How to Get Into Cybersecurity
Your guide to landing your dream job in infosec
Do you dream about working in cybersecurity?
Imagine going to work every day, hacking into fortune 500 companies, legally. Or spend your days investigating cybercriminals and their tracks, finding evidence that can help build a case against them in court.
Working in cybersecurity is very rewarding because you get to use your technical skills to help defend the Internet. However, the path to get from student to working professional can be convoluted. In this post, we are going to go through some actionable steps to get you closer to your dream job.
Discover the possibilities
The first step is to look into the myriad of career tracks that you can take in infosec. Most people seem to associate the field with ethical hackers, who are professionals who hack into computer systems legally. But the infosec industry is made up of people with many different talents and abilities, and certainly, not everyone is an ethical hacker!
Explore the career paths you can take in cybersecurity here:
Cybersecurity Careers: Your Options
Exploring the paths you can take in your infosec career
medium.com
Determine your interests
Explore the possibilities, and research the job titles that interest you. Find out which ones best suit your technical interests and personality. There are pros and cons for each of the roles in infosec, and those might not be apparent by simply reading up on their job descriptions. So if possible, reach out to people working at your desired positions and ask for their opinion.
It is also important to find a technical niche. Because cybersecurity is such a wide discipline, you can’t possibly learn everything. And instead of trying to learn everything and failing, it is better to have a technical niche to focus on and hone in on that. Explore the different areas of your field, and start spending more time on the area that speaks to you the most. Before you know it, you’d start to understand more and more about that particular niche!
Learn, continuously
Then, the first thing to do is to make sure that you’ve mastered the basic technical skills that are needed in your chosen field. For most cybersecurity disciplines, that would be basic programming and writing skills.
If your goal is to become a pentester, you can start with a more detailed guide here:
Once you’ve mastered the basics, continue to learn and constantly add to your knowledge base. Security is a rapidly evolving field and you have to keep learning to keep up with its pace.
Resources
Here are a few good resources to help you learn continuously:
CSO online: https://www.csoonline.com/
Krebs on Security: https://krebsonsecurity.com/
Troy Hunt’s blog: https://www.troyhunt.com/
Daniel Miessler’s blog: https://danielmiessler.com/
Secure Reading: https://securereading.com/
Null Byte: https://null-byte.wonderhowto.com/
Popular hacker blogs: https://medium.com/@vickieli/best-hacker-and-security-blogs-to-read-d716c43e0494
Work on your soft skills
For each position that you are aiming for, there will be a set of required skills. These can be divided into hard and soft skills.
Hard skills are the technical skills that are required to do that job well. Given that you have mastered the technical basics and are learning continuously, you are covered on this front.
Soft skills, on the other hand, is harder to quantify. However, these are often just as important, if not more important than technical skills for entry-level infosec workers. Some of the most important soft skills to work on if you want to break into cybersecurity are the ability to communicate technical ideas to non-technical people, the ability to write and speak precisely, and the ability to work in a team.
Continuously honing these soft skills will make you a much more desirable pentester, malware analyst, forensic analyst, and so on!
Build connections
Don’t be afraid to reach out to people you admire in the industry. You might be surprised how many of them are happy to help out someone new in the industry! Find a mentor and learn from someone you aspire to become. A mentor can help illuminate your path towards your dream job since they have most likely been in your position when they started.
Friends are the easiest way to land jobs. When the time comes for you to look for a position in infosec, reach out to your network and see if anyone can use what you’ve learned!
Communities
Here are a few places to start making friends:
CNET forum: https://www.cnet.com/forums/
Bug bounty forum: https://bugbountyforum.com/
Tech Republic forum: https://www.techrepublic.com/forums/
Twitter: https://twitter.com/
Local security communities: http://www.securitybsides.com/w/page/12194156/FrontPage
CTF competitions: https://ctftime.org/event/list/
Contribute to the community
Contributing to the community is the best way to make your talents visible to others. It will also help you solidify your knowledge and feel good about helping others with their learning!
A good way to contribute to the community is by writing a technical blog. The infosec community is a bunch that loves to learn. And we rely on each other to share knowledge and keep up to date with our skills.
Another way to give back is to answer questions on social media sites, such as Twitter, Stack Overflow, and GeeksforGeeks. This allows you to help others on a more personal level, and at the same time, connect with people with similar interests!
Keep an open mind, and say YES!
Opportunities arise when you least expect them to. Be patient and keep an eye out for opportunities that come your way. Never dismiss jobs or internships simply because they don’t perfectly fit your expectations. We all have to start somewhere!
The steps you take don’t need to be big; they just need to take you in the right direction. — Jemma Simmons, AoS
Thanks for reading! Is there anything I missed? Feel free to let me know on Twitter: https://twitter.com/vickieli7.
