When trying to land your first cybersecurity role, you will quickly run into one of the greatest paradoxes of the software market. We can summarize the paradox within the following two statements.
- Cyber is one of the fastest growing markets in the world, for several years in a row.
- Yet landing a cybersecurity role, especially an entry-level one, is distinctly challenging.
How do we resolve this seeming contraction? Both statements are true – the reality is, the market is hard for new hackers because most companies prefer to hire experienced engineers with a proven track-record.
Fortunately, professional experience is not the only way to prove you have the right skills. Thus, our goal in this article is to show how you can get past the many barriers to landing your first role. Let’s dive in!
Build a portfolio
The most common complaint when job hunting as a junior engineer is that companies ask about your prior security experience. But how can you have prior experience if you’re a junior engineer applying for an entry-level position?
Even if you’re not a coder, you can find and report security vulnerabilities, do graphic design, translate, or help in a myriad of other ways.
Another great way to get experience is via bug bounties.
Finally, I recommend starting a technical blog where you document projects your working on and technologies you’re trying to learn. It shows your passion and is also really helpful for your learning.
Searching for open positions
If you’re looking for any kind of job, you probably have already heard quite a bit about using LinkedIn, Indeed, and other, similar platforms. I strongly agree that you should use these, but everyone already knows that.
However, there are other places you can look, where few people think to. For example, Hacker News hosts a monthly hiring thread where any candidate can post their basic info and resume. It’s a simple and easy way to get companies to reach out to you, and the job offers tend to be of much higher quality than they would be on other platforms.
An even better place to look for job opportunies is Urbit. Urbit is a new computing and networking platform where many of the smartest hackers on the planet hack and hang out. If you love hacking, you can talk to people here. There are lots of startup owners, senior engineers, and other people who can connect you with opportunities.
How to network
Although tech skills do matter, networking to find a job in cyber is about people, not tech! One of the best ways to make friends and network with cool people in cyber is by going to local tech meetups. The event needn’t even be about cyber specifically. Web dev, mobile apps, whatever – if smart devs are gathering to talk about cool tech, I want to be there.
For example, Urbit, which we mentioned before, hosts meetups around the world, including a once-a-year global meetup called Assembly.
No matter what city you live in, I highly suggest finding out what tech meets there are near you and just attending. As you get more comfortable with the scene, you can even begin presenting as well.
Skills you’ll need for your first cybersecurity role
Of course, you should focus on developing a technical reportoire relevant to the specific field of cybersecurity you’re most interested in. In other words, your primary focus should be to develop core technical skills in your specialty. As the saying goes, if you’re gonna be a pentester, you’d better be able to test pens.
But outside of the core technical needs, there are some other skills that most cyber pros benefit from immensely. Chief among them are the following.
- Systems administration
Regardless of what branch of the cyber industry you intend to climb up to, these skills are an asset you likely will want to have with you.
As for certs, I recommend our article Entry Level IT Certifications to Help You Jumpstart your Career.
Prepare for your first cybersecurity role technical interview
This one is simple. Just lookup technical interview questions for the specialty you’re interested in, and practice them. Try to practice as if you were in a real interview. Practice in front of the mirror. Record yourself asking and answering the questions, and watch the recording. Most tech interviews will use pretty similar questions, so this will help you get comfortable with those.
Even if the specific questions they ask are different, you’ll become much more comfortable answering the types of questions they usually ask.
Unlike software engineering, security interviews tend to consist mostly of questions about your knowledge, rather than hands-on evaluations. Nevertheless, playing CTFs regularly will give you a sharp mind for any take-home challenges you receive, as these are quite common.
Summary of strategies for your first cybersecurity role
That’s quite a bit of info! Thus, before we part ways, let’s recap the main things that will help you land your first role in cybersecurity.
- Show off your skills (and make up for a lack of pro cyber experience) with a full portfolio.
- Look for positions where competing candidates may not think to apply.
- Find mentorships and make high-quality friends through effective professional networking.
- Acquire the right skills and certifications to stand out in the cyber job market.
- Learn what counts most during a technical interview
I hope, you can learn these concepts and use them to find a cozy job. One of the best things about working in cyber is the prospect of making money by doing things you truly enjoy. For that reason, don’t give up, and never stop hacking!