The global coronavirus pandemic has brought with it quarantines and, unfortunately, record job losses and immense suffering. For those who may have lost their employment or are interested in entering an exciting career with continued demand for jobs, now could be the time to reinvent yourself. Imagine waking up every morning knowing that your work protects thousands of people from disruptive and potentially harmful cyber-attacks.
With over 300,000 unfilled positions in the US alone, cybersecurity is an exciting, rewarding, and in-demand field, even in these challenging times. Unfortunately, it can also seem complicated and overwhelming to people without a highly technical background. This guide outlines a proven path for you to go from knowing next to nothing about computers to starting out in the cybersecurity profession.
If you have the focus, patience, discipline, and smarts, it is very much possible to pull yourself into the cybersecurity field through self-study. I know this is possible because I did it myself. Spare time due to quarantine-related job loss could be your opportunity to make this happen.
Here are the three steps I took to enter the cybersecurity field and flourish in this dynamic, growing profession:
Learned Linux and Python
Studied for and passed the CompTIA Network+ certification
Networked for my first position through a local cybersecurity group
With my foot in the door, I focused on a cybersecurity domain that excited me
1: Learn Linux and Python basics
Having some basic Linux and Python skills will make you useful to a cyber team from day one. This challenge game called Over the Wire is a fun way to start using the Linux command line. These challenges won’t make you an elite hacker yet. But, if you complete them and understand the concepts behind them, you will be competent enough to fill many entry-level cyber roles.
Python is the language of choice for cybersecurity right now. Python will give you quick and easy access to powerful data analysis and automation resources. Python The Hard Way is a solid source for learning Python basics for someone with no coding background. Like the challenges in Over the Wire, if you complete all the exercises in this book and understand what is going on, you will know enough to get your start in security.
CodeAcademy is another affordable option for learning to code. They offer a free Python 2 course which is a bit outdated but provides transferrable skills. Online courses can be useful but generally I’d focus on book learning. The most important part of learning to code is writing code yourself, and with online courses it can be too easy to take shortcuts by copying and pasting. If Python The Hard Way and CodeAcademy seem too daunting at first, try starting with Python in Easy Steps by Mike McGrath and continue from there.
2: Study for and pass the CompTIA Network+ or Security+ certification
Understanding computer networks is key for cybersecurity professionals, because most cyber-attacks rely on or involve networks. The Network+ certification will give you a basic understanding of a wide variety of computer networking technologies. The material isn't particularly difficult but there is a lot to know. For someone like me who didn’t know a switch from an IP address, passing this exam requires a lot of self-motivation and some sacrifice. Following these three steps, I passed Network+ in less than three months:
Take detailed hand-written notes on free online Network+ study videos. These ones by Professor Messer are as good as any.
Correlate your notes to the exam objectives (essentially a long list of vocabulary to memorize). For any objectives not covered in your notes, research online and find definitions. All you need is a sentence or two for each term.
Make notecards for each term. This was the hardest part for me – I ended up with over six hundred notecards and my hands hurt by the end. Keep your eyes on the prize – writing your notes by hand will make memorization much easier. Next, go through the notecards ten at a time until you have them all memorized. After this you will be ready for the ninety-minute exam.
As a reward for your hard work, you will come out with a ton of new knowledge and a cert that shows employers you are ready to perform entry-level security work. (I used a similar process to pass the Security+ test about a year later. These two certs have around seventy percent content overlap, but the Network+ cert provides more foundation on networking so I would recommend it as a better starting point. Security+ is also a good option though, especially if you already have some networking experience.)
3: Find an internship through a local cybersecurity group or conference
As I studied for Network+, I started attending local cybersecurity group meetings. By the time you have mastered basic Linux and Python skills and gained your Network+, fingers crossed coronavirus will be in decline and events like these will be up and running again. Your local Information Security Systems Association (ISSA) chapter is a good place to start. Some areas will also have cybersecurity networking events posted on meetup.com. Ask around at these events about internships or entry-level job openings. A great place to start in security is as a Security Operations Center (SOC) analyst. An organization’s SOC handles a variety of day-to-day cyber work and acts as the frontline for detecting and responding to attackers in corporate networks. You may have to start working a night shift or in a contract-to-hire role, but once you have your foot in the door you will be in high demand. At these events also ask about local or nearby security conferences where you may be able to meet more people who are hiring. It will take a lot of networking and some false starts, but eventually you will find yourself with interviews lined up. Before long, you will land your first gig in an endlessly fascinating career that makes the world a better place.
4: With your foot in the door, grow in a cybersecurity domain that excites you
They say the reward for hard work is more hard work. Once you have your start in security, you can grow your career quickly through hands-on experience, mentorship, and training. Learning on the job is the best way to rapidly grow in your cyber career. If you’re lucky like I was, your first job will be on a dynamic team with cutting-edge technology and brilliant colleagues who are willing to invest in you to help you grow. My first position was in a SOC at a major financial company, and my mentors there helped me seize many opportunities to grow into an exciting specialization in security automation. Keys to my success in this position were being a self-starter, a fast learner, and always giving my best effort to solve problems myself before asking for help.
More likely, you will end up in a basic position on a team that is struggling to keep up with ever-growing cyber challenges. This is ok too because you can learn a lot in a position like this. Work hard, look for outside mentors, for example through ISSA, and work toward more certifications. In the two years after I started my first security internship, I passed these certs: Splunk Core User, CompTIA Security+, Splunk Power User, GIAC-Certified Incident Handler (GCIH), AWS Cloud Practitioner, and Certified Information Systems Security Professional (CISSP). Cyber is a broad and constantly changing field and working toward different certifications can help you find the domains most exciting to you. After another company bought the organization where I had my first role, leadership scheduled everyone on my team for layoffs. Fortunately, security experience and credentials are in high demand and recruiters were after me. This meant I had the luxury to wait for the perfect role: automation engineering at TalonX. Other tips to keep in mind:
If the self-study route sounds too daunting, I highly recommend a security bootcamp like SecureSet Academy.
Two dynamic and growing areas in security now are operations automation and cloud security. To learn about operations automation, a good place to start is a Splunk Core User certification course. The online video gcourse is free and the exam costs $125. To learn about cloud, start with the AWS Cloud Practitioner certification. The video course for this one is also free and the test costs $150.
Cyber is always changing and it’s important to stay on top of security news. I've found two good ways to do this.
Podcasts - I would recommend the SANS Internet Storm Center, Risky Business, and Darknet Diaries.
Download an RSS reader app - I use Feedly and take in feeds from Krebs on Security, Malwarebytes Labs, Schneier on Security, Threatpost, and Unit42.
Taken together, this is way too much content to absorb. Also, at first everything may sound like made-up nonsense words. Start by listening to the 15-minute-or-less SANS Internet Storm Center and reading one article each day. You will gradually pick things up and before long you’ll understand most of what’s going on.
One final note – TalonX has a cyber internship program to provide real-world application and development of your cyber skills. We would encourage you to apply and be part of the team building our security automation technology and disruptive managed security service provider (MSSP) offering. Feel free to send a resumé and cover letter to email@example.com.