Best of 2018: Top Career Advice from our Cyber Security Professionals

Want to work in cyber security? These Symantec employees have some sound advice.

Security Response
Dec 12, 2018 · 8 min read
Constant learning and communication skills are key requirements for a career in cyber security

Over the course of 2018 we have published career advice from 20 people working in the cyber security business, in roles ranging from threat engineers to sales managers. Below we bring you some of the best advice they offered for anyone wanting to pursue a career in cyber security.

The advice given is wide-ranging but a thirst for learning and the ability to communicate effectively seem to be two of the key skills needed for a successful career in cyber security. Read on to find out the rest of Symantec employees’ top tips:

Sayali Kulkarni, Senior Threat Analysis Engineer

“If you are interested in a career in cyber security, plan your roadmap according to the skills required in the positions that interest you most. Learning the basic skills of cyber security will help to smooth the path to your dream role. No one knows everything at the beginning, so don’t be afraid to apply for jobs.”

“A career in cyber security is a lifelong learning process; not the filling of a pail, but the lighting of a fire!”

Alan Neville, Senior Threat Intelligence Analyst

“Don’t be afraid to apply just because you feel you don’t have the experience. If nothing else, the interview will act as a learning opportunity and give you better insight into the industry. Beyond the interview process, I would advise anyone who has a keen interest in computer security to read as much as possible. Try new things, develop projects, and continue learning. Things move so fast in this industry and, by doing, you open up so many more opportunities for yourself.”

“Communication skills are something every job requires, but having the ability to think logically and articulate your research for the intended audience is extremely important.”

Torrey Umland, Leader of Engineers

“Do not limit yourself to what your professor or boss instructs you to do. Sign up for more and look for new ways to contribute. People who show a portfolio of work undertaken in their free time stand out from the crowd.”

“By storytelling and documenting what you learn, you reinforce your knowledge and allow others to grow; you contribute to a community. Technical writing is a skill worth practicing.”

“Ask your peers for critical feedback. Take your time sharing quality feedback with your peers. Also, give yourself feedback. Reflect on your failures and victories, learn from them. Try not to repeat failures, but don’t dwell on them; try to repeat success.”

Aishwarya Lonkar, Threat Analysis Engineer

“No matter who you are, or what your profession or qualification is, there is always a way into the area of cyber security. If you have an interest in this profession, try to stay updated on the latest trends when it comes to exploitation, malware etc. Beginners should try online courses, as this is a profession where you need to learn by yourself. And there is no end to learning. Every time you analyze a new sample you learn something new.”

Jennifer Fitzgerald, Threat Analysis Engineer

“This is a rapidly changing field and continuous reading is important, as is actively developing and maintaining skills. Capture the Flag (CTF) competitions are a good way of keeping skills up to date and learning new ones … I also recommend setting up a home lab with a number of virtual machines where you can test out anything you read about, or to do some of your own research.”

Jon DiMaggio, Threat Intelligence Analyst

“Push yourself, even if you’re not comfortable speaking in front of people. There is no better way to meet people, get your name out there and make a good impression than presenting at conferences.”

“Think of yourself as a ‘brand’. You must constantly refresh yourself, and push yourself outside of your comfort zone. The industry is constantly changing and you need to change with it. Market yourself and represent your employer both in your day-to-day role and in your outside cyber security interests.”

“Collaboration and sharing is just as important as any technical role. Build your connections, share with them, and it will come full circle.”

Candid Wüest, Principal Threat Researcher

“Don’t be afraid to ask questions. Personally, I would rather be the dumbest person in the room than the smartest, because that way I can learn the most.”

“You should use the many opportunities that are available to develop and increase your skill set. Depending on the field, this can get stressful and not everyone likes this. Some people might be unable to cope with the constant demand to upskill. However, it can also be very stimulating if you get challenged over and over again by new things, and satisfying when you find a new solution to a new problem.”

Dermot Harnett, Director of Development

“My advice is to always be on the lookout to develop your skills and challenge yourself and your team. Change is inevitable in this industry, so prepare for that change; the cyber security industry has completely transformed in the last few years. Cyber security is going to require solutions from technically minded people and I can certainly see why it is often touted as one of the most important future jobs.”

May Ying Tee, Associate Software Engineer

“We should always perform self-reflection to reflect on what we have achieved and learned in the past year, and how we can be better for the upcoming ones. If we do not see any improvement from before, perhaps we should start picking up some new skills, or seek new opportunities.”

