How to start a career in the security industry
In the previous blog post we discussed what working in cyber security and information security was like. What the benefits are and what the costs are, but a question we’re asked on a frequent basis is “how do I get into the industry?”, so today we’ll try and answer this question with more than just one option.
There’s usually three ways into any job role, irrelevant of what the industry is or what the role involves, and they are education, experience and self study. Lets look at how they work in the cyber and information security industry.
Colleges and universities provide a great place to study for people of all ages. They will often run some great courses, which go all the way up to bachelors and masters levels, that are built around the security industry. To make these courses even more valuable, they speak to the industry and they ask about what skills people should be taught that will benefit them in future jobs. These courses can run from a couple of months through to 5 years depending on the level being studied.
A few really good examples are listed below, which I’ve broken down into levels.
The open university provides a section of free courses, and if you search for cyber security, there are some courses that appear. These courses provide a great starting point, and you get a certificate at the end.
A quick search on google can provide some great results for BTEC and NVQ level security courses. We wont list them all because it depends where you reside as to what’s best, but here are a few examples. The great thing about these courses, is that you can attend them as soon as you finish school, all that’s required usually are a few GCSEs.
The more advanced courses, are the university level, which include postgraduate and undergraduate courses. They’ve become increasingly popular in universities and they can teach a lot. Simply google “bsc cyber security” or “msc cyber security” depending on which level you’re interested in. From here you’ll be capable of finding the best location to study for yourself. A few examples again are listed below.
Assuming you’re not interested in going down the education route, because you may not be able to commit years of your life to studying full time, you can always start introducing security into your job role. This usually means that you need to be in an IT based role, or risk and compliance based role.
Some of the things that you can do, is review security on technologies inside of the company you’re currently working for, through to performing gap analysis’ on ISO27001 or CIS conrtols. In doing so, you’ll be both educating yourself and benefiting the company in regards to information security.
The only requirement behind these, is that you may need to sell it to your manager, but in the IT world this is not so hard any more, due to the increasing amount of threats.
This category is where I fall into. I worked in IT and I studied everything I could relating to cyber security so I could improve my job prospects. However, you dont need to work in IT to self study. There is a very good chance that you can still find work in cyber or information security once you have passed a few qualifications/certifications. You may not get a huge salary, but you’ll be ale to gain the experience that will make you great at what you do.
What can you self study? It’s probably best to break this down like the education part into beginner, intermediate and advanced.
The best place to start is the Comptia Security+ certification, because it gives a really good overview of security and doesnt cost a fortune. Sometimes when you buy the books you also get a discount on the exam.
Comptia run a couple of intermediate courses, which include CySa+ CASP+ & PenTest+, all of which cover different aspects of the security industry but are great courses. It’s likely that after the security+ you’ll know which one of these you want to fall into. There’s a link below to the website for these three.
There are obviously some really great courses, at all levels, but the most diverse tends to be in the advanced areas. The most popular ones which are sought after, appear on a lot of job advertisements, so if you’re seriously interested in a career in cyber or information security, have a look at what employers want. You will then be able to aim for what’s in demand. A few at present include:
To add to the information above, there is always the opportunity to improve skills and knowledge through different channels of information. For example if your interest is in penetration testing, then look into playing some security capture the flag games, and if your interest is in getting certified then register with CBT Nuggets or Cybrary and start watching security tutorials to help prepare for exams. If you have an interest in the cyber or information security fields, then there are plenty of ways to get into the industry and no one can stop you from learning. Good luck.
- The Essential Cyber Hygiene for your business
- Why do you need a SIEM?
- New Year cyber security recommendations
- How to uncover network vulnerabilities
- Protecting your identity online
- What is a VPN and why do you need one?
- Quick tips to improve your board’s cybersecurity
- Password Management Software
- How to make of your employees the best line of cyber defence against cyberattacks
- Certificate management processes
- What is Phishing and what can you do to prevent it?
- Found malware, now what do you do?
- Data breaches and other scary 2019 events- Special Halloween post
- How to get your cyber security budget approved by the board
- The TechForce Sponsorships
- Protecting your business in the cyber security era
- Secure Your Supply Chain
- Case study: British Airways Fined £183.4million for Data Breach
- The Silver Bullet in Cyber Security
- Fake invoice email scams and Office 365
- How to apply for the Cyber Essentials Voucher Scheme
- What is Business Email Compromise (BEC) and how to stop it
- Everything you need to know about Cyber Essentials
- Cyber Essentials Demystified
- How to choose a Security Awareness Platform
- 6 Quick and Easy Email Security Tips for Dummies
- Hackers On Tour
- How to share passwords safely in your Small Business
- In the news - Warning. North Sea firms likely already attacked
- 10 Steps to Cyber Security
- 6 Top Tips to Prevent Cyber Attacks
The Essential Cyber Hygiene for your business
We hear about the Travelex, British Airways, Maersk and Equifax data breaches. Over 90% of these incidents can be prevented by following basic Cyber Hygiene for your businessMore
Why do you need a SIEM?
A SIEM is a security information event manager, which very simply means its software that manages events regarding information security, simple enough.More
New Year cyber security recommendations
In this blog post we give you some new year cyber security recommendations to protect your accounts and identityMore
How to uncover network vulnerabilities
If you are new in IT and want to know where to start finding vulnerabilities on the network you're managing this blog post might be for you.More
FOR LATEST UPDATES SUBSCRIBE HERE: