How to start your career in cyber security

A version of this blog was originally published on 8 December 2017.

There has never been a better time to get into cyber security, with growing demand for experts promising increased salaries and job opportunities.

In this blog, we provide tips for getting your cyber security career started no matter your background.

  1. How much experience do you need?

Technically, you don’t need any cyber security experience to get started, though many people entering the field will come from jobs that have similar skillsets, such as systems administration or information analysis.

If you can demonstrate the relevance of your existing experience – what recruiters call ‘transferable skills’ –there’s no reason why you can’t get a foothold on the cyber security career ladder.

There are also plenty of entry-level positions available. Account executives and junior penetration testers, for example, tend to have little work experience, and can learn while on the job.

Of course, any prior experience is a massive advantage, despite the skills gap. You should try to take an internship or volunteer, but we understand this isn’t always possible. Alternatively, you could offer to help your employer or academic institution’s IT department in your spare time.

  1. Where can you learn about the cyber security industry?

It’s always a good idea to read as much as you can about a subject to find out what you’re getting yourself into. There are plenty of blogs dedicated to the practicalities of the cyber security industry; two good ones to start with are Troy Hunt’s and Daniel Miessler’s.

And, of course, there’s our own blog, which helps you stay up to date with the latest cyber security news and advice.

You should also consider following industry professionals on Twitter, as many of them provide useful tips, engage in debates and answer questions.

  1. Do you need industry connections?

Meeting people and making connections is a great way to get your foot in the door. Networking websites such as LinkedIn can be helpful, but we’d suggest face-to-face meetings wherever possible.

Conferences are an excellent starting point. There are tons of events across the UK each year, where you can listen to keynote presentations, take part in roundtables and workshops, and network.

You should also get to know the cyber security professionals in your organisation. We’re not suggesting that you accost them during their lunch break, but a few well-timed questions could lead to essential advice. More to the point, simply getting to know them on a personal level could give you an advantage when a job opens up in the department.

  1. How can you stand out?

The best way to gain an advantage over other prospective cyber security professionals is to become qualified.

The qualifications you need will depend on your career path, but the most common and versatile are associated with ISO 27001, the international standard that describes best practice for an ISMS (information security management system).

We have many resources to help you learn about ISO 27001, but for a thorough introduction, you should attend our ISO27001 Certified ISMS Foundation Training Course.

This one-day course:

  • Was designed by the same experts who led the world’s first successful ISO 27001 implementation project;
  • Gives you the opportunity to participate in group discussions and practical exercises, and review case studies; and
  • Is delivered by an experienced ISO 27001 practitioner, who will guide you through everything you need to know.

Find out more about the ISO27001 Certified ISMS Foundation Training Course >>