Feb. 4th, 2022

Cybersecurity is a popular STEM field to enter with endless opportunities. Contrary to popular belief, you do not have to be a college graduate in computer science or an industry professional to get into an entry level job. We at SecureState have created a step-by-step guideline where anyone, no matter their experience, can find success in a cybersecurity field. We not only pull from our combined 20+ years of experience, but also gathered advice and examples from leading universities and cybersecurity professionals. If interested, let's get started.

There are three types of people that are coming into cybersecurity

1. College students on a technical track
2. Someone with no formal education
3. Professional from another field seeking an opportunity

No matter which one of these situations you fall into, there are simple steps that everyone going into the field needs to take.

1) Understand the Industry

To get into cybersecurity, you must be up to date with the field. There are tons of resources out there from podcasts, to YouTube channels, to blogs that cover the most up to date cybersecurity issues. Watching these not only gives you foundational knowledge, but also topics to talk about during an interview. Knowing technologies, the most recent events, and most importantly the newest threats can only make interviews easier for you.

Ideally this step will be maintained until you land an internship or a job because this step is crucial to acing interviews but also being successful during a job.

2) Get Foundational Knowledge

Cybersecurity is a unique field where having one skillset is not sufficient to being successful. Having at least a basic background in a coding/scripting language and network security knowledge only increases your chances when applying for a potential employer.

A coding background is not a deal breaker when it comes to getting into cybersecurity. Languages such as Python, Java, SQL, Bash, and C are good languages to start learning on your journey. Having a fundamental background on operating systems such as Linux, Unix and Windows are also stepping stones into a career. Lastly, familiarize yourself with technologies that you may use such as Wireshark (used for packet captures), NetWitness (used for packet capture analysis) and PowerShell (used for automation).

Similar to standardized tests such as the SAT, there are tests that represent where you stand compared to other candidates worldwide. Certifications can help you stand out to employers and depending on your position make you more money. Some of the most standard entry certificates are as follows:

• CompTIA Security+
• CompTIA Network+
• Microsoft Technology Associate (MTA) Security Fundamentals
• Certified Ethical Hacker (CEH)
• Offensive Security Certified Professional (OSCP)
• CompTIA PenTest+

All of these have applications for entry level positions. Anyone trying to get into cybersecurity should try to gain these credentials or at least learn the components in the first couple years of their career. The most important and elementary of these are the CompTIA Security+ and CompTIA Network+.

3) Gain Industry Credibility (Projects/Research)

Doing projects by yourself or conducting research is a fantastic way to dip your toes into what cybersecurity is all about.

Independent work allows you to hone the skills you already have and learn new ones on your own terms. Projects should be relevant to the career path you want to pursue and highlight skills you are learning or exploring. Cybersecurity projects do not have to be directly related to security and can also represent coding abilities. Here are some example projects for those interested.

Research can be anything from learning about current cybersecurity issues to understanding new technologies or working with a professional at a university. When doing research, your credibility for potential employers increases as you become up to date with situations that are currently happening and technology involved.

4) Create a Resume

Creating a resume is a very vital but challenging process for many young professionals. This is a gateway into getting real-world cybersecurity experience and is the first thing that hiring managers see about you. They will then determine whether you seem like you would be a good fit for the company. There are several components to think about when making a resume, such as:

Name/Contact Information/Professional Profiles

• First Name/Last Name
• Current Address
• Email / Phone Number
• LinkedIn
• GitHub

Education

• University/High School
• Degree and Concentration
• Graduation year
• GPA
• Relevant Coursework

Summary/Relevant Skills (Examples)

• Professional profile introduction - Career goals, Motives
• Technologies - PowerShell, Wireshark, Active Directory
• Languages - Python, Java, C++, Bash, Ruby
• Operating Systems - Linux, Windows, UNIX
• Soft Skills - Teamwork, Time Management, Problem Solving

