Cybersecurity Job Search Tips and Strategies
Speak the LanguageThe world of cybersecurity has a language all its own. So you’ll need to be fluent in the highly technical vocabulary spoken by cyber professionals. For example: You can be certain that anyone who asks about your “white hat” capabilities will not be inquiring about your headgear. All kidding aside, be sure you have a solid grasp of essential industry terms and acronyms from A to Z (Advanced Persistent Threats to Zero-Day Attacks). Here are a few helpful resources:
- The CyberWire, a cybersecurity-focused news service and thought leader
- The National Initiative for Cybersecurity Careers and Studies, an online resource for cybersecurity training under the Department of Homeland Security
- Cybrary.it, a cybersecurity and IT workforce development platform focused on preparing cybersecurity and IT professionals for the next step in their career
Read Cybersecurity Blogs and WebsitesThe cybersecurity ecosystem can seem like a whole other world to newcomers. In addition to unfamiliar, Sci-Fi-sounding terminology, there is a constant flow of news and new trends and techniques, developments and advancements. Reading blogs and exploring influential industry websites is one of the best ways to get your virtual finger on the pulse. Start by checking out one of the many lists of top cybersecurity blogs and websites put together by industry advocates.
Survey the Landscape of Entry-Level Cybersecurity JobsNobody’s going to make the mistake of applying for a chief information security officer job right out of college, but you’ll want to develop a clear idea of what jobs are realistic given your specific level of skill, education and experience. Three such potential jobs are discussed in a SecurityIntelligence.com article titled “How to Land an Entry-Level Cybersecurity Job,” which spotlights Information Security Analyst, Junior Penetration Tester, Network and Computer Systems Administrator. One industry resource that is designed specifically for cybersecurity job seekers at all levels is Cyberseek.org, which helps connect the dots between specific skills such as software development, systems engineering and IT networking, and specific opportunities (entry-level, mid-level and advanced) in cybersecurity.
Pick an Area of FocusAre you an engineering type or a natural-born IT whiz? A tech-savvy quick study with solid leadership skills? Cybersecurity is an extremely broad and diverse field. So it is often advisable for entry-level professionals to decide what area of cybersecurity they want to focus on. Much of this will depend upon your existing proficiencies, as well as your aptitude for learning highly technical skills that will expand your spectrum of opportunities. But determining what areas you are most interested in will help you set goals, both short term and long term, as you gain skills and experience with an eye on specific types of jobs.
Explore Internships and ApprenticeshipsCybersecurity career resource Circadence.com advises entry-level job seekers to explore internships, apprenticeships and alternative pathways to gaining experience. Doing so is part of a “go-getting attitude” that is helpful in most career searches, cybersecurity included. The article points out that internships are available through many community colleges, technical colleges and universities, some of which “have well-oiled practices of connecting students with local companies.” It touts apprenticeships as a valuable “learn while you earn” experience that is beneficial for both the company offering the opportunity and the apprentice.
Experience, Experience, ExperienceLike nearly all cybersecurity career advocacy organizations, Circadence places heavy emphasis on gaining experience however you can, and distinguishes between three types of experience. In addition to “real-world training experience,” it cites the value of:
- Technical experience – One example of this is the knowledge and skills gained through industry certification programs.
- Degree experience – Though not all cybersecurity jobs require a degree, many positions, especially higher-level jobs, will require or at least prefer a combination of all three types of experience.
Cybersecurity Job Interview Tips
Tout Your SkillsBe ready to discuss your hard skills but — and this is important — without exaggerating or overstating them. Also be ready to emphasize your soft skills; there is considerable demand in the cybersecurity workforce for talented communicators who possess the ability to translate cyber speak into layman’s terms, for example to liaison between the front-line tech team and non-tech stakeholders or executives.
Ask Intelligent QuestionsYou know that part of the job interview when the interviewer asks the applicant if they have any questions? Often, people are so focused on what questions they will be asked that they neglect to prepare any questions for their potential employer. This is a missed opportunity. So be ready to ask something that shows an understanding of and a curiosity about the role for which you’re applying, rather than wasting this opportunity with a question about the dress code or whether or not the company gives you two days off at Thanksgiving.
Do Some Extra HomeworkThe more you know about the companies or organizations to which you are applying before the interview, the better you’ll be able to impress them with your diligence and initiative in taking the time to understand what they are all about. Such research will position you to ask better questions, provide more relevant answers and perhaps even impress your interviewer with a unique insight about the company. This also applies to being as knowledgeable as possible about the specific position or type of position you are applying for. Having such knowledge at your fingertips will also help you feel more confident going in.
Cybersecurity Career TrainingThere are multiple pathways to success in cybersecurity. For example, this is a field where it is not particularly unusual to find super-skilled high school or college dropouts pulling down six figures alongside co-workers who have earned a master’s degree. The path to success as a cybersecurity professional is different for everyone. However, a tried-and-true approach shared by many is to combine real-life experience with some academic and technical training (such as advanced degree programs and certifications) to further expand your overall knowledge and capabilities, as well as to develop some specialized skills.
About the Author: Michelle Moore, Ph.D., is academic director and professor of practice for the University of San Diego’s innovative, online Master of Science in Cyber Security Operations and Leadership program. She is also a researcher, author and cybersecurity policy analyst with over two decades of private-sector and government experience as a cybersecurity expert. Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.