Tips for Getting a Job in Cybersecurity

By

It’s been a much-publicized issue for years: the cybersecurity skills gap. Not enough talented security pros. Way too many critical cybersecurity jobs. It’s becoming such a challenge, it’s even part of the U.S. government’s new Nation Cyber Strategy.

“The Administration will work with the Congress to promote and reinvigorate educational and training opportunities to develop a robust cybersecurity workforce,” noted in the official strategy document. “This includes expanding Federal recruitment, training, re-skilling people from a broad range of backgrounds, and giving them opportunities to re-train into cybersecurity careers.”

The perplexing fact of this challenge is that it’s not always clear how to get a job in the cybersecurity field. Want to become an electrician? Go to trade school. Want to become a doctor? Attend medical school. A lawyer? Study hard and pass the bar exam.

But pursuing a future in cybersecurity isn’t always as straightforward, particularly for those new to the field. There are many paths to take, but it’s often fraught with complexity and uncertainty.

A Critical Problem: Not Enough Cybersecurity Talent

As of March 2018, there were more than 300,000 unfilled cybersecurity jobs in the U.S. alone. California, Texas and Virginia represented the top geographies for open cybersecurity roles.

This skills gap is predicted to widen to 3.5 million jobs by 2021, a major supply-and-demand challenge for the one of the most critical threat landscapes. The growing disparity opens the door for all types of job-seekers: entry-level candidates, seasoned professionals, career-changers and executives alike.

“The demand for cybersecurity professionals is accelerating at such a pace that we can’t hire qualified and experienced talent fast enough,” said SonicWall Global Human Resources Director Bryce Ashcraft. “These are exciting, highly rewarding career fields, so it represents amazing opportunity for individuals interested in computer science, information technology, threat analysis and forensics — the list goes on and on.”

The Call for More Women in Cybersecurity

One of the many reasons for the cybersecurity skills gap is the gender disproportion in the industry. Data from the last few years estimated that women comprised 11 percent of the cyber workforce. One new source states that women represent 20 percent of the field — a stark improvement. But more change is still needed.

This issue was never more apparent than at RSA, North America’s largest cybersecurity conference hosted annually in San Francisco. Organizers of RSA 2018 actually came under fire for the lack of female panelists and speakers for the event, a story which was documented by SonicWall in, “The Shortest Line at RSA Conference 2018: Where are all the Women?”

Fortunately, pro-women organizations are growing quickly. Events, conferences and scholarships have been created across the world to empower women to prepare for careers in cybersecurity.

OrganizationsConferences & Events
WiCyS Women in CyberSecurityWiCyS Women in CyberSecurity
Women in Security and PrivacyGrace Hopper Celebration
National Center for Women & Information TechnologyOURSA – Our Security Advocates
SWE – Society of Women EngineersScholarships
She SecuresRaytheon’s Women Cyber Security Scholarship Program
Women in Defense (WID)(ISC)² Women’s CyberSecurity Scholarships
Women’s Security Society (WSS)Scholarship for Women Studying Information Security

Why Veterans Are Ideal Cybersecurity Pros

Many cybersecurity vendors are tapping into a different resource: military veterans. Highly skilled and easily trained, veterans are key to helping close the cybersecurity skills gap.

Better yet, they have unique skills that aren’t always easy to find in civilian sectors. Many veterans possess the right characteristics for working in high-pressure situations, such as a real-time security operations center (SOC).

“Efficient security operations teams operate in what’s called a ‘high-op tempo’ environment,” said Wayne Reynolds, an 18-year veteran of the United States Marine Corps and current CISO of Armor, a cloud security MSSP. “Veterans live this every day they are deployed.

“Most veterans I know operate extremely well in high-stress situations. In security, as you are combatting threats, you need to keep a cool, calm view of the situation. Veterans do this extremely well.”

In some unique cases, veterans may also possess valuable security clearances that could make them attractive to companies that operative in state and federal arenas, or in matters of government or industry compliance.

If you’re not a veteran, the military is an attractive option to gain hands-on, real-world experience in related fields. Acquired skills will be highly marketable when you transition back to civilian roles.

Resources for Military Cyber Careers

Your Cybersecurity Career: How to Get Started

More than 768,000 people are employed in cybersecurity in the U.S. But hundreds of thousands of jobs remain unfilled.

Top Cybersecurity Job Titles

  • Cybersecurity Engineer
  • Cybersecurity Analyst
  • Network Engineer/Architect
  • Cybersecurity Manager/Administrator
  • Systems Engineer
  • Software Developer/Engineer
  • Vulnerability Analyst/Penetration Tester
  • Systems Administrator
  • IT Auditor

Source: CyberSeek.org

Cybersecurity represents a lucrative career path for those interested in technology, computer science, engineering, network and cloud architecture, IT management, software development, threat intelligence and cyberattack forensics.

While salaries are largely dependent on skill set, experience, industry and region, cybersecurity pay can easily exceed $200,000 (USD) per year. This is particularity achievable when professionals begin directing full SOCs or move into executive positions, like chief security officer (CSO) or chief information security officer (CISO).

But there are opportunities for many professionals, particularly those who are trainable and adept at solving problems.

“I look for two things in all candidates. First, inquisitiveness. Good security folks are big problem-solvers and are always curious,” said Reynolds. “Second, modesty. If you have an inquisitive person who is modest, you can teach them anything.”

Common Cybersecurity Career Paths

Source: CyberSeek.org

Three of the most common ways of pursuing a carrier in cybersecurity include formal education, certifications and, as outlined above, military service. Not every path is suited for every personality. It’s important to find a program that works for you, but be sure it includes applicable, hands-on experience as well as job-placement programs.

Cybersecurity Certification

Certifications are a common, cost-effective approach to building cybersecurity acumen. SonicWall offers an extensive training curriculum path for security experts seeking to enhance their knowledge and maximize their investment in SonicWall network security products. This practice is common for security vendors committed to training cybersecurity professionals. SonicWall’s primary certification programs are:

But certifications — CISSP, CISM, CISA, ISSA, ISACA, (ISC)², Security+, Certified Ethical Hacker, CSSP, SNSA and the like — only tell part of the story. While they demonstrate a willingness to train, many cybersecurity recruiters want to know that what has been learned can be applied to the job.

“I worry less about education and tend to stay away from folks that list a plethora of certifications,” said Reynolds. “But if I see someone with an advanced degree or multiple years in the field, I take a look. The ability to practically apply education is critical.”

Cybersecurity Education

Universities and institutions of higher learning now offer dedicated cybersecurity curricula. For example, CyberDegrees offers an online resource that outlines top degree paths, sample coursework and tools for finding cybersecurity programs in 44 states.

“Similar to most undergraduate programs, online cybersecurity degrees typically require students to complete 120 to 126 credits,” notes U.S. News & World Report. “While there are accelerated programs, full-time students usually graduate within four years.”

Training & Educational Resources

Various government, private and non-profit organizations provide complimentary tools and resources to aid individuals in training for cybersecurity jobs. If you’re just starting your path toward a cybersecurity career or looking for a career change, leverage the below sites to help guide your path.

About Cybersecurity Awareness Month

The 15th annual National Cybersecurity Awareness Month (NCSAM) highlights user awareness among consumers, students/academia and business. NCSAM 2018 addresses specific challenges and identifies opportunities for behavioral change. It aims to remind everyone that protecting the internet is “Our Shared Responsibility.”

In addition, NCSAM 2018 will shine a spotlight on the critical need to build a strong, cyber secure workforce to help ensure families, communities, businesses and the country’s infrastructure are better protected through four key themes:

  • Oct. 1-5: Make Your Home a Haven for Online Safety
  • Oct. 8-12: Millions of Rewarding Jobs: Educating for a Career in Cybersecurity
  • Oct. 15-19: It’s Everyone’s Job to Ensure Online Safety at Work
  • Oct. 22-26: Safeguarding the Nation’s Critical Infrastructure

Learn more at StaySafeOnline.org.

SonicWall Staff