How to get into the cyber security industry
Getting a job in cyber security can seem daunting. So many different roles, things to learn, acronyms and seemingly impossible job descriptions. However, if you have the right work ethic and a lot of interest in cyber security, you CAN get a job in the industry. Here are my thoughts and opinions of how to get into cyber security, from my own personal experiences.
Disclaimer – You will find a LOT of different opinions about this topic from various people in cyber security. This is just my own personal experience, thoughts and opinions. If you do want to discuss further anything I say below, tweet me https://twitter.com/blueteamblog
EXPERIENCE AND EDUCATION
The first thing you should think about when considering a job in cyber security is what experience and education you have already which relates to the field, lets break this down.
Experience in something related to cyber security counts for a lot when trying to get a job in the industry. What do you currently work as? I recommend at least having some experience in a tech field such as help desk, networking, programming or system administration before moving into cyber security. Having a basic understanding of how computers and networks work is essential before trying to get a job in cyber security. How are you meant to know if something looks malicious or broken if you don’t know what something looks like when it is working properly?
When companies are hiring for cyber security jobs, they really appreciate when an applicant has at least some experience working with computers, regardless of what level they have worked at.
The only exception to this is people with previous education in cyber security or computing fields, lets talk about that.
If you don’t have any experience in tech jobs, you might have a degree in either cyber security, computer science or a similar field. For a lot of roles, companies will accept this instead of experience; if you do not have any so far.
I don’t have any personal experience in the Education side of this as I have never been to University. From people I have seen come into the field using this avenue, the best are those who were on a very practical course. Look for a cyber security degree which teaches you how to work in a live security environment, not just the theory side.
If you do not have any experience in a tech role, or education relating to tech / cyber security, I would recommend doing that first before moving into cyber security.
Another important aspect of cyber security is certifications, they serve two purposes. Firstly, some companies require you to have certain certifications before they will even look at your CV / resume. Secondly, they are a great way to learn, even if you just use the study materials to learn and don’t actually sit the exams.
Look around your area where you would like a job. Are all the companies requesting CompTIA Network + and Security + as a prerequisite? If so, do your best to get certified. In certain countries such as the United States, a level of certification is required before you can work for the government.
Secondly, these certifications are a great way to learn the fundamentals required to be successful in cyber security. If from your current experience / education your networking knowledge is not the best, look at CompTIA Network+ or CCNA, for example. If your Linux knowledge is lacking, look at Linux+, and so on and so forth.
I personally really like the below certifications and believe they build a great base for anyone looking to get into cyber security. You don’t have to pass the exams, just study them and understand the concepts.
- CompTIA A+, Linux+, Cloud+, Network+, Security+
- Cisco CCNA
Here are some good places to study :
I also wrote about a bunch of free certifications and courses last month which I recommend checking out – https://blueteamblog.com/free-cybersecurity-training-and-certifications-april-2020
EDUCATION, EXPERIENCE AND CERTIFICATIONS COMBINED
Before you consider going into cyber security, think of all your current education, experiences and certifications. Where are you currently at with your knowledge?
From the above three points, you need to have a good understanding of the below concepts to be successful in cyber security.
- Active Directory
Once you have this knowledge – great. Combined with some experience or education, it is likely you will be able to get role in cyber security. Companies will still look for a lot of other knowledge and skills outside this though, lets move on and discuss this.
Not all companies will class this as an essential skill to have, but listen. It may not be required for your very first role, however the further you go in cyber security, the more hurdles you will hit if you cannot code in one way or another.
Being able to automate boring tasks and create useful tools is essential in cyber security. Don’t be that guy who has a great idea but has to keep asking colleagues to build them for him. I personally think Python is a great language that is well suited to building cyber security tools and automating tasks.
However, it doesn’t need to be Python. Just pick something you are interested in and learn it. I say this as being able to write your own tools and scripts isn’t the only point of learning how to code. Understanding code is also vital as you move further with your cyber security journey. Blue team members need to be able to understand attacker code, whilst red team members need to be able to understand and modify the tools they are using. It may seem difficult at first, but believe me it will be worth your time learning something. Here are some places to do so :
KEEP UP TO DATE WITH CYBER SECURITY
Keeping up to date with what is happening in cyber security is such an important factor for a number of reasons. If you are really interested in cyber security (which you should be if you want to work in the industry) then I shouldn’t even need to tell you this.
Firstly, cyber security is an ever changing landscape. New attacks, new defense methods and new APT Groups (Advanced Persistent Threats) appear every week. Keeping up with them is essential, for your own knowledge and also to show any prospective employer that you are really interested in cyber security.
You should be reading about cyber security news and testing out new tools all the time. To do so, I think you should set up a Twitter account and also an RSS feed using Feedly.
For twitter, just go and google “best cybersecurity twitter accounts to follow” and there are pages and pages of recommend accounts. Follow these are read their tweets daily – you will learn a lot very quickly and keep up to date with what is happening.
For the RSS feed, I recommend using Feedly. The site allows you to pull in news articles from a variety of sources and have them in one easy to digest place. If you google “Feedly cybersecurity” you will see lots of curated lists which you can then follow yourself. Afew days ago, Feedly also released “Feedly for Cyber Security” which I recommend looking at – https://blog.feedly.com/feedly-for-cybersecurity/
Using both Twitter and Feedly should keep you up to date with cyber security and any recent news or updates in the industry.
I also release a weekly newsletter with general cyber security topics, you can sign up here – https://blueteamblog.com/newsletter
Some of the best knowledge I have gained in cyber security has came from good old fashioned books. Here are some I personally like, I recommend at least looking at this an an option as it is a great way to learn cyber security.
- Netmux Operator Handbook. Common tools, techniques and cheat sheets for red / blue teams + OSINT – https://www.netmux.com/blog/operator-handbook
- Blue Team Field Manual – Incident Response Guide – https://www.amazon.co.uk/Blue-Team-Field-Manual-BTFM/dp/154101636X
- Blue Team Handbook: SOC, SIEM, and Threat Hunting Use Cases – https://www.amazon.co.uk/Blue-Team-Handbook-condensed-Operations/dp/1726273989
- Practical Malware Analysis – https://www.amazon.co.uk/Practical-Malware-Analysis-Hands-Dissecting/dp/1593272901
I also recommend looking at https://www.humblebundle.com/. Every once in a while you can get a lot of cyber security or coding books for a low cost. At the moment they have a good Python bundle, check it out here.
You will notice these books primarily are about blue team topics. If you search “Best cybersecurity books” you will see lots of options for red team and other areas also.
SET UP A PERSONAL LAB ENVIRONMENT
I think anyone working in cyber security should have this. Whether you have a VM set up on your personal PC or a cloud hosted VPS, it doesn’t matter, just set one up.
Start setting up open source cyber security tools such as those I speak about in this blog post – https://blueteamblog.com/the-best-open-source-cyber-security-tools. Knowledge of setting up cyber security tools, whether defense or offensive; will help vastly increase your knowledge. At this stage in your cyber security journey, I recommend looking at both blue (defensive) and red (offensive) tools. Set them up, play around with them and get to understand how they work. The above post contains a lot of blue team tools; for red team, install a Kali Linux environment and get to understand how the tools work and what they are used for.
If you need any help setting up tools; or would like more recommendations of what to setup; then just contact me https://twitter.com/blueteamblog
There are also a bunch of guides out their to help you set up a lab, here are some :
Having your own lab environment will show to employers that you are truly interested in cyber security. The knowledge you will gain from setting up tools and understanding how they work will help in both interviews and also any future roles you have.
On top of the technical skills, there are also some soft skills which I believe any successful cyber security professional needs to have :
- Communication – You need to be able to talk to colleagues, managers and customers.
- Presentation – You need to be able to present complex ideas, findings and data to stakeholders in the business.
- Passion – You need to be truly passionate about cyber security to do well in this industry.
- Hard worker – Cyber security is hard work. Between normal work hours, sitting certifications, keeping up to date with the industry and building your own projects, it takes a lot of time and energy.
- Problem Solver – You need to enjoy solving problems. Regardless of what area in cyber security you end up choosing, you will encounter problems every day. You have to thrive of enjoying solving these problems.
I hope you have enjoyed this post. Cyber security can be a daunting industry to get into, but once you do I am sure you will love it. To summarise what I have said, you should have / be doing the following things before applying for a cyber security job :
- Experience in a tech role or a degree in either cyber security or computer science
- Certifications studied for to cover any gaps in your knowledge (doesn’t mean you need to pass them in all cases)
- Beginner knowledge of at least one or more programming languages
- Keeping up to date with cyber security news, tools and topics.
- Read relevant cyber security books to improve your overall knowledge of the subject
- Have a personal lab where you test out various cyber security tools
- Have the right soft skills to exceed in the industry
Thanks again. If you have any questions about this post, or anything else about cyber security, contact me at https://twitter.com/blueteamblog