If you want to switch to a career in cybersecurity, this is how you can get started
By Ehtisham Hussain, Content Marketing Manager, QuickStart
At the time this article is being written, there are more than 35,000 cybersecurity jobs posted on indeed.com, out of which more than 5000 were posted within the last 48-72 hours. According to an article published in Forbes, there will be a shortage of 2 million cyber security professionals by 2019. In fact, there is a shortage of one million cybersecurity professionals across the world as we speak. With an average salary of more than 116,000 per year, and organizations literally getting into bidding wars over skilled cybersecurity professionals, it is safe to say that if you want to switch to industry, cybersecurity should be at the top of your list.
Pre-requisites to switch to a career in cybersecurity
You cannot start a career in cybersecurity without a background in IT. This does not mean you need to come from IT exclusively, but you need to have a thorough understanding of how things work in the IT world. If you are working in a different domain altogether, you will need to do a number of courses and certifications before you can start applying for jobs in cybersecurity. If you are just starting your professional career, you should look for career paths such as Exchange Administrator, Network Administrator, System Administrator, and Web Developer. From these career paths, you can get into email security, network security, system security, and web security respectively.
To summarize this section, let’s just say that you need to put some time in the IT sector in one of the career paths we just mentioned, and develop skills in Operating Systems & Database Management, Programming & Coding, and Networks. Once you have that on your resume and have a clear understanding of how data works, how it is transferred, how it can be compromised, and why it needs protection, you can move on to the next phase, which is acquiring the relevant certifications.
Beginner level courses and certifications
While there are a number of courses and certifications being offered by Microsoft, Linux, (ISC)² and Comptia in this category, we have narrowed it down to the following two:
1. CISSP
Certified Information Systems Security Professional (CISSP) will equip you with all the information you need about best practices in terms of cybersecurity, its methodologies, principles, concepts. After taking the CISSP exam, you will be able to start a career in cybersecurity as an Information Security Consultant or an Information Assurance Engineer. You will mostly be planning the cybersecurity strategy of an organization and will use the resources they have to oversee implementation. As you can see, even the most basic cybersecurity job places you higher up the hierarchy and in a position of extreme responsibility.
2. COMPTIA SECURITY+
This course equips you with the skills needed to identify vulnerabilities and threats and plan and implement the cybersecurity strategy of an organization. You will learn the fundamental concepts of cybersecurity and will be able to troubleshoot cyber security incidents. Your job responsibilities will include ensuring business continuity and disaster recovery. By doing this certification, you can get a job as a cybersecurity analyst, an IT support technician, a penetration tester, and a cybersecurity tester.
Intermediate level courses and certifications
As with beginner level courses, there are tons of courses in this category but we have decided to go with the following two:
1. CERTIFIED ETHICAL HACKING
Certified Ethical Hacking (CEH) is the perfect intermediate level course for cybersecurity officers. If you are already responsible for network security in your organization, you should do this course as it will enable you to identify weaknesses in your system, and will equip you with the skills you need to counter any threats. You will also be able to anticipate different types of cyber-attacks and take measures to prevent them. As the name just, the course teaches you the strategies hackers use to penetrate a system, so you know exactly how to defend your system against them.
2. CERTIFIED DISASTER RECOVERY ENGINEER
If you are working in the InfoSec industry for about a year and want to pivot to disaster recovery, this is the perfect course for you. It covers everything from risk analysis to recovery techniques, making sure you have the training you need to analyze a situation, come up with a strategy to resolve it, and implement the strategy. In short, a Certified Disaster Recovery Engineer is a one-man/woman army you bring in when the cyber security of your organization is compromised. Getting this certification on your resume will make you a highly sought-after entity in the InfoSec world.
Expert level courses and certifications
1. COMPTIA ADVANCED SECURITY PRACTITIONER CASP (COMPTIACASP)
This is an expert level course for people who have been in the InfoSec business for about 5 years, and have working experience in the IT industry for about 10 years. Doing CompTIA Security+ is not a pre-requisite for this course, but if you have already done it, you will find this course to be a little easier. In this course, you will learn Enterprise Security Architecture, Security Research and Analysis, and everything in between. You will learn how to manage the security policies and procedures of an organization.
2. Certified Authorization Professional
Certified Authorization Professional (CAP) by (ISC)² is an advanced level certification that’s designed for professionals who are already highly experienced in cybersecurity and are working towards or have already acquired a leadership role in their organization. A certified authorization professional works within the Risk Management Framework (RMF) to identify vulnerabilities in the system, and aligns the information systems with the RMF. With this certification, you show the recruiters that you can create a cybersecurity strategy, formalize processes, and maintain the necessary documentation. To do this certification, you have to have minimum of two years of experience in at least one of the seven domains of the CAP Common Body of Knowledge (CBK).
We hope you found this article helpful. Do reach out to us if you require any further information on the subject.
About the Author
Ehtisham Hussain is the Content Marketing Manager at QuickStart. He describes himself as a writer, editor, and digital marketer.
Having worked with multiple organizations and a number of websites, he specializes in content that caters to both man and machine.
Ehtisham can be reached online at [email protected] and at our company website https://www.quickstart.com/.