landing and keeping a job in cybersecurity
- What’s best for your Cybersecurity career: certification or a degree?
- Strategic (GRC) vs. Tactical (Technical) career paths
Below are some steps for you to determine certs or degree and help you build your cyber career:
Pick a path:
There are two main categories of cybersecurity careers: Strategic and Tactical.
- Strategic includes Governance, Risk, and Compliance (GRC), Policy, IT Audit, security frameworks and management.
- Tactical includes everything technical: security systems administration, networking, application security, security operations, incident response, vulnerability management, and penetration testing.
Pick the one where you have the most strengths. If you love playing with technology, go tactical. If you’re more prone to management and process, consider strategic. A word of caution: don’t try to do both and be a jack of all cybersecurity trades. Folks in this position are often seen as a master of none and are disqualified from many jobs. By the way, picking one over the other does not mean you won’t need to know how the other side works. Strategic needs to understand technology and tactical needs to get business risk. The Cyber Seek website (https://www.cyberseek.org/pathway.html) contains a list of careers for each path.
Determine your education path:
This is how you will reach the goal of getting the cybersecurity job of your choice. Cybersecurity degrees and certifications each have benefits and costs. Both can be used to open doors on cybersecurity careers.
- Degree :Expand or gain knowledge over time. With a degree you learn how to learn. This is crucial in the ever-changing cyber world. You’ll also gain additional professional skills like communications, leadership and management. Another positive for education is that a degree is forever and does not require any upkeep. It will get you in the HR screening process door if an IT degree is a particular job requirement. It indicates that you have the work ethic to complete something. Of course, it comes at a cost; both time and money.
- Certification :Establish your credibility. Certifications show you have knowledge in a specific area or indicates that you have the subject matter expertise. If you’re just starting in cybersecurity, the CompTIA Security+ (http://bit.ly/2Ei6Xtw) is the perfect place to start. It covers the basics, without requiring you have extensive knowledge or experience. Certifications based on a point in time and require continuing certification. The benefit is that you can often take a 1-week boot camp or watch a video series like Cybrary and complete the certification exam shortly after. This can be a low-cost option for many.
- Practical Experience / Practice: Getting certifications or a degree does not guarantee a job. You must continually practice what you’ve learned and build on that knowledge. This should come from both practical experience and personal practice.
For many cybersecurity jobs, this matters more than degrees or certifications. For those who are new to the cybersecurity career field, start in a help/service desk or security operations center (SOC). These are great ways to gain positive professional experience learning how cybersecurity operates within an organization. You can also gain experience by volunteering to fix or security computers for a community group (e.g., senior center, religious organization, etc.). In return, ask for a reference. By the way, you don’t have to start in cybersecurity. All careers can teach about professionalism and how organizational operations. These can provide much-needed perspective outside of technology.
Practice & Do Your Homework:
Cybersecurity is a career where you must keep learning and relearning to stay relevant and keep your skills sharp. I often tell my students, “Homework begins after you graduate” and “The real test is in the real world (not in the classroom).” You flunk a test in school, you can still graduate. You flunk a test irl (in real life), you won’t get the job or get to keep your job. This means you need to keep learning. Take advantage of sites like Cybrary that provide free videos on many aspects of security.
No matter the path, you need to:
- Be aware of the other side. If you’re tactical / technical, you still need to understand strategic / business, and vice versa.
- Network (the human kind). Join security groups in your community like ISSA, ISACA, ISC2, OWASP, Infragard, etc. This is a great way to meet other passionate cybersecurity professionals. These groups may also provide mentors to help you chose your path and keep your skills sharp through continual learning.
This is a Short Blog about building your cybersecurity career.Hope You found useful.Feel free to Share,and give your valuable Comments.
Resources:1.Cybrary 2. https://www.bellevue.edu/