How can people who are totally new to cyber get their foot in the door to land that first position without having years of experience?

Question

Answer

I'd start by studying cyber - there are a lot of free online course. Next follow cyber experts on social media. reports their stories with comments. Post articles. Build a network.

Answer

Some contract positions are at the junior level, which makes them a good option for folks just getting started, but it might even be good to start with a help desk role. You can grow a lot from that because when you’re working the help desk, you get familiar with a lot of the hands-on aspects of the field.

I would also recommend having a baseline certification because I've seen a lot of employers seek those out. You do the Security+ and then eventually CISSP, which is more advanced, of course. But even having even a Network+ certification would be a good start because a lot of employers take note of that extra effort. I've noticed that some college programs do have those certifications programs, so by the time students graduate with a bachelor’s degree, they'll have a few certifications under their belt. But there are so many other avenues you could also use to work toward those certifications, like Professor Messer’s YouTube channel. If you really want a career in cybersecurity, my advice is to leverage those kinds of platforms.

Answer

This might sound cliche, but you have to start from the bottom before you can get into the trusted role of cybersecurity practitioner.

Most folks start on a help desk, offering end user support while they learn more about the existing security stack deployed at their company. Once they understand more, they start gaining ‘on-the-job experience’, but it’s also important to do your reading (and podcast listening) to get up to speed with security.

Once you’re confident enough, you springboard into a security job. This is made much quicker if you have a mentor!

However, the realm of security is a big one. What’s your goal? CISO? Pen Tester? Analyst?

Understand where you’re headed before you even make the first step :)

Answer

CEH, ISO27001 or any degree certificate can be good starting point

Answer

Doing projects at school can translate into basic knowledge. Those should be explained when interviewing for <2 years of experience analyst positions. If no cyber internship is available, look at IT, helpdesk, product, etc. Get your foot in the door and get established. Let the cyber team know you would like to help in any way you can without harming the current department. For a second career, I need to explain skills that translate such as critical thinking, project management, collaboration, etc.

How can people who are totally new to cyber get their foot in the door to land that first position without having years of experience?

Content you might like

Do you plan to deploy security containers in the next 6-12 months?

Does CISA need to be separated from US Homeland Security to be more effective?

What are some great on-prem and SaaS programs for internal PKI and Certificate Life Cycle Management?

How does your company handle AD accounts after a person leaves the company? We have been changing the passwords, disabling them, and moving them to a separate OU, but I'm interested to hear if you do anything else.

When a leader finds themselves constrained by superiors and unable to exercise independence in decision-making, what strategies can they employ to address this challenge?