If you want to work in cyber security but feel hesitant because you got your start in healthcare, or business, education, or have even taken time out for parenthood, take heart from the fact that as a still relatively young profession, even those at its helm are unlikely to have started their career working in cyber security.
Don’t assume that coming from a non-technical background automatically disqualifies you from working in cyber security. Your role in project management, or law or accountancy could mean you’re well primed to handle incident response because these are roles that require a person with an analytical mind who can approach problem solving with astute critical thinking. If your current job requires you to be a thorough and effective researcher and to work well under pressure you may be on your way towards retraining as a Security Architect. If your comfort zone lies in helping others, being prepared to listen and caring about the outcome they’re hoping for then you could well take those skills you have as a teacher, nurse, counsellor and translating that into becoming a Cyber Security Consultant.
In fact, as an area that is forever evolving at an accelerated pace, having people come into Cyber Security careers from diverse backgrounds beyond the expected IT environment gives a fresh perspective on how to navigate hackers, their intentions and the information they seek. For example, if you’ve come from medicine into healthcare cyber security your insights into the latest tools, developments, trials, processes and so on will prove invaluable as you apply your privy industry knowledge and understanding to the technological prevention and mitigation of attacks.
Certain cyber security jobs such as Cyber Policy Analyst and Technical Writer don’t carry any technical skill requirement, particularly at entry level. Armed with a bachelor’s degree on the one hand and on the other a love of writing and excellent grammatical skills you may well secure a foothold into a career in information security.
When it comes to specific jobs in cyber security, it’s useful to know what you’re looking for and what your skill level makes you eligible for. Here are a few ideas to get you started:
Entry level cyber security roles
Systems Engineer, Systems Administrator, Web Developer, IT Technician, Network Engineer, Security Specialist
Mid-level cyber security roles
Security Technician, Security Analyst, Incident Responder, IT Auditor, Cyber Security Consultant, Penetration Tester, Network Security Administrator, Full Stack Developer
Advanced level cyber security roles
Cyber Security Manager, Cryptographer, Cyber Security Architect, Cyber Security Engineer, Chief Information Officer, CISO
As far as technical cyber security jobs go, the expectation is for candidates to possess a degree of computer aptitude. For example, Security Engineers typically require programming languages like C++, C# and the ability to navigate software to weed out and mitigate vulnerabilities, while Web Developers, Security Software Developers and Cyber Security Developers should have some experience dealing with security threats and writing software.
Undoubtedly there are a number of transferable soft skills that you can bring with you to a career in cyber security. Communicating technical information to non-technical people, working well within a team and approaching tasks with creativity and enthusiasm to name a few. Networking too is possibly one of the most important. Ideally connect with people face to face; find out about local meet-ups, conferences and industry events. Even better, if you can, wrangle a coffee with a security professional, and of course (given current COVID measures) pursue online networking avenues with passion.
Check out our Top 12 Cyber Security Bods to follow on Twitter for ideas on who to look to for news and industry updates.
If you have the right skills, it’s then a case of obtaining the relevant certifications to cement your career change. Initial certs to look into to kick off your cyber security education are the CEH (Certified Ethical Hacker) and Security+.
Advancing from there is the CISSP (Certified Information Systems Security Professional) which is still considered the gold standard of the industry, followed closely by the CompTIA Security+ which is an industry standard for any cyber security career. Other important certifications you could pursue depending on your area of interest are the CISM (Certified Information Security Manager) for those with more experience aspiring to management level, CISA (Certified Information Systems Auditor) for those focusing on the audit aspect of IT security and risk management and GSEC (GIAC Security Essentials) which delves into IT forensics and security.
Also available along the IT forensics line is the CFCE (Certified Forensic Computer Examiner) qualification for those potentially coming from a background in law enforcement, legal, judicial or forensics, as a Computer Forensics Investigator or Analyst needs to be experienced not only in cyber security but also in criminal justice training.
All manner of people can and do pursue careers in cyber security, it ultimately comes down to whether you have the passion and curiosity to learn.
You may also be interested in the below articles:
- Re-training in Cyber Security – is it for me?
- The Best Certifications for Breaking into Information Security
- The Basics of Cyber Security