Starting Your Cybersecurity Career

Cybersecurity as part of an overall Information Systems environment has existed for many years, but recent cyber-attacks have forced companies of all sizes to focus on cybersecurity to enhance security, protect sensitive customer and employee data, and to prevent damage to their corporate brand. Maybe you are looking to jump into a cybersecurity career? I have some basic tips to help you make the leap to a rewarding career in cybersecurity.

  1. Skills – A company only wants to hire the best employees, usually for the lowest wage possible. Your salary is usually based on your skills, experience, and the local market. If you haven’t got any relevant experience, and you can’t demonstrate relevant skills, you may never get a cybersecurity job and you’ll definitely be underpaid if you do get a job. The best way to demonstrate skills without experience is an industry recognized certification. While having a degree in cybersecurity will open some doors, an EC-Council Certified Ethical Hacker (CEH), CompTIA Security+, or many other certifications will help demonstrate you have the knowledge and skills to tackle the complexities of cybersecurity. Look at job postings to see what types of certifications are needed or common for the type of job you want to pursue. You can get a free certification called Certified in Cybersecurity from (ISC)², the same cybersecurity professional organization known for the popular CISSP certification. Just sign up as an (ISC)² Candidate. When you’re ready to sit for the exam, you can find your exam promo code on the Candidates benefits page. Please note that you may only use the exam promo code once. To register for your exam at a Pearson VUE test center, visit
  2. Experience – This can be the most difficult thing for a beginner to accomplish. How can you be expected to gain experience if you can’t get a job without experience? You can try internships, a part-time job, freelancing for a few friends or associates, volunteering at a local non-profit, or complete Capture-the-Flag (CTF) challenges. These are all great ways to gain hands-on experience in cybersecurity, maybe without giving up your normal job. These initial experiences will not only help you determine if this career is right for your personality and lifestyle, but it will also build your skills and experience to enhance your resume.
  3. Awareness – Most of what is happening in cybersecurity isn’t mainstream news. You need to follow some basic industry news sites (,,, etc.) to learn about new attack methods, attend cybersecurity conferences to listen to experts and vendors, participate in free webinars to learn new skills, and join online or local communities to meet your future coworkers. These relationships and information are usually free (or low-cost) ways to stay informed about emerging threats, hacking tools, and industry best practices in the field. Being a well-informed cybersecurity professional adds value to your portfolio and can attract interest from an organization during an interview.
  4. Relationships – By networking and building professional relationships, you can create a strong professional network that can possibly offer you mentorships, job referrals, information about recent job posting, or just someone to talk to when you need a pep talk.
  5. Attitude – You’ll probably meet a few people who still think of security professionals as teenagers living in their parent’s basement trying to hack into the Pentagon or the local video game store. You’ll need to demonstrate your professionalism in actions and appearance. Cybersecurity professionals have access to critical and sensitive business information, so you’ll need to demonstrate you can handle that responsibility with the highest standards of conduct, ethical behavior, and professional demeanor. This includes while at a job interview, attending a conference, and while talking to colleagues or friends. Don’t give anyone a reason to second-guess the opportunity to recommend you for a job.
  6. Focus – Learn everything you can and stay focused on the prize. Don’t take half steps toward getting that dream job in cybersecurity. There are entry-level jobs out there, you just need to be persistent and patient to find the hiring manager willing to give you a chance. The more you know, the more you’ll find out how much you don’t know about cybersecurity. Accept your limitations and lean into finding an entry-level position. Stay curious and accept you have a ton to learn, but demonstrate a willingness and ability to learn.

These are the basic building blocks to finding a rewarding career in cybersecurity. Some people find it easy and get an entry-level job a few weeks into their job search, while others can spend months without any luck. It doesn’t mean you are doing something wrong. Stay positive and focused and you’ll eventually find success.

Conducting a Successful Job Search

As people look for a job and aren’t lucky enough to secure a position, many might say it is because of the economy. Some people with similar experience looking for similar positions are finding work, but some still aren’t that lucky. Looking for a job is a job in itself. It is a hard process that requires commitment to do the hard work required. But the fact is that a successful job search requires far more work than almost anyone expects. Only the hard workers (or the lucky) are successful in a job search. Let’s go over the basics to get you started on the correct path to success.

Job Search Basics

Your Resume

You still need a resume, even if you use online job sites and industry recruiters. The resume is really just a listing of job experience to help the person responsible for screening resumes (which is sometimes just a computer algorithm) select the resumes best suited for the posted position. There are various styles of resumes, and you should create a resume in a few styles and compare them side-by-side until you find a look and content style that you like. If you include a job objective it should match as exactly as possible the job description for the job you are applying for at the time. That will require you to alter the resume for each job you are applying for, but it may increase your chances of getting selected for an interview.

When listing your professional experience, be very specific and make sure you are using terms and key words that make it easy for the resume screener to pick out your resume as a possible candidate with the right experience for the position that is posted. You should also include specifics that allow your level of experience to be compared to another resume. You don’t just have experience in Windows, you have 8 years experience installing, configuring, and supporting Windows XP and Windows 7.

