5 Tips on How to Transition Into Cybersecurity From Another Field
There are myriad reasons to look for a new job: increased pay, more robust benefits, better work-life balance — or more excitement. Cybersecurity is one of the most dynamic and interesting fields in IT, combining information technology with crime fighting. It’s also an industry in serious need of qualified professionals; experts estimate that there will be as many as 3.5 million unfilled positions by 2021.
If you're interested in working in cybersecurity, what actionable steps can you take toward achieving your goal? Networking, obtaining cybersecurity certifications, gaining practical experience, and cleaning up your resume are among the areas you should focus on. But let's first talk about finding opportunities within your current organization.
Network Inside Your Company
If you work for a large organization, you’re likely to have an in-house IT department at your disposal. Do they have entry-level cybersecurity jobs or security-adjacent positions you could pursue? Large companies often share job listings internally before posting them publicly. Consider applying. But before reaching out, there's one person you should tell first: your immediate supervisor.
Hear us out! There are many reasons to loop in your boss. Obviously, if they hear about it from the other department, you might find yourself in hot water. But if you’re forthright, your supervisor could be a helpful networking resource for you. A great boss is also a great mentor. And part of their mentoring should be guiding you to success within your organization, or even outside of it. Your supervisor might know the manager of the cybersecurity or IT department. How much better would it be if your boss put in a good word for you?
Recruiters within your organization are another invaluable resource. If you start a conversation with a recruiter, they can keep an eye out for future openings within your company. If they think you'd be a good fit, they'll reach out to you even before posting the job online.
The old saying is true: "It's not what you know, it's who you know." (Well, maybe it’s both.)
Finding a job within your current company typically is the smoothest way to transition into a new field. And networking internally makes it much easier to do that. Now, let's talk about some reasons why you'd get your first cybersecurity job elsewhere.
Network Outside of Your Company
Say your company doesn’t have cybersecurity jobs to fill. Or the pay is problematic. Whatever the case may be, if you decide you need to look elsewhere, you absolutely must invest time in networking.
There are always more opportunities to network outside of your organization, with recruiters, friends or friends of friends, even strangers doing what you’d like to do. There are great cybersecurity-focused networking sites like Peerlyst and startup spaces like AngelList. But overall, the best place to get started online is LinkedIn.
The platform is a networking goldmine. Recruiters from virtually all major companies use the social network. Advising your immediate supervisor before reaching out to outside recruiters isn't necessary; however, your boss can guide you in the right direction if they also are acting as your mentor.
There is one action you should definitely take before networking with recruiters on LinkedIn: update your profile! Your LinkedIn profile is essentially your resume; therefore, you'll want to treat it the same way. Your profile should be clean, concise, and relevant. If you're pursuing a career in cybersecurity, your LinkedIn profile should be geared toward cybersecurity as much as possible, even if you don't have much direct cybersecurity experience.
One way to bolster your credentials is to complete offline or online cybersecurity courses. There are numerous educational websites where you can be awarded badges or certifications for completing basic cybersecurity classes. And here's the best part: many of them are free! These badges and "certificates" don't hold as much weight as professional cybersecurity certifications like Security+; however, they at least show you are making an effort to learn the basics of cybersecurity.
Cybersecurity certifications — one of the clearest ways to prove cybersecurity experience — will take your journey to the next level.
Obtain Cybersecurity Certifications
If you're serious about transitioning to a career in cybersecurity, you should work toward getting professional certifications. They are required to be taken seriously, even for entry-level security positions. You could even start at a higher salary if you have a few certifications under your belt.
If you're just beginning a career in cybersecurity, your first certification probably will be Network+ or Security+. You might then obtain Certified Ethical Hacker, which is seen as a basic-to-intermediate-level certification. As your career progresses and you zero in on a specialization, you could move on to something like Licensed Penetration Tester.
Cybersecurity certifications show recruiters and hiring managers that you have the foundational knowledge needed for the job. That said, employers still will want you to back up these qualifications with proof of real-world experience.
Gaining Real-World Experience
Knowing about something and actually doing it are two different things. For example, you can read a book about packet sniffers; however, if you can’t operate a program like Cain & Abel, you’re not optimizing your would-be experience. There are endless programs you can download for free and practice with. Wireshark, Metasploit, and NMAP are great cybersecurity tools to start with.
Now, how do you get practical experience in cybersecurity when you’re not quite ready for an entry-level position? Consider exploring government or corporate internships, or seeking out volunteer opportunities in the nonprofit sector. There are formal programs, but you could also take an informal route: try reaching out to IT professors at a local university who could use some extra help.
When you’ve obtained a cybersecurity certification or some real-world experience, you need to tell the world.
Optimize Your Resume
Your resume should be written in the spirit of the job you want, within your experience. Here's what we mean: If you want a cybersecurity position, your resume should highlight your cybersecurity and security-adjacent skills. Any prior work experience, certifications, badges, or real-world practice should be featured on your resume prominently. That may require revamping the document. And a next-level resume will go beyond the industry focus and really adjust for the company.
Of course, you’ll also want to create a resume that is simply stellar, outside of the cybersecurity focus. That means something clean and concise that tells a compelling story about an intriguing protagonist (you). Particularly in IT, solid storytelling skills go a long way in helping you stand out.
Once you've networked, gained experience, and optimized your resume, it's time to pull the trigger: apply! With a solid foundation and an industry starved for talent, you’ll be well on your way to transitioning to an exciting career in cybersecurity.
Want to learn more about cybersecurity courses? Click the link below and head over to Springboard’s website!