5 Tips to Help You Land a Cybersecurity Job

Get your cybersecurity career off to a strong start

IT associate working on server

Lane Oatey / Blue Jean Images / Getty Images

Standing between Wikileaks, cyberterrorists, internet worms, botnet attacks, and your network is, you hope, the IT Security Person, armed with his or her security policies, firewalls, intrusion detection systems, encryption keys, and content filters. These guards tirelessly protect your network as if it were their own child.

Information Security professionals are in high demand. Security professional’s salaries are often higher than those in other IT fields, but how do you get your foot in the door in this lucrative career field?

Part of my day job is to search for qualified security professionals to fill various positions within my company. I see a lot of resumes, and it’s easy to figure out who knows their stuff and who is a network admin that dabbles in security.

Here are 5 tips to help you become a sought-after security professional.

1. Read as Much as You Can About It Security Topics

Read up on information protection, information assurance, confidentiality, data integrity, penetration testing, encryption, defense-in-depth, and other related topics. If you don’t find this type of stuff interesting reading, then you may not want to continue pursuing a career in IT security. Our website is a great starting point. Feel free to explore our Security 101 section and other areas to get the ball rolling.

2. Choose, Study For, and Obtain an Entry-Level Security Certification

In the IT Security field, more than in any other IT field, personal certifications are a great investment in your future. Start with an entry-level cert such as CompTIA's Security+ certification. Security+ is an industry-recognized certification that has become one of a handful of certifications that are employer-required prerequisites for obtaining a job at some companies and government agencies. An entry-level cert will help beef up your resume and will serve as a stepping-stone to more advanced certifications. It will also get you back in the test-taking frame of mind for future certification attempts. These entry-level certification tests cost around $200-$500 and can be taken at many test locations throughout the world.

3. Setup a Hands-On Security Lab

There is only so much you can learn from a book. To help gain some hands-on experience, you’re going to have to have an environment in which you feel safe messing around. So take the time to set up your own lab with some old computers, a cheap wireless router/switch, and some free open source security tools. You can even use free virtualization tools, like Oracle's VirtualBox to test against virtual PCs. You don’t want to test hacking tools against your employer’s network, as he or she may fire you on the spot if you accidentally screw something up. Setup a couple of old PCs on an inexpensive wireless router.

The router will likely have a network switch, firewall, DHCP server, and other built-in features that you can learn how to secure and test. There are tons of free open-source tools available for you to experiment within the safety of your own test network. Some even come on a fully bootable Linux Live CD/DVD that can be run completely from the CD without even installing itself on the host computer.

4. Study and Test for an Advanced Certification Such as the CISSP

To be competitive in the job market, your resume is going to have to stand out from the crowd. Many candidates will have the entry-level certifications, but a much smaller group will have taken on the advanced certifications such as the CISSP, CISM, and GSLC. Recruiters will often scan a resume for these certs and move those who have them to the top of the stack for a callback.

There are tons of great books and free resources on the web that are available for self-paced study. Classes are also offered at sites all over the world. Many classes are “boot camp” style: they try to cram many months worth of material into your head in a few short days and then offer the test at the end of the week. Some people do well with this method, and some prefer to go at their own pace via the self-study route.

5. Gain IT Security Experience Through Volunteer Work and Internships

There’s no substitute for experience, even if you have the proper education and certifications. When two candidates share the same certifications, the job is often given to the one with more experience under his or her belt.

Find a professor specializing in IT Security at a local college and offer your assistance. Offer to perform security-related tasks that no one else likes to do (for instance, reviewing web server audit logs for intrusion attempts).

Look into corporate or government internship programs to see if you can gain some on-the-job-training and experience. If they like you enough as an intern, they might just offer you a full-time job. Even if they don’t offer you a position, you can add the experience to your resume to build up your IT security street cred.