Cybersecurity is an increasingly relevant field and a great career choice for IT professionals. After talking to CompTIA Subject Matter Experts at a recent cybersecurity exam development workshop and surveying employers, we discovered seven themes that can lead to a successful cybersecurity career.
1. Tailor your resume to focus on the security aspects of your previous experience.
“A lot of the people getting into cybersecurity are network engineers or network administrators,” said Brian Bizon, senior information security engineer at Radial Inc., a multinational e-commerce company based in Pennsylvania. “They have areas of expertise that touch on security but that are not necessarily focused on it.”
Just because you haven’t held a cybersecurity role before does not mean you don’t have cybersecurity experience. Be sure to include on your resume things like limiting user access, complying with company security policy and other security-related tasks you performed in previous IT roles, even if the position was not specific to security.
2. Have a solid foundation in a variety of security practices.
Having CompTIA Security+ shows employers that you have the skills to protect networks, operations, data and hosts.
“Companies have to be concerned with mobile devices, social media communications and general data protection,” said Heather Engle, executive vice president of Sera-Brynn, in the CompTIA article Why You Should Consider A Career in Cybersecurity. “All indicators point to continued cybersecurity spending, but there is a need for people with more varied backgrounds than employers tend to look for now.”
These will give you a good base for dealing with challenges in your initial security jobs and set you up for advancing to more complex security functions.
3. Expect the worst and be prepared.
Traditionally cybersecurity focused on creating impenetrable systems. But today, cybersecurity professionals need to be able to configure strong networks and know how to handle a breach. To get into the cybersecurity field, make sure you understand the ins and outs of networks, study past hacks and breaches and how companies responded, and identify vulnerabilities so you can protect your organization.
4. Supplement your on-the-job experience with certifications.
“Certifications are very important because they show a minimum benchmark that both recruiters and hiring managers will look at,” said Damien Manuel, director of cyber research and solutions at Deacon University and board chair for the Australian Information Security Association. “One of the challenges for grads is getting access to hiring managers when they have to go through an agent first. They may be kept out of the process if they don’t have certifications.”
For example, CompTIA’s Cybersecurity Career Pathway can help you get the skills you need to move up in a cybersecurity career, especially if you want to get into a cybersecurity job without experience or a degree.
5. Get involved in the community.
Find ways to engage with other people in cybersecurity to grow your network. In fact, IT hiring managers responding to a recent survey from CyberSN.com reported that they often look to their personal networks for candidates rather than solely relying on recruiters. So, joining LinkedIn groups or professional associations, like the CompTIA Association of IT Professionals (AITP),can help you meet the right people and give your job search a boost.
“LinkedIn has helped me make the right type of connections,” said Andrea Di Fabio, chief information security officer and associate chief information officer at East Tennessee State University. “For those who are just starting in the field, joining a LinkedIn group and contributing to the conversation shows that you’re interested and have an opinion. This will help you get noticed and make the right connections.”
6. Stay up to date on emerging technologies.
Technology moves at a fast pace, and anyone who wants to get into cybersecurity needs to know about the latest innovations. Areas of higher priority in the past two years include cloud implementation, employee systems and payment systems.
“More employers are looking at certifications as a way to determine if someone’s skills are up to date,” Di Fabio said. “Certifications are usually current and what the industry wants right now. That shows me that they understand the current technology and how to apply it.”
7. Remember you have more to offer than just your technical expertise.
Organizations want technically trained applicants with a diverse skillset. Being able to understand business needs and how technology can support them will give you a leg up on IT pros that don’t understand it or can’t communicate it as well.
“Look to gain business skills. If you can translate from business to technical, you will be highly sought after,” Manuel said. “Having that crossover is a bit unusual now, so it’s great to get ahead of the curve.”