Certifications

• Any related security certifications
• Technological certifications - Excel, PowerPoint, AWS

Professional Experience

• Jobs (Recent to Oldest / Most Relevant Experience First)
• Company or Place of Affiliation
• Dates of Employment
• Position, Contribution, Technologies used

Related Volunteering Experience

• Jobs (Recent to Oldest / Most Relevant Experience First)
• Company or Place of Affiliation
• Dates of Employment
• Position, Contribution, Technologies used

Projects/Research

• Description of Project / How it’s relevant to your skill set
• Technologies/Languages used through the project
• Publications that give you credibility

Extracurriculars

• Clubs that are directly related to position
• Sports and Hobbies
• Leadership Positions

Professional Associations

• Fraternities
• Honors Associations

Honors

• Scholarships
• Competitions
• Awards

All these aspects can be added to a resume, but that does not mean that every resume will or necessarily should have all of them. The most important thing to remember is that a resume should be tailored to not only you, but the job that you are applying for.

Resources

UMBC’s Do’s and Don’ts

Security Intelligence Writing Good Resume

Sample Resume (Beginner)

Software Engineering

Cybersecurity

Information technology

Sample Resume (Intermediate)

5 Cyber Security Resume examples

5) A Professional Reputation

You will be surprised what real world communication with peers and professionals can do for your career. Recommendations, referrals, and advice from those who have the careers that you want can open opportunities that are not accessible to everyone. Here are some tips on creating a strong professional network.

• Create a LinkedIn Account or Indeed
• Have an elevator pitch
• Attend Networking opportunities and Job Fairs
• Meet new people with similar goals
• Find a mentor
• Have a connection book and stay in touch
• Be genuine

Creating a good network could potentially make the next few steps far easier. When you have a professional network, you can learn from those who are where you want to be and create the fastest path to your own success. Asking to meet on Zoom with a professional you found on LinkedIn or asking to meet at a coffee shop in return for some advice can only help you further along in your career. Who knows, you might meet a longtime friend.

6) Get Industry Experience

Getting a job or internship is the goal for anyone trying to get into cybersecurity. This all starts with finding the right fit for you.

The International Information System Security Certification Consortium is a nonprofit organization that for years has been providing cybersecurity training through certifications for industry use. The domains that they cover within their CISSP examination have been considered to be the definitive cybersecurity domains. The eight domains, which have been widely accepted within the cybersecurity community, are:

• Security and risk management
• Asset security
• Security architecture and engineering
• Communication and network security
• Identity and access management (IAM)
• Security assessment and testing
• Security operations
• Software development security

These Domains lay the foundations for most of the opportunities you can get through a cyber security career.

There are tons of opportunities in cyber security. When looking for a job or internship, ask yourself whether your skill sets have given you motivation to go into a non-traditional cybersecurity role or a traditional one. Ask yourself what in your journey has interested you the most, and what qualifications do you bring to certain jobs.

After determining some paths that interest you, look to sites such as LinkedIn and indeed to find openings in your area. Tailor your resume to the jobs that you want to get. Lastly, once a recruiter determines that you are a good fit for the company, start to work on interviewing skills. The interview process is the most frightening for most candidates because all of the preparation that you have done is leading to that moment.

Preparation

Always go into an interview with a background of the job and company you are applying for. Do preparation with how your skill set fits the job and why exactly you would be a good fit for the company. Be prepared to talk about projects, experiences, and research you have done in the past; anything on your resume is fair game. Lastly, be yourself.

Interested in learning more about how to get into a cybersecurity field? Let's talk.

⁉️ How We Do It

SecureState uses a combination of automated tools and manual testing to provide a hybrid approach that includes proactive and reactive security testing activities. Our team has decades of cybersecurity experience with some of the largest tech companies including AWS, VMware, Google and Nintendo.

Take the first step to security and schedule a call today!

📆 https://calendly.com/securestate/lets-talk-security