How to Get Into Cybersecurity, Regardless of Your Background
Imagine waking up in a good mood because you’re excited to go to work. Does that sound like you? If not, do you want that feeling? Choosing the right job—or better yet, career—has a major impact on every facet of your life, including your overall happiness.
Happiness can come in part from knowing that your job is secure. And if you’re looking for job security, it’s worth exploring how to get into the cybersecurity industry. The U.S. Department of Labor expects employment opportunities for information security analysts to skyrocket by a whopping 28 percent from 2016 to 2026. And experts predict that there will be as many as 3.5 million unfilled cybersecurity jobs globally by 2021.
You might think a career in cybersecurity is only possible for people from adjacent fields who already have the technical proficiency needed to make software and applications more secure, but there are opportunities for those who want to transition from a non-technical background as well.
We’ve put together tips on how to get into cybersecurity for people from both technical and non-technical professional backgrounds. Let’s start with those who have technical expertise.
Getting into Cybersecurity From a Technical Background
Not surprisingly, having technical skills is a benefit if you’re trying to figure out how to get into cybersecurity. You'll be able to decode certain computer-related aspects of the job at a faster pace than those without an IT background.
Programmers, web developers, and software engineers are just a few of the technical jobs where the skills you already have will be transferable to a cybersecurity role. For example, being a programmer will help you know what malicious code looks like, and how to protect against it. Web developers will be quick to learn how to defend against cross-site scripting if they don’t already know how to. And software engineers know how to mitigate vulnerabilities such as buffer overflows.
Having a technical background doesn’t always mean you’ve had professional work experience. For example, you may be completing a technical-related degree in school. Or you may have programming or cybersecurity skills that you gained from a hobby. On-the-job experience may be more valuable from a hiring manager’s point of view, but all experience counts.
Cybersecurity Jobs to Target
Technical cybersecurity jobs require a detailed level of computer knowledge; however, here’s the good part: much of the work you do will be learned on the job. Therefore, don’t let a desired skill deter you from applying to certain jobs. As you’ll read later, there’s a difference between required skills and desired skills.
Like non-technical cybersecurity jobs, there are a variety of focuses for the technical ones. Some job titles include:
Security engineer: In this role, you would test the network for vulnerabilities, monitor for security breaches, and develop security plans and policies. You would also mount an incident response in the event of any security breaches.
Cryptographer: As a cryptographer, you would analyze, decipher, and perhaps even develop encryption algorithms. The goal of these encryption algorithms is to secure data. The idea is: even if a hacker steals the data, they wouldn’t be able to read it due to the encryption lock.
Virus technician: Here, you would stay up to date on the latest viruses found in the wild. Your job would also be to help develop software that would fight or defend against these new viruses.
Penetration tester: This is the ultimate security job if you associate cybersecurity with hacking. As a penetration tester, you become a hacker; however, you will be an ethical one who must follow strict rules governed by the agreements your company has with a client company. Every action you execute will be documented. Companies hire penetration testers because they want to make sure malicious hackers cannot exploit their networks.
Hard vs. Soft Skills
For the positions above, as well as other technical cybersecurity jobs, you’re going to require a certain set of skills before being hired. These can be divided into hard and soft skills.
Hard skills are those which you probably already have, coming from a technical background. For example, if you’re a programmer, you might use C++ as a software engineer. If you’re a web developer, you may already know how to defend against SQL injections, which will come in handy as a cybersecurity developer. If you’re a software engineer, you will already know how to mitigate weaknesses in software, which you’ll use as a security engineer.
Soft skills are typically intangible and difficult to quantify. For example, the ability to communicate technical topics to a non-technical person is an important soft skill. Others include the ability to work as part of a team and having a positive work ethic and attitude.
You’re going to enter a technical industry from a non-technical background? Congratulations! Now, how do you do it? The best way is to figure out which position you want and then work backward while acquiring the required skills.
Make sure you also reach out to recruiters and hiring managers before you start. They’ll be able to point you in the right direction. Here’s one thing they’re going to tell you: Get some basic experience. This experience can come in the form of cybersecurity certifications.
Network+, Security+, and Certification Ethical Hacker are seen as beginner-level certifications. They are listed in the order you would obtain them. Network+ is optional and you’ll learn how computer networks interact. Security+, however, is when you really start to learn the basics of cybersecurity.
Here’s another way to get a cybersecurity position without any prior technical experience: Join the military. Each branch of the military—Army, Navy, Marines, Air Force, Coast Guard—offers positions in the cybersecurity field. If you served for a few years, you’d be able to make an easy transition back to civilian life with the marketable skills and experience you’d gain.
Have you thought about interning? This is another powerful way to gain on-the-job cybersecurity skills. Oftentimes, a company you intern with will hire you for a full-time position. Even if that’s not an option, you’ll gain something even more important: experience! You’ll be able to use your newfound experience to land a cybersecurity position elsewhere.
SANS has another take on gaining experience. They offer information to get you started right away in the comfort of your home:
“One of the best ways to learn all of the above is to set up your own lab at home. This is quite easy as you can create multiple virtual operating systems on the same physical computer at home, or set up a lab online through Amazon’s AWS. Once you get these systems up and running on your network, start interacting with them and learn everything you can.”
There are numerous paths you can take to get your first cybersecurity position. They include obtaining cybersecurity certifications, joining the military, interning, or simply reaching out to recruiters and hiring managers (which you should start doing anyway).
Continue to learn everything you can about the cybersecurity industry. That includes knowing what jobs are out there and what’s required to obtain them. ZDNet advises you to “read voraciously on the topic (news as well as tech stuff). Make yourself knowledgeable, read on daily if you can. The more you know, the more you’ll know who to try reaching out to.”