What advice do you have for people who already have professional experience in a technical role, but want to enter cybersecurity?
Sort by:
Just need to build the risk midset considering having experience in technology
I’d tell them that is a perfect entry into information security. As you can’t be an effective information security professional if you don’t understand in detail the underlying technology it runs on.
A good book to make the transition is ‘Navigating the Cybersecurity Career Path: Insider Advice for Navigating from Your First Gig to the C-Suite’ by Helen Patton.
But the main thing is that such a person is a great candidate for a successful security career.
https://amzn.to/46mw9In
I would ask them ‘why?’
Is it for the money? Is it because they’re curious? Or is it because it’s the hot trend?
Understand their motivation first, then help guide them. This is where a mentor is key
The skill set for a GRC specialist is a lot different to a penetration tester. One you know where you want to go, it’s easy to get there
Assess your transferable skills, pursue relevant certifications, leverage your existing network and be prepared for entry-level positions.
You need to should that you are out of the mindset of availability and looking at confidentiality and integrity. The biggest issue that I see is not getting out of that mindset. Cybersecurity is managing risk within the risk tolerances accepted by the executives, regulations, and contracts and being able to tell that story to your manager, etc.