7 Sure-Fire Ways to Make it Big in Information Security
Author Charles Chibueze
The Information Security career space is a hot one right now and is slowly becoming competitive. Despite the increasing demand for professionals in this field, not all opportunities are actually “hot” in the sense that the job satisfaction is relative.
To gain satisfaction by getting the right opportunities, one has to stand out from the crowd. In this post, I’ll show you seven proven, sure-fire ways that you can make it big in Information Security.
1. Evaluate your passion for the game
Many folks rush head on into cybersecurity thinking they’ll make loads of quick bucks after just a short while. Although this case might be true for a select few, Information Security is quite challenging and the rewards only come after you’ve built your profile over a period of time. Passion is what drives you to keep going in Information Security when you hit a brick wall. Passion is what revives you when you experience burn out. If monetary reward is your primary driver, then you might not survive the game.
Question to ask yourself: Am I in this for passion or for the money?
2. Stay hungry and curious
The average Information Security professional puts in extra hours after work doing research, keeping up to date with trends and best practices, finding out new ways of doing things and practicing in his/her lab environment. This usually puts you ahead of others as no knowledge gained is wasted. You’ll definitely need this knowledge someday without any prior notice and you’ll be required to deliver it in a flash.
You’ve got to keep consuming relevant content to keep you ahead of your peers and abreast of current trends and happenings in this space. This content can be found in books, YouYube, Udemy, LinkedIn Learning and other educational platforms.
Never stop learning!
Question to ask yourself: Am I putting in the extra time and effort to consume relevant educational content that will increase my knowledge base and advance my skill set?
3. Network! Network!! Network!!
What if I told you that all of the jobs I've ever worked in Information Security were as a result of a referral? Yup. You heard right. When you’re in a community of Information Security pros, find time to network and subtly advertise yourself. Always render help when you can. Try to solve people’s problems. Engage relevant, Information Security related posts on social media and try to give your own opinion. Attend meetups and conferences no matter how big or small. You never know who you’ll meet someday. The jobs you never get to hear about are the ones where a fellow staff member is doing the head hunting himself/herself. They’ll always reach out to someone competent, who they already know. That’s where you come in. Advertise yourself subtly by talking about what can you do and solve problems for free using your knowledge and skill set. This way, you unconsciously enter into the candidate register of prospective hiring managers. Next time a vacancy comes up, guess who’s getting buzzed first?
Question to ask yourself: Am I networking with the right people/community in my field? Am I just a passive member or an active member?
4. Toot your horn
Just solved a challenge at work? Sound the trumpet on your social media (Linkedin and Twitter preferably), concealing sensitive details. Just tried out something on your lab environment and it worked? Sound the trumpet. Found out a new way of doing something cyber related? Sound the trumpet. Know a better way of solving a challenge? Sound the trumpet. When you toot your horn, you prove to your community that you’re knowledgeable in a particular regard. Publish posts consistently. Write that blog. Develop that tool. Publish that tutorial. By doing so, you unintentionally declare yourself a subject matter expert and also put yourself ahead of many prospects for a dream gig.
Question to ask yourself: How often do I spread word about my accomplishments? Am I intentionally increasing my engagement momentum?
5. Brand Yourself
I recall looking at my dream jobs to find out what the requirements were so I could work towards them. I discovered that about 90 percent of these jobs require two specific certifications. I set my goal for the year and crushed both certs. Not long after, I began to get request after request, offer after offer. Look for security related certs that are dominant in the industry. Junior prospects should look at Comptia Security+, Cysa+, Ejpt, CEH. Senior prospects should look at certs like CISSP, CISM, CISA, GIAC, among others. These certs not only give you a great learning experience but give you edge over prospects seeking the same opportunity. Throw your monetary resources into getting certified with reckless abandon. It’s the best investment you can make in yourself over the long term.
Question to ask yourself: Am I investing in the right certs to increase my brand value? Do I have future plans to do so?
6. Develop a Customer Centric Attitude
I can’t stress this enough. When solving problems either as a consultant or an in-house staff, always see the problem through. Follow this same approach when someone in your community reaches out for professional help. Seek the interest of the client and go out of your way to ensure their problem gets solved. People will always remember how you treat them. Your client, as an in-house staff or a consultant might just be your gateway to your quantum leap.
Question to ask: Do I solve my clients’ problems from the depth of my heart? Do I seek to rid them of their worries or just get them (my clients) off my back?
7. Volunteer Work
As you rise through the ranks in your Information Security career, remember to give back. In my opinion, giving back is the gift that keeps giving. Having this record on your resume or LinkedIn proves that you’re not only technically sound but passionate about what you’re doing. Recruiters love that combo in a prospective applicant. Volunteer at your local community/chapter. Volunteer for non-profits. Volunteer for charity. Watch as you rise further as you do so.
Question to ask: Am I currently giving back by volunteering my skill-set for non-profit organizations who need passionate, qualified information Security volunteers?
About the Author: Charles Chibueze is a Senior consultant with Deloitte and has years of experience in different cybersecurity fields e.g penetration testing, SOC, threat and vulnerability management.