“Technical skills are crucial in this field, but soft skills should not be overlooked either. Some of the soft skills that I find underrated are the ability to communicate constructively and objectively, or the flexibility to be a leader and a follower as and when needed.”

Fabio Pitino, Senior Software Engineer

“It is fundamental to stay up-to-date with the latest technologies: the benefits they bring, the costs and the risks. You must know the trade-offs involved … Do not limit your knowledge to only what you learn at university. A lot of the things I learned during my career weren’t taught to me by a teacher or university lecturer. Read a lot and constantly!”

“Use your spare time to build things, which could be a toy project to try out a new storage system, a web framework, or a new IoT device. Then try to change them, break and rebuild them again. Toy projects provide you with a safe environment where you can screw things up and it doesn’t matter because your objective is to learn.”

Anton Rubin, Associate Software Quality Assurance Engineer

“If you are in it for the money, you will not get the job satisfaction that you are looking for. My role (and the cyber security industry in general) is not for the fainthearted. Things move fast, technology evolves, and attacks are inevitable.”

“Key advice would be to try to look at the bigger picture. It’s quite easy for a technician to start focusing on the small details and lose track of the overall objective. ‘Networking’ is also very important — attending conferences and brainstorming with as many people as possible.”

Alina Amir-Qureshi, Scrum Master

“Be yourself, trust your instincts, and do what you enjoy doing the most. Try to step out of your comfort zone and never stop asking questions.”

Mandira Kumar, Senior Director of Sales Operations

“Anyone who is interested in learning more about the sales mechanisms and has a natural curiosity and great organizational skills would do well in sales operations.”

Gillian Cleary, Senior Software Engineer

“I moved to work in cyber security because I wanted to make a difference, not to the industry but to everyday people.”

“Do a part-time course in a cyber security related field. A part-time course will contain those already working in the industry: working by day, studying at night. If you’re any good, they’ll want to recruit you when you’re finished.”

Mick Halpin, Security Response Liaison

“Don’t be afraid to start off answering the phones or delivering the office mail. That’s what I did. Jump at any chance to work your way closer to the goal you have in mind. Clean your neighbor’s virus-infected WinXP box just for the experience. Get a job as a generalist in tech support or an IT department, then volunteer for anything security related. Pursue a couple of certifications or diplomas at night. Keep up on the security news and play with technology safely at home … Learn at least one new thing every day, and meet at least one new person every day.”

Mélissa Chouikrat-Marcinkowski, Sales Engineering Manager

“Be open to change! The threat landscape is super versatile, which means that every day you have to be prepared to learn about new types of attacks, new social engineering techniques, and new vulnerabilities … You need to be open-minded and willing to learn.”

Jenniffer Capicio, Senior Quality Assurance Engineer

“No one can know everything from the start, so if you don’t know something, research it. Also, don’t be afraid to ask. One of the good things about working in this industry is that there’s an abundance of very smart people around.”

“Have fun with the work and don’t try to learn everything all at once. Cyber security is such a big field and there are a lot of specializations, you can get overwhelmed if you don’t take things one step at a time.”

Gillian Bell, Director of Systems Engineering

“Be bold and open-minded and anything is possible. It does take hard work and dedication, but I truly believe in the mission of what we are trying to achieve … Don’t be afraid to apply even if you think you don’t have the skills; with the right mindset and focus you can achieve your goals.”

Stephen Doherty, Threat Intelligence Analyst

“Don’t settle in a job you don’t enjoy — computer security is a great space to work in and the challenges are abundant. If you are looking to re-skill, there are now a number of formal courses in this space and there are also plenty of online courses where you can get your feet wet.”

Robert Newton, Infrastructure and Automation Engineer

“You need to be adaptable, inventive, and not afraid to make mistakes — but you must also be able to quickly admit when you do and then fix and learn from them … Take a step back every so often, especially if you feel you’re down a rabbit warren. The problems we have to solve often take several attempts because they are some of the toughest in any industry.”

Check out the Security Response blog and follow Threat Intel on Twitter to keep up-to-date with the latest happenings in the world of threat intelligence and cyber security.

Like this story? Recommend it by hitting the heart button so others on Medium see it, and follow Threat Intel on Medium for more great content.

Threat Intel

Insights into the world of threat intelligence, cybercrime and IT security. Brought to you by researchers at Symantec.

Security Response

Written by

Symantec Security Response brings you the latest threat intelligence from the IT security world.

Threat Intel

Insights into the world of threat intelligence, cybercrime and IT security. Brought to you by researchers at Symantec.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade