How can people who are totally new to cyber get their foot in the door to land that first position without having years of experience?

148 views1 Upvote5 Comments

Senior VP & CISO, 1,001 - 5,000 employees
I'd start by studying cyber - there are a lot of free online course. Next follow cyber experts on social media. reports their stories with comments. Post articles. Build a network. 
Information Security Officer in Government, 1,001 - 5,000 employees
Some contract positions are at the junior level, which makes them a good option for folks just getting started, but it might even be good to start with a help desk role. You can grow a lot from that because when you’re working the help desk, you get familiar with a lot of the hands-on aspects of the field.

I would also recommend having a baseline certification because I've seen a lot of employers seek those out. You do the Security+ and then eventually CISSP, which is more advanced, of course. But even having even a Network+ certification would be a good start because a lot of employers take note of that extra effort. I've noticed that some college programs do have those certifications programs, so by the time students graduate with a bachelor’s degree, they'll have a few certifications under their belt. But there are so many other avenues you could also use to work toward those certifications, like Professor Messer’s YouTube channel. If you really want a career in cybersecurity, my advice is to leverage those kinds of platforms.

Director of Enablement, 501 - 1,000 employees
This might sound cliche, but you have to start from the bottom before you can get into the trusted role of cybersecurity practitioner.

Most folks start on a help desk, offering end user support while they learn more about the existing security stack deployed at their company. Once they understand more, they start gaining ‘on-the-job experience’, but it’s also important to do your reading (and podcast listening) to get up to speed with security.

Once you’re confident enough, you springboard into a security job. This is made much quicker if you have a mentor!

However, the realm of security is a big one. What’s your goal? CISO? Pen Tester? Analyst?

Understand where you’re headed before you even make the first step :)
Chief Information Security Officer in Healthcare and Biotech, 1,001 - 5,000 employees
CEH, ISO27001 or any degree certificate can be good starting point
Global Chief Cybersecurity Strategist & CISO in Healthcare and Biotech, Self-employed
Doing projects at school can translate into basic knowledge. Those should be explained when interviewing for <2 years of experience analyst positions. If no cyber internship is available, look at IT, helpdesk, product, etc. Get your foot in the door and get established. Let the cyber team know you would like to help in any way you can without harming the current department. For a second career, I need to explain skills that translate such as critical thinking, project management, collaboration, etc.

Content you might like

Chief Technology Officer in Software, 51 - 200 employees
My personal experience. 

I usually get the feedback and go back with data driven analysis providing details to cross leaders to understand the context and make decision basis data and and not gut feeling. 
Read More Comments
1.6k views2 Comments