While this isn’t as important as it used to be, you should try to get your resume down to a single page, if possible. You resume should include the relevant information to show you are qualified to be considered for the posted position. You want an interview to expound on those experiences and explain why you are the best candidate for the position.

Most resumes are summited via email or online through an online posting site, but you should also have printed copies available for face-to-face meetings with recruiters as well as extra copies to pass out at actual interviews. Make sure the paper copies are correct for the position, clearly printed, and on quality white paper.

Cover Letter

You should create a cover letter for each position you are applying for, even if you never actually use the letter. The process of creating the cover letter will help you gather your thoughts on why you think you are qualified for the target position. You can think of a cover letter as a document that introduces your boring resume to the reader, pointing out why you think you are qualified for the position, and positioning your resume to the top of the resume stack. While you don’t want to repeat everything, you do have to say why you are qualified for the job given your experience. This is the perfect place to tell how talented and qualified you are and what you will bring to the organization, so don’t be modest.

This is an important note: You absolutely must have someone proof and edit your cover letter and your resume for you. You have to make these documents perfect because any grammatical errors or misspellings will often disqualify you for any further consideration.

Marketing You

You can be your best promotion tool to get you an interview. Don’t just submit your over letter and resume and wait for a telephone call. Yes, you will have to wait to be contacted by the target company, but there’s more you can do you increase the odds of a timely telephone call or email. Use your personal and business networks to ask for face-to-face meetings or to arrange a quick phone conversation. You don’t want to stalk the recruiter, but you might know someone else who works at that company that can put in a call for you.

Start networking, talking to as many people as possible in your career field. Go to local user group meeting, industry conventions, online meetings, LinkedIn groups, etc. Make sure people have a positive impression about you and your interest in the field. Maybe you can be a subject matter expert at the local user group and be known as someone they can go to for assistance. If they have a job opening at their company they will be more likely to suggest you as a candidate for that position.

Make sure your social media pages are clean of any controversial material, including religious references, political statements, or questionable pictures of you or your friends. It is common for people to perform a quick Google search of candidates as part of the job screening process. Make sure you have done a Google search on yourself before they do, and clean up any questionable material before you have to address those items in an interview.


You should not go into an interview without a rehearsal. Even a online video call or telephone interview is just as important as a face-to-face interview. Rehearse before an interview. Have a family member or friend ask you sample interview questions while they record your answers on video. You can review the video and watch your body language and listen to how you answer the questions. Expect that you’ll be asked about your experience, so be prepared to discuss why they should consider hiring you, what talents or skills you have, how you’ve handled difficult situations before, what happened to end your last job, and what excellence you will bring. Practice being friendly and someone the interviewer will like.

When in the actual interview, remember to smile and be polite. You want to provide accurate answers and try not to make any rude or inappropriate remarks. What might seem humorous at the time might be misunderstood or taken out of context later. Remember your ultimate goal is to stand out as the best person for the job. You don’t want to give the interviewer any reason to question that selection or ask themselves if you will be a good fit in their corporate environment.

Make sure you ask questions. You will be asked a long series of questions during the interview, and this is your opening to find out about the company before you are offered the job. Don’t you have questions about policy, projects, corporate goals, promotion opportunities, training options, or travel requirements?

Don’t forget to close the deal, with a question like “This position is something I am very excited about. Can you tell me if I am meeting your qualifications and if I will proceed to the next level of the hiring process?”


While conducting the search for a job, don’t forget to keep building your experience and knowledge. Find a few good web sites on your career or technical focus, and read about your field to make sure you understand what other people are doing, what is going on at other companies, and what new techniques are being used. This will help you understand material that you may be asked about in an interview or as you network with other people in your chosen field of expertise. You’ll need things to talk about and who knows who you’ll meet along the way.

Offer Letter

Once you are selected for a position, you can expect a formal offer letter from the company, offering you the position while also listing the terms of the offer. This is usually after you negotiate the acceptable terms during a second or third interview. When you are asked about your salary requirements, that is just part of the process to get you closer to an offer letter. While discussions of money can be uncomfortable, be honest and open about your salary expectations. If you want to hear their offer before you show your cards, just tell them you want to hear their offer before you explain your requirements. Only talk money with someone who can make salary decisions, not a future coworker or HR resume screener. If you know the market rates and what range to expect, you should not be surprised by their eventual offer.

Make sure the offer letter includes all the items you consider important. If you want the company to pay you for relocation, training, or insurance, you need to make sure it is included in the offer letter. If it isn’t in the letter, it isn’t part of your formal agreement unless those items are part of the contract they may also have you sign.


You need to make sure you consider a job search as real work, and not a hobby. You need to work hard at tracking down the perfect position and work toward securing the position at your target company. Good Luck!

[I originally published the article on LinkedIn on July 16, 2014]

%d bloggers like this: