5 Tips to Help You Land a Cybersecurity Job

Tips to help you get your foot in the door in the Info Sec world

IT associate working on server
Lane Oatey/Blue Jean Images/Collection Mix: Subjects/Getty Images

Standing between Wikileaks, cyberterrorists, internet worms, botnet attacks, and your network is, you hope, the IT Security Guy (or girl), armed with his or her security policies, firewalls, intrusion detection systems, encryption keys, and porn filters. These guards tirelessly protect your network as if it were their own child.

Information Security professionals are in high demand. Security professional’s salaries are often higher than those in other IT fields, but how do you get your foot in the door in this lucrative career field?

Part of my day job is to search for qualified security professionals to fill various positions within my company. I see a lot of resumes, and it’s easy to figure out who knows their stuff and who is a network admin that dabbles in security.

Here are 5 tips to help you become a sought-after security professional.

1. Read as Much as You Can About IT Security Topics.

Read up on information protection, information assurance, confidentiality, data integrity, penetration testing, encryption, defense-in-depth, and other related topics. If you don’t find this type of stuff interesting reading, then you may not want to continue pursuing a career in IT security. Our website is a great starting point. Feel free to explore our Security 101 section and other areas to get the ball rolling.

2. Choose, Study for, and Obtain an Entry-level Security Certification.

In the IT Security field, more than in any other IT field, personal certifications are a great investment in your future. Start with an entry-level cert such as Comptia’s Security+ certification. Security+ is an industry-recognized certification that has become one of a handful of certifications that are employer-required prerequisites for obtaining a job at some companies and government agencies. An entry-level cert will help beef up your resume and will serve as a stepping-stone to more advanced certifications. It will also get you back in the test-taking frame of mind for future certification attempts. These entry-level certification tests cost around $200-$500 and can be taken at many test locations throughout the world.

3. Setup a Hands-on Security Lab with Some Old Computers, a Cheap Wireless Router/Switch, and Free Open Source Security Tools.

There is only so much you can learn from a book. To help gain some hands-on experience, you’re going to have to have an environment in which you feel safe messing around. You don’t want to test hacking tools against your employer’s network, as he or she may fire you on the spot if you accidentally screw something up. Setup a couple of old PCs on an inexpensive wireless router.

The router will likely have a network switch, firewall, DHCP server, and other built-in features that you can learn how to secure and test. There are tons of free open-source tools available for you to experiment within the safety of your own test network. Some even come on a fully bootable Linux Live CD/DVD that can be run completely from the CD without even installing itself on the host computer.

4. Study and Test for an Advanced Certification Such as the CISSP.

To be competitive in the job market, your resume is going to have to stand out in the crowd. Many candidates will have the entry-level certifications, but a much smaller group will have taken on the advanced certifications such as the CISSP, CISM, and GSLC. Recruiters will often scan a resume for these certs and move those who have them to the top of the stack for a callback.

There are tons of great books and free resources on the web that are available for self-paced study. Classes are also offered at sites all over the world. Many classes are “boot camp” style: they try to cram many months worth of material into your head in a few short days and then offer the test at the end of the week. Some people do well using this method, and some prefer to go at their own pace via the self-study route.

5. Gain IT Security Experience Through Volunteer Work and Internships.

There’s no substitute for experience, even if you have the proper education and certifications. When two candidates share the same certifications, the job is often given to the one with more experience under his or her belt.

Find a professor specializing in IT Security at a local college and offer your assistance. Offer to perform security-related tasks that no one else likes to do (for instance, reviewing web server audit logs for intrusion attempts).

Look into corporate or government internship programs to see if you can gain some on-the-job-training and experience. If they like you enough as an intern, they might just offer you a full-time job. Even if they don’t offer you a position, you can add the experience to your resume to build up your IT security street cred.

Check out these other excellent resources below to get started: