Blog
Feb 15, 2022
5 Tips: How to Get a Cybersecurity Job With No Experience
Land that entry-level cybersecurity position! We share five tips on how to get a cybersecurity job with no experience, with insight from two OffSec employees.
10 min read
by Dr. Heather Monthie
Even if you don’t have any cybersecurity experience, it’s not impossible to land a job in the field! This article will discuss five tips from two Offensive Security employees who successfully transitioned into their careers as cybersecurity professionals. These simple guidelines can help you land an entry-level security position, even if you lack formal education or training in cybersecurity.
Marissa Chamberlain and Abdullah Siddique (Sid) are two examples of professionals from another industry who successfully obtained their first job in cybersecurity with no experience. Marissa was an election administrator, who was well-versed in election law, communicating with the media, and ensuring that all systems were working correctly during an election in her community. Sid has a background in business, finance, and accounting, and worked for the stock exchange. Each of them came to the cybersecurity profession with a different background, yet you will find that many of their tips to get a cybersecurity job with no experience are the same.
How to Get a Cybersecurity Job with No Experience
Marissa and Sid have shared some experiences as they have pivoted their careers into the rapidly expanding world of information security which is projected to grow by 32% according to the Bureau of Labor Statistics. While it can be challenging to start the transition without formal education or certifications, there are some things you can start doing right away to prepare you for the next stage in your career.
1
Build your foundational knowledge of technology and information security.
One of the best ways to improve your security knowledge is through self-study. Sid recommends studying and learning the skills you need to build a strong foundation that will help your future learning endeavors. For example, having practical experience with software development and information technology applications can be very helpful in a career in cybersecurity. While working for the stock exchange in Pakistan, Sid obtained a lot of practical experience with financial software and the data stored and transmitted via this software. He also looked for technology-related projects where he could contribute. He found opportunities to help make the data portal more accessible, make the user interface more dynamic, and create data filters and graphs to help analyze the data more efficiently. Sid also learned Python to help with some of the daily tasks in this role. He suggests Python as a great programming language to learn first. Once you know one programming language, it’s much easier to pick up others very quickly.
In her role as an election administrator, Marissa was able to build her foundational information technology and cybersecurity skills. She was responsible for ensuring that the voting machines were working correctly; quite the hot topic in election security right now! Marissa also decided to enroll in a master’s program where she studied the human factors in cybersecurity and the technical aspects of security. Combining her work as an election administrator and as a cybersecurity graduate student, she wrote papers on election security topics including breaches in voter registration systems.
Sid and Marissa are just two examples of how you can use your current experience to start building a foundation in cybersecurity knowledge.
2
Focus your time on achieving your goal. Eliminate distractions.
Focusing your time and energy on your goal is essential when you’ve decided to find your first cybersecurity job with no experience. Sid recommends eliminating distractions to focus your efforts on gaining the necessary skills to land the job you want. He spent most of his time studying, practicing the hands-on skills required for the OSCP exam, taking notes, and building a good repository of information to show himself everything he had learned. He was very intentional about what he did with his time because he knew what he needed to do to be successful in making the transition.
Like Sid, Marissa recommends focusing on your goal and eliminating distractions. When she decided to transition into cybersecurity, she enrolled in school while working full-time. She also took the initiative to network and meet people already working in the field, which allowed her to learn more about cybersecurity, receive invaluable career advice, and build relationships with other professionals who could guide her on this new career path.
3
Showcase the skills you already have.
If you’ve already had a career outside of information security, you likely already have some in-demand professional skills required to succeed in security. You may be in the process of learning the hands-on technical skill set for which many employers are looking, but you have other areas of expertise that can be valuable in a cybersecurity role.
In her role as an election administrator, Marissa gained a lot of valuable experience in writing, communicating with the media, data privacy, and working with software vendors. She knew the importance of communicating complex technical information so that people could easily understand it, even if it was their first time learning about it. She highlighted these transferable skills and her continued education in cybersecurity when she was interviewing for her first position in cybersecurity.
Sid also leveraged his experience working with financial software when he transitioned into the cybersecurity industry. He knew that the knowledge he had gained in software management, data transmission, and user interface/user experience would be valuable in a cybersecurity role. He also highlighted his self-direction, ability to learn a new programming language, and his curiosity for learning technology when interviewing for his first position.
If you have experience in a different field, think about how you can highlight these skills when looking for entry-level cybersecurity jobs. Are you great at problem-solving? Can you work independently? Do you have strong communication skills? How do your skills align with what a potential employer may be looking for in a cybersecurity professional?
4
Pursue certifications that demonstrate your competence.
Sid knew he needed hands-on experience to obtain his first job in cybersecurity with no experience. He initially enrolled in a cybersecurity bootcamp but decided he wanted to work at a much faster pace and set out on his own. After researching individuals who were employed in penetration testing and noting the skills and certifications they possessed, Sid decided to get the OSCP to demonstrate his skills to potential employers. To hold himself accountable in his journey, and set small goals to help him reach the larger goal of earning the OSCP, he focused on learning the material, practicing, and taking notes to track everything he knew to help him reach his goal.
Employers value certifications that display your abilities and often consider them when making a hiring decision. Certifications are a great way to demonstrate your skill set and knowledge base to a potential employer. Earning a certification also shows employers that you’re willing to put in the extra effort to learn new things and expand your skill set.
“These certifications stand out in the workplace”, says Optiv’s Eidelberg. “Professionals—namely, practice directors and hiring managers—know they’re backed by hands-on lab environments and live exams, as opposed to multiple-choice tests…Professionals with an OSCP have shown the aptitude and grit required to grind through difficult offensive engagements.”
OffSec Certifications
If you’re ready to take the next step in getting your cybersecurity certification, OffSec has hands-on training that will help get you to your career goals. Check out our course offerings here!
Practice your skills in our virtual labs with real-world vectors. Try Proving Grounds Play for free.
As you transition into cybersecurity, you’ll notice how important Kali Linux is to cybersecurity professionals, especially penetration testers. Kali Linux is an open-source operating system geared towards various information security tasks, such as Penetration Testing, Security Research, Computer Forensics and Reverse Engineering. It has over 600 preinstalled applications for information gathering, vulnerability analysis, exploitation, and reverse engineering. Learn more at kali.org.
5
Build a strong network of cybersecurity professionals and learn from their successes and mistakes.
As an election administrator, Marissa had the opportunity to network with cybersecurity professionals working within the Cybersecurity and Infrastructure Agency (CISA) and the Department of Homeland Security (DHS) in the United States. She suggests reaching out to directors in other departments and getting to know them. Marissa was even able to make some great cybersecurity connections at her gym, proof you can network just about anywhere! She made an effort to build those connections and meet new people, which helped her learn about the field and get advice and guidance on her career path.
When starting in a new field, it’s essential to have a strong network of people to help you navigate the waters. Networking with professionals in the security field is a great way to learn from their successes and mistakes. It can also help you build relationships that could lead to future job opportunities.
Consider attending a cybersecurity event to build your network. Cybersecurity organizations provide sponsorships to help local community chapters operate their conferences and meetups. CFP Time is a website that lists security conferences from across the globe. Cybersecurity Conferences is another resource that covers all information security niches.
Bonus Tips
Both Sid and Marissa had very different backgrounds prior to their moves into the cybersecurity field. Still, their bits of advice for those of you who are trying to transition into cybersecurity are the same. In addition to the above five tips to get a cybersecurity job with no experience, both Sid and Marissa leave you with a few bonus tips.
Marissa offers up three additional suggestions when you’re looking for a position where you know you don’t have the necessary background:
- You might already have some relevant experience for that new job.
- Remember that you’ll get the experience the employer is looking for on the job.
- Keep doing things that help build your resume. Keep stepping forward!
Sid notes that it can be scary when you change your career field, but you need to decide to do it.
He suggests:
- Once you make the decision to get into cybersecurity, don’t give up on your goal.
- Trust the process. In the end, the worst that can happen is that you end up with new skills at your disposal.
- The best skill to have is the ability to acquire new ones!
Kickstart Your Cybersecurity Career: SEC-100 as the first step
Embarking on a cybersecurity career can seem daunting without prior experience, but with the right training and certifications, the path becomes clearer and more attainable. OffSec’s SEC-100: CyberCore – Security Essentials course is designed to provide the essential skills and knowledge needed to make this transition successful. Whether you’re just starting out or looking to solidify your foundational knowledge in cybersecurity, this course offers a practical, hands-on approach to learning that can significantly boost your career prospects. Take the first step towards your cybersecurity career by enrolling in the SEC-100 course today and set yourself up for success in this dynamic field. Enroll in the SEC-100 course here.
About the Author
Dr. Heather Monthie is a leader in Cybersecurity and IT education dedicated to developing workforce-ready professionals for the future. With a diverse background in education, leadership, and technology, she has worked with various businesses and educational institutions to develop successful cybersecurity education programs. She has served in various leadership roles within organizations that are committed to cybersecurity and STEM workforce development. She currently serves as the Head of Cybersecurity Training, Education, and Innovation at Offensive Security.
Cybersecurity leader resources
Sign up for the Secure Leader and get the latest info on industry trends, resources and best practices for security leaders every other week
Latest from OffSec
Enterprise Security
Red Team vs Blue Team in Cybersecurity
Learn what a red team and blue team in cybersecurity are, pros and cons of both, as well as how they work together.
Dec 13, 2024
13 min read
Enterprise Security
Building a Future-Ready Cybersecurity Workforce: The OffSec Approach to Talent Development
Learn all about our recent webinar “Building a Future-Ready Cyber Workforce: The OffSec Approach to Talent Development”.
Dec 13, 2024
4 min read
Enterprise Security
How to Become the Company Top Cyber Talent Wants to Join
Become the company cybersecurity talent wants to join. Learn how to attract, assess, and retain experts with strategies that set you apart.
Dec 4, 2024
5 min read