The Not So Common Approach to Finding Yourself working in Cybersecurity
Updated: Feb 17
Author Tenesa Ellis
Find your inspiration. What makes you want to enter the cyber security field? For me, I really enjoy reading and learning about obscure history facts, so security vulnerabilities, particularly the research aspect, caught my attention. I just came across the story of the Code Girls, women in the field of cryptography during World War II from NPS. During the era of segregation, some units were made up of African American women who played a pivotal role in the early beginnings of security intelligence. If you are interested in supporting or being part of the next generation of black cyber talent, check out: Blacks in Cybersecurity.
How can I stand out, if everyone has more technical and hands-on cyber experience than I do? While you might be the most inexperienced, learn to use this to your advantage. Remember, more than a few cyber breaches are started by script kiddies. Being not very experienced allows you to think and out of necessity keep up with cyber news, and techniques and tactics. That script that caused a breach was available in the wild, likely you may have come across it recently, while someone more experienced in the field, might have a different theory or starting place, trying to mitigate the breach.
Okay, that’s great, but I still lack significant hands-on cyber experience. And am having trouble breaking into the field. It’s all about figuring out how to turn past experiences, showing relevancy, into what you now want to do in the cyber field. Teaching experience, great, maybe a role in security advocacy or a customer facing role requiring heavy client interaction. Strong writing experience, think technical writing for compliance or threat intelligence, which requires strong research and writing skills. And if you consider yourself a person of all trades, try an operations type role, which requires interfacing with many different teams and and all levels of employees.
And don’t be afraid to think outside of the box, when trying to break into the field. Instead of looking for and applying for narrow search terms and common roles, such as entry-level SOC Analyst or Security Engineer, expand your search to general IT or figure out which cyber roles tend to have fewer applicants. On any of the popular job search sites, look at how many have recently applied and how old the posting is. If say, more than 50 have applied and the posting is more than a few days old, it might be worth it to apply to a newer role or one with fewer applicants.
Personally, for me when I was looking for a remote cyber internship during COVID-19, I specifically narrowed my search to security specific groups on Linkedin, targeted to Women in Cyber. Instead of spending countless hours scouring the net, I knew by looking in specific groups I would be able to establish more of a connection, when I went to apply, at the very least be more comfortable when trying to learn more about the role, so a less cold outreach approach. This approach worked, as I was able to land a remote security internship role, on the opposite side of the country as me!
This same approach worked on my hunt for a full-time role in the cyber security industry. Like many, I had some hands-on lab courses, an internship and general security knowledge, but lacked 1-2 years of cyber experience, which is becoming a more standard requirement for entry level cyber security roles. So instead of chasing the elusive true entry level cyber role with a particular job title, I instead focused on my skill-set and took out certain keywords from my resume and used them for my search. Ultimately, what also, helped me to land my role, was taking advantage of free cyber related courses offered at my university. In my case, a cyber security course I took at CodePath, helped me to create my unique story.
About the Author: Tenesa is new to cybersecurity. She currently works in the government contracting space. Her cybersecurity interests include vulnerability research and emerging technology, such as Machine Learning for enhanced threat detection. She volunteers as volunteer Community Managers at CSNP.