In this episode, we will focus on the initial version of our masterclass called How to Get Your First Cybersecurity Job that provides highlights for focusing on your cyber path journey towards your dream cybersecurity job. It is important to choose your path wisely to ensure that you are well prepared for the journey you are about to embark upon.
There are a lot of choices as you begin your journey towards entering the cybersecurity industry. There are numerous of certifications and college degrees available, as well as methods for gaining experience. Cybersecurity requires continuous learning and development, so you will always be in a state of educating yourself in order to be better prepared for the next attack.
Experience matters most when it comes to seeking a job such as cybersecurity. This makes it difficult for newcomers to enter the cybersecurity field, but you can gain experience in a number of different ways. You can join an organization such as a large company or the military to gain experience since these types of organizations have the resources to develop talent internally, including positions that don’t require extensive experience.
If these aren’t an option for you, you can consider gaining experience by volunteering. Underfunded or non-profit organizations often will accept cybersecurity volunteers to help manage their computer networks. These include charities, social service agencies, churches, synagogues, places of worship, local schools, and small-town governments. You could even volunteer to help manage the data network, setting it up, keeping it running at a local cybersecurity conference. The Information Systems Security Association (ISACA), Information Systems Audit and Control Association, Cloud Security Alliance, certification study groups, DEFCON, and Bin additional to gaining experience, you are also going to be able to build your network of other cybersecurity professionals who may be able to help you land your first position.
(Note: As of 2022, this masterclass has been updated and changed to the new Hired program that is available at https://ycpmembers.onpressidium.com/hired.)
Kip Boyle:
Hi everyone. This is Your Cyber Path, the podcast helps you get your first cybersecurity job.
I’m Kip Boyle, and I’m an experienced hiring manager of cybersecurity professionals. If you want to give me feedback on the show, or if you want me to answer your question on a future episode, please visit the show page at anchor.fm/yourcyberpath. When you get there, just click on the Message button and start talking.
Today, we’re wrapping up the second week of the initial version of our masterclass, and it’s called How to Get Your First Cybersecurity Job is told by hiring managers. And on today’s episode, I want to share with you some of the highlights from the second module, which was focused on choosing your cyber path from where you are now to actually getting your cybersecurity dream job.
Now, choosing your path is really important because there’s so many different ways you could go about preparing yourself. There are dozens and dozens of choices of certifications, college degrees. And, of course, the thing that all hiring managers are asking for, which is experience. Unfortunately, I hear from a lot of people who thought they were well prepared to get their first cybersecurity job, but they found themselves getting nowhere after months of interviews, it’s really, really tough. And I feel really bad for where they have found themselves. And it’s really not their fault. They have been following the conventional wisdom as best as they can, but it just is isn’t working. And I think you know if you’ve listened to a few episodes now, that’s because getting a cybersecurity job is different, very different than it is getting other types of jobs.
But it’s true that the most important thing you can do to get ready for your first cybersecurity job is to get experience. And that’s true, unless you’re going to do one thing, which is join a very big organization like the military, or a giant corporation. Those types of organizations have the resources to develop their own talent pipeline. And they can train you and they will take the time to teach you what you need to know. But unless you’re going to do that, you need to have some experience, especially if you’re going to join smaller or mid-sized companies or organizations, they just don’t have the time, really it’s mostly a time issue, but there’s also a resource constraint. And so, they need you to show up and be per reductive on day one.
Now, you can have a lot of experience and, here in the US, it also helps to have the right certification and a college degree to go along with your experience. But without experience, you’re probably going to struggle. And I don’t want that for you. So, here’s what you need to do, start thinking about the people in places who might be willing to give you your first opportunity to work on real cybersecurity problems. And your best bet at is to go to a local cybersecurity conference somewhere that is near where you live, a major city is where you’re going to have to look. And your goal is to meet people who have such a severe need for help that they’re willing to take a chance on you. And that means you need to offer to volunteer for anything when that opportunity comes up.
Now, with the pandemic quarantine in effect, right now, this is not easy. This isn’t necessarily easy in the best of circumstances. Most people who are attracted to cybersecurity careers are not exactly thrilled at the idea of getting out there and selling themselves and networking. But this is what you have to do. If you’re determined enough to get this cybersecurity job, then I’m sure you can do this, but with the pandemic going on, here’s the thing, a lot of local meet have gone virtual. So, what you need to do is you need to find out what are the dialing details for WebEx, for Zoom, for Discord, however, they’ve gone virtual, you need to figure out how to join in. And then when the face-to-face meetups resume, that’s going to help you ease into it. People will already have an idea of who you are and you’ll already have an idea of who you need to meet.
Okay so, while you’re trying to figure out how to get exposure to hiring managers, and the people who work for hiring managers at the security conferences, you need to brainstorm a list of places where the need, again, is so great that they would be willing to give you a chance. Now, the typical places where you’re going to get a big break are going to be organizations that are underfunded and, at the same time, have experience working with volunteers or interns, whatever label you want to put on it. And I’m talking about charities, social service agencies, churches, synagogues, places of worship, local schools, small town governments, or maybe an open source project would be a great place for you to spend some time helping out and, in exchange, getting some experience. You could even volunteer to help manage the data network, setting it up, keeping it running at a local cybersecurity conference. I mean, in the beginning, even just doing registrations, just helping people get a badge and find a seat and get a drink. These things are going to help you get some momentum going, which is what I want for you.
Now, the local cyber security meetups are going to be things like ISSA, which is Information Systems Security Association, ISACA, Information Systems Audit and Control Association, Cloud Security Alliance. There might be security product user groups that are meeting up, or there could be vendor sponsored events. Certification study groups, DEFCON has some local conferences and BSides, which is probably the best choice. If there’s one nearby, look for BSides. There’s typically a BSides conference in every major city of the world.
Okay so, I hope that gives you some hints about how to prepare yourself to get the cybersecurity job that you really want. The masterclass is closed right now otherwise, I would invite you to be a part of it. We’re going to reopen it after we incorporate the feedback we’re getting from this first group of students who are going through it. And they’re doing a good job of telling us what we need to do better. So, that’s enough for now. Until next time remember, you’re just one path away from your dream cybersecurity job.
YOUR HOST:
Kip Boyle serves as virtual chief information security officer for many customers, including a professional sports team and fast-growing FinTech and AdTech companies. Over the years, Kip has built teams by interviewing hundreds of cybersecurity professionals. And now, he’s sharing his insider’s perspective with you!
YOUR CO-HOST:
Jason Dion is the lead instructor at Dion Training Solutions. Jason has been the Director of a Network and Security Operations Center and an Information Systems Officer for large organizations around the globe. He is an experienced hiring manager in the government and defense sectors.
Don’t forget to sign up for our weekly Mentor Notes so you can break into the cybersecurity industry faster!