Part 1: Cyber Security: Raising the Bar for Beginners
First things first, Congratulations on making the HUGE! decision to join the immersive, exciting, challenging field of Cybersecurity. According to Psychology Today, career-related decisions are one of the biggest (if not the biggest) decisions you will make in your life. As with most information-technology disciplines, the bar for entry and continued growth can be extremely challenging.
Navigating the daunting industry conundrum of "We are seeking experienced candidates" while grappling with the frustrating reality of limited opportunities to gain that experience can be disheartening. It's important to acknowledge that breaking into the field of cyber security, despite having completed boot camps, earned degrees, or obtained certifications, is an exceptionally demanding endeavor.
Please know that this is something that is not exclusive to YOU or your experience. We have all dealt with it one way or another. Unless there is a pre-determined skill path and employment pipeline established, I can all but guarantee this will continue to be true in the years to come. These partnership employment programs are mostly available at participating colleges and universities, working in conjunction with certain organizations.
This article is written to be a stop-gap before you make that exhaustive LinkedIn post voicing your frustration and issue with the industry. We will discuss a few key items for success I have noted throughout my cyber security and information technology professional experience.
Let's get right into it, with very few exceptions no college, program, bootcamp can guarantee you job placement anywhere. If you are attending or planning to attend any program offering such services, please ask more clarifying questions to determine what that statement means in its entirety. That answer should come along with assurances that guarantee some form of compensation if the role placement does not happen as stated.
Another note I think beginners in this field miss is the fact that just because YOU are qualified for a role, does not mean you are the only person qualified. If you are following career-related news there is a "Cyber Security Skill Shortage". The problem with the macro statement, and the reason you are reading this article is the skill shortage is not the ONLY problem. The main issue is that there are not enough entry-level roles to accommodate those starting within the field. The "skill shortage" is mostly for "extremely technical", "highly abstract" and "experience required" disciplines within cyber security. If you were to spend no more than 30 minutes looking for an entry-level role on LinkedIn, this will become extremely obvious.
Reviewing the one job posting below, which still requires a small amount of experience. This role has over 200+ applicants on Linkedin alone, and it was posted only a week ago. The role is "On-site", which further limits the range of candidates. Now let us assume this role drives at a minimum an equal amount of applicants on additional job posting sites as listed on LinkedIn.
The competition for this role is incredibly fierce, with over 400 qualified applicants vying for the same position. These odds are undoubtedly challenging, especially when you factor in
The initial screening process conducted by AI resume reviewers
The importance of keyword hits on your resume
The significance placed on "experience" during the interview.
To stand out among such a competitive pool, you'll need to excel in all aspects, including the interview, and demonstrate that you surpass other qualified candidates.
Avoid "Breaking In" try "Moving in"
As discussed earlier, the scarcity of entry-level positions coupled with the overwhelming number of applicants can present significant challenges. Wouldn't it be wonderful to bypass most, if not all, of these obstacles? Envision a scenario where you have already established yourself in a company, working in roles such as desktop support technician, helpdesk technician, application analyst, executive assistant, and more.
While you have been within these "non-cybersecurity" roles, you have continued to learn and study in your spare time, and if any changes or initiatives arise at the organization that involves any cybersecurity-related topics, you are the first to volunteer. Assuming all goes well, you have been helpful and expressed an interest in cyber security more likely than not you will be granted a few additional "considerations" if any cyber security roles were to open.
The company is already aware of who you are, your work ethic, and your interest, and can review your prior performance. These details would make it easier and more financially feasible to have you "Move-In" to the new role.
This is the first part of a multi-part series "Raising the Bar for Beginners"
Please follow the blog for the next post!