Skip to main content
7 answers
Asked Viewed 177 times Translate

For people working in Cyber Security or a related field, what is a piece of advice that you would give someone like myself that is looking to start a career in this field? Like, what are some things we should be wary of, what should we expect, etc.?

+25 Karma if successful
From: You
To: Friend
Subject: Career question for you

7
Pros
7
0

7 answers


Updated Translate

Thomas’s Answer

Iryanna,

Cyber security is a big field which gets a lot of attention and ad marketing. There are a lot of professional development schools and colleges which try to promote the exciting idea of being a cyber security expert. I think what would be best for ones interest in the field is to understand what parts of cyber security seem interesting to you. Within cyber security you have individuals who might work as investigators, or as policy administrators, those who focus on network, or those who do reverse engineering.

Regardless of your particular interest the fundamental skills are always important. There are a lot of resources available online, whether a tailored 'academy' like Cybrary.it which offers courses to earn certifications, or youtube for Linux foundational learning. I recommend both, a college education in Cyber Security will obviously push you in a particular career path, but certifications will also be very important to show to potential employers that you know the practical knowledge for the job.

Which brings me to my last piece of advice. I would also do some research or investigation into where you want to work. What kind of company, or government organization. Each company and organization will have a different way they think to apply the ideals of cyber security. Some will be much more concerned about proper network set up, or others intrusion detection and mitigation, having a target company/entity in mind might help you to understand what their interest in cyber security is, and along the way shape how you'd want to apply it in your career.
Thank you so much, this really helped me!!! Iryanna B.
1
Students
1
0
Updated Translate

Andrew’s Answer

I agree with Thomas that the biggest part is figuring out what part of cyber security interests you the most, and what motivates you. Defending (blue) and attacking (red) are talked about a lot and are great parts of the field to go into, however the field is bigger than just Red/Blue. I'd give the other aspects of it (Policy, Compliance, Vulnerability Management, Security Engineering) a try also. Interneships are a great way to get paid to try a job and a company out. If you can, get internships at different companies of different sizes. Working for different companies will help you learn what makes you happy what you won't want to do, and it's best to do that before you start a full time job.
1
Pros
1
0
Updated Translate

Botakrider’s Answer

Hi Iryanna,

I agree with everyone's answer but I would like to add to be very flexible with the cyber domain you are getting into. That means you should be willing to course correct and unlearn what you have learned to absorb whatever field you find the most joy doing. The foundational knowledge is very important as they will anchor you moving forward. Many times, we are mesmerized by the sexy stuff being talked about in the industry and the media. There are many more in the cyber field that are operating behind the scenes and they are the nuts and bolts or plumbing that keeps our world running securely.
1
Pros
1
0
Updated Translate

Charles’s Answer

I agree with all the other answers here. I would like to add that if you're more interested in the importance of the job than a great big salary, I would recommend you consider working in cybersecurity for a government. Whether in the United States or abroad, governments have a huge challenge to defend their nation in cyberspace. These jobs are challenging, but they really matter. You get to work with the smartest people, the best machines, and the hardest problems. Plus, you end up with a good work / life balance because you cannot bring the work home!
0
Updated Translate

Melanie’s Answer

Hi Iryanna,

I support Thomas' answer above, this is great guidance. Being wary of where you are spending your investment (time and funding) into programs can really pay off. There are so so many companies out there that can offer certain programs or certificates that may not be very legit, leaving you wasting your time and funds. Do your research and due diligence in the school, program, and degree/certificate and your hard work will pay off.
0
Updated Translate

Ken’s Answer

For people looking to start a career in cybersecurity, I'd recommend developing your experience, education and industry certifications. The CompTIA Security+ is a good certification with which to start as it has no experience prerequisite but demonstrates understanding of the fundamentals of information security. Seek out internships that can get you practical experience, and think about what companies are doing work you'd be most interested in. Set up a LinkedIn profile, make connections and keep growing your network.

I'd be wary of narrowing your focus too quickly. Try to avoid getting in the mindset of "I want to attain a certain title" because when beginning your career you don't want to limit your options in any way.
0
Updated Translate

Paul’s Answer

I agree with Thomas (very comprehensive answer), Andrew and Melanie. They all touched on "decide what you want to do". Again I fully agree. I would add
1. Consider (not necessarily "decide") if you want to be fully hands on (setting up/configuring Firewalls, AV, IPS/IDS/ etc.), purely hands off (never touch equipment or look at granular alerts, alarms, policies, etc.) or something in between (not configuring equipment but analyzing data, alerts, alarms, etc.). Those are broad categories and not meant to be a comprehensive list but rather some examples.
2. Consider the type of job....perhaps from a broader perspective from what other's mentioned. Do you want to be a Project Mgr, Sales, tech sales (tech person who supports sales people), work for a company that creates cybersecurity products (Fortinet, Palo Alto, Check Point, etc.), a company that uses other companies' products to provide solutions (i.e. consultants, 3rd party services, etc.), or an end user (any company not in the other categories).
2. Get as much granular level experience as possible early on, no matter which way you choose to go. The better you truly understand the underlining components Firewalls, AV, IPS/ISD, malicious activity/attacks, etc. the better (and more in demand) you will be for opportunities/jobs. So even if you want to be 100% hands off, understanding how the various pieces/technologies work, will be an asset. Similarly, if you want to be a tech guru configuring equipment, troubleshooting, etc. understanding the importance of policies or requirements and how they drive technical solutions will be a huge plus.
0