5 minute read
BUILDING A CAREER IN CYBERSECURITY: STRATEGIES FOR NEWCOMERS AND CAREER TRANSITIONERS
by Jay Hira, Director of Cyber Transformation at EY Kavika Singhal, Cyber Security Consultant at EY
Michelle Gatsi, Cyber Security Consultant at EY
Jay Hira
As practitioners in the cybersecurity industry we are constantly solving a complex puzzle. This puzzle has many moving parts, and no one person has all the answers. If we bring together a team of people with similar educations, experiences and viewpoints, they are likely to have similar biases and, therefore, similar blind spots in the way they solve a problem. This is an issue we encounter constantly in many cybersecurity environments. The teams solving puzzles must be as diverse as the problems themselves. When we bring together a diverse group of individuals with different ethnicities, academic backgrounds, ages and life experiences, we get a more comprehensive and innovative approach to problem-solving.
Recently, we participated in an “Ask an Expert” session at the AISA Cyber Conference in Canberra where we observed a high degree of interest in pursuing careers in cybersecurity. The most common challenge for those who want to start a career in cyber and those who want to navigate a career transition into cyber is how to put their best foot forward for an industry opportunity and demonstrate curiosity, conviction and persistence through actions beyond words. As a result, we decided to share our experiences and provide specific advice for those looking to start a career in cybersecurity as students, and for those looking to navigate a career transition into cybersecurity.
Starting A Career As A Student In Cybersecurity
Kavika Singhal
As someone who has been a cybersecurity student I understand the struggles of navigating a field without a clear-cut career path. However, this industry values the diversity of skills and experiences that each individual brings to the table. Whether you come from a technical or non-technical background, cybersecurity has a place for you. To help newcomers in the industry, I would like to share some tips based on my personal experience.
Embrace opportunities. Starting without prior experience or knowledge can be intimidating, but it also means you have a clean slate and the malleability to mould yourself into any form. Do not be afraid to say “Yes!” to opportunities, even if you do not have the necessary skills. Believe in yourself and say, “I don’t know, but I can figure it out.” By learning and gaining new skills, you can give any opportunity that comes your way your best shot.
Make learning a priority. Learning in cybersecurity never stops, because the industry evolves constantly. As a student, I volunteered for student accelerator programmes and learned alongside my peers to deliver job-enhancing workshops. Participating in capture-the-flag events, hack rooms, certifications, podcasts, news articles and networking events can also help you upgrade your skills and knowledge. Such activities are critical to getting your first job in cybersecurity.
Network and engage. Building industry connections helped me understand the various roles and responsibilities within cybersecurity. Attending networking events and conferences enabled me to seek more opportunities for growth and learning. By meeting new people I better understood the impact I could make in the industry, which became a driving factor in my studies.
Showcase your work. It is important to share your contributions with others. LinkedIn is a major networking platform used by many cybersecurity professionals, and an excellent way to engage, connect and be inspired. Talk about your key learnings from networking events, tag individuals you connected with, and discuss how completing a course or certification has added to your skill set and will benefit your career. This practice creates a pattern of accountability and reflection crucial to building your brand.
Navigating A Career Transition To Cybersecurity
Michelle Gatsi
My journey into cybersecurity was slightly non-traditional. Here are a few pointers to what worked for me as someone with a background in criminology and a history of work experience in the legal sector. These could be helpful for anyone looking to transition into a career in cyber.
Build meaningful relationships. This does not mean increasing your LinkedIn connections to increase the number of connections you have. Building involves a lot of time and effort. Before I started working in the industry I met with many experienced cyber and information security professionals. I was genuinely interested in knowing more about them, what they did for fun, their day-to-day work, and why they chose cybersecurity as a career. I even found myself some career mentors who are now my very dear friends: Phillimon Zongo and Jay Hira.
It was a very busy time for me, juggling my then legal support officer role by day and my cybersecurity career pursuit by night. I am still in contact with many of the professionals I connected with earlier in my career, and I now work with some of them. You will never know where your connections can lead you, but it is important to approach this step with complete authenticity: be yourself and be real. This leads me to my next point.
Leverage personal branding platforms. I found LinkedIn to be a handy tool for promoting my personal brand and connecting with industry professionals from all over the world. I was always very shy; the thought of sharing my written articles or promoting my achievements with other professionals was terrifying. However, I learned very quickly that sometimes you have to step outside your comfort zone to get where you want to go. This means becoming comfortable with the discomfort and pushing through it. I wrote and published my first- ever blog on my LinkedIn page just under two years ago, based solely on my desire to pursue a career in cybersecurity. This blog caught the attention of a number of industry professionals who were interested to know more about my journey and offered a helping hand. These interactions added fuel to my enthusiasm to learn more about the industry.
Be open to ongoing learning. As technology advances relentlessly, so do cyber criminals and their techniques. Cybersecurity is like a big house with many rooms (in fact, picture a castle with each room representing a different domain – from data protection and privacy to identity and access management and beyond). It is easy to feel lost and overwhelmed by how much there is to learn. But I believe the key is to keep the mind active through continued learning. Our industry involves constant change; therefore, we must be willing and open to acquiring new knowledge and upskilling. We can do this through tertiary study, certifications, boot camps, articles, podcasts and networking.
I started with foundational knowledge through an online cybersecurity risk management course provided by Harvard University. I am now studying for my Security+ certification provided by CompTIA whilst building my work experience in technology consulting at EY. I consider it a privilege to be working beside incredibly intelligent cyber professionals every day. Prior to this, I spent a lot of time building relationships with a wide range of information security professionals and learning from their experiences. I would have done myself a great disservice had I chosen not to absorb the wisdom of the people around me. So do not be afraid to reach out to people – do so authentically and be willing and ready to learn.
Document your journey, and do not give up! The beauty of documenting your journey is that you can look back and see how far you have come. One day you will likely use your story to encourage the next wave of people wanting to start or transition into a career in cyber, and seeking an industry mentor just like you. This final tip is a bonus.
SUMMARY Jay Hira
Strong teams are diverse in perspectives, life experiences and leadership. The wider the variety of people and experiences we recruit to defend against adversaries, the better our chances of success. Individuals looking at transitioning into a career in cybersecurity should focus on building meaningful relationships, leveraging personal branding platforms, upskilling and reskilling through relevant certifications, and gaining experience through volunteering and internship programmes to build a solid foundation for a successful career in the dynamic and exciting field of cybersecurity.
www.linkedin.com/in/jayhira www.linkedin.com/in/kavika-singhal www.linkedin.com/in/michellegatsi
Karen Stephens
Karen is CEO and co-founder of BCyber, an agile, innovative group that works with SMEs to protect and grow their businesses by demystifying the technical and helping them to identify and address cybersecurity and governance risks. In 2021 Karen graduated from the Tech Ready Woman Academy’s Accelerator and the Cyber Leadership Institute’s CLP programs.
