How to start a career in the security industry
In the previous blog post we discussed what working in cyber security and information security was like. What the benefits are and what the costs are, but a question we’re asked on a frequent basis is “how do I get into the industry?”, so today we’ll try and answer this question with more than just one option.
There’s usually three ways into any job role, irrelevant of what the industry is or what the role involves, and they are education, experience and self study. Lets look at how they work in the cyber and information security industry.
Colleges and universities provide a great place to study for people of all ages. They will often run some great courses, which go all the way up to bachelors and masters levels, that are built around the security industry. To make these courses even more valuable, they speak to the industry and they ask about what skills people should be taught that will benefit them in future jobs. These courses can run from a couple of months through to 5 years depending on the level being studied.
A few really good examples are listed below, which I’ve broken down into levels.
The open university provides a section of free courses, and if you search for cyber security, there are some courses that appear. These courses provide a great starting point, and you get a certificate at the end.
A quick search on google can provide some great results for BTEC and NVQ level security courses. We wont list them all because it depends where you reside as to what’s best, but here are a few examples. The great thing about these courses, is that you can attend them as soon as you finish school, all that’s required usually are a few GCSEs.
The more advanced courses, are the university level, which include postgraduate and undergraduate courses. They’ve become increasingly popular in universities and they can teach a lot. Simply google “bsc cyber security” or “msc cyber security” depending on which level you’re interested in. From here you’ll be capable of finding the best location to study for yourself. A few examples again are listed below.
Assuming you’re not interested in going down the education route, because you may not be able to commit years of your life to studying full time, you can always start introducing security into your job role. This usually means that you need to be in an IT based role, or risk and compliance based role.
Some of the things that you can do, is review security on technologies inside of the company you’re currently working for, through to performing gap analysis’ on ISO27001 or CIS conrtols. In doing so, you’ll be both educating yourself and benefiting the company in regards to information security.
The only requirement behind these, is that you may need to sell it to your manager, but in the IT world this is not so hard any more, due to the increasing amount of threats.
This category is where I fall into. I worked in IT and I studied everything I could relating to cyber security so I could improve my job prospects. However, you dont need to work in IT to self study. There is a very good chance that you can still find work in cyber or information security once you have passed a few qualifications/certifications. You may not get a huge salary, but you’ll be ale to gain the experience that will make you great at what you do.
What can you self study? It’s probably best to break this down like the education part into beginner, intermediate and advanced.
The best place to start is the Comptia Security+ certification, because it gives a really good overview of security and doesnt cost a fortune. Sometimes when you buy the books you also get a discount on the exam.
Comptia run a couple of intermediate courses, which include CySa+ CASP+ & PenTest+, all of which cover different aspects of the security industry but are great courses. It’s likely that after the security+ you’ll know which one of these you want to fall into. There’s a link below to the website for these three.
There are obviously some really great courses, at all levels, but the most diverse tends to be in the advanced areas. The most popular ones which are sought after, appear on a lot of job advertisements, so if you’re seriously interested in a career in cyber or information security, have a look at what employers want. You will then be able to aim for what’s in demand. A few at present include:
To add to the information above, there is always the opportunity to improve skills and knowledge through different channels of information. For example if your interest is in penetration testing, then look into playing some security capture the flag games, and if your interest is in getting certified then register with CBT Nuggets or Cybrary and start watching security tutorials to help prepare for exams. If you have an interest in the cyber or information security fields, then there are plenty of ways to get into the industry and no one can stop you from learning. Good luck.
- Protecting your identity online
- What is a VPN and why do you need one?
- Quick tips to improve your board’s cybersecurity
- Password Management Software
- How to make of your employees the best line of cyber defence against cyberattacks
- Certificate management processes
- What is Phishing and what can you do to prevent it?
- Found malware, now what do you do?
- Data breaches and other scary 2019 events- Special Halloween post
- How to get your cyber security budget approved by the board
- The TechForce Sponsorships
- Protecting your business in the cyber security era
- Secure Your Supply Chain
- Case study: British Airways Fined £183.4million for Data Breach
- The Silver Bullet in Cyber Security
- Fake invoice email scams and Office 365
- How to apply for the Cyber Essentials Voucher Scheme
- What is Business Email Compromise (BEC) and how to stop it
- Everything you need to know about Cyber Essentials
- Cyber Essentials Demystified
- How to choose a Security Awareness Platform
- 6 Quick and Easy Email Security Tips for Dummies
- Hackers On Tour
- How to share passwords safely in your Small Business
- In the news - Warning. North Sea firms likely already attacked
- 10 Steps to Cyber Security
- 6 Top Tips to Prevent Cyber Attacks
Protecting your identity online
Is it possible to really protect your identity online? How do “you” protect your identity online and how do others that have your identification details protect you in the ever expanding “online” aspect of computing?More
What is a VPN and why do you need one?
We tell you in this post why it is useful to have a VPN connectionMore
Quick tips to improve your board’s cybersecurity
For some CISOs, it is a challenge to communicate your priorities to the board. We provide you here with some quick tips to ensure your board knows more about cybersecurity and how to act upon it.More
Password Management Software
Remembering passwords is hard, we tell you how to store and share passwords safely with password management softwareMore
FOR LATEST UPDATES SUBSCRIBE HERE: