Physical Address

304 North Cardinal St.
Dorchester Center, MA 02124

Best Ways To Get Started in Cybersecurity

Let’s face it. Getting that first job within cybersecurity is the hardest role to find. But once you do, the experience and skills you obtain can really start to snowball your career. Here are some of the ways to get your resume to stand out from the rest.

Military Experience

I honestly hate that I have put this here but it is the reason I got where I am, but obviously an extreme option and not at all required. If your sole goal is to get experience within IT or cyber security, this can be a bit of a gamble, one that is 4-6 years of your life depending on any extensions you may be required to sign. If it pays off you can leave the service with certifications, years of experience and a degree/damn close to a degree if you play your cards right and don’t waste any time. Having the GI bill effectively pay you to go to school afterwards is nothing to scoff at either, but that being said, you can certainly learn all of that and more by simply doing the other things on this list..

HomeMade Lab

In my opinion this is one of the most underrated methods to stand out. Creating a home lab, doing this for whatever it is you are trying to break into cannot be valued enough. It shows initiative, creativity, and a willingness to spend your own time in order to learn something new. You can do this for setting up a website and web server, mock active directory network, system admin, firewall, IDS, IPS setup. You will be able to walk into an interview with no job experience yet have the ability to talk like you do. Take it seriously and this type of work ethic can allow you to make big leaps in your career.

Online Labs

I think the first ‘labs’ I got started with was “OverTheWire” which, in my opinion, is still an excellent Linux learning program. It is a simple concept that gives increasingly difficult challenges in an effort to teach you the Linux command line. This is one of the best resources to start with if you have no Linux experience whatsoever. There is also a PowerShell version called “UnderTheWire”.

But while these OG Labs are useful to get started with for the command line. There are many more platforms to learn from when it comes to cybersecurity these days. TryHackMe has been a great beginner’s tool when it comes to learning information security concepts with minimal knowledge. While the platform has numerous modules intended on teaching a new skill or concept. There are also Capture the Flag systems that serve as challenges, similarly to another platform like “HackTheBox”. HackTheBox, in my eyes, has been a great platform but sometimes a bit harder to learn from in the beginning. You do seem to need some base knowledge in order to reap the benefits of what they offer. But TryHackMe has shown how hungry the market is for such learning, and in response HackTheBox has responded with their “Academy” section. Both options have modules available for free(TryHackMe has quite a bit more for free), but obviously offer a paid section which gives more benefits. These are businesses after all folks. Additionally there is a third platform called “LetsDefend” which focuses on blue team exercises.

Given the amount of options online for learning there is hardly an excuse to not give it a try if you think this field might be for you.

Certificates

Like em or hate em, certificates are here to stay. Many certifications are stigmatized and are simply regarded as an HR filter, having it simply checks the box required for admission but doesn’t prove much beyond that. You generally still need – and probably should – your technical chops vetted by an expert.

However in more offensive cyber roles, practical certifications like OSCP or CRTO more or less guarantee a baseline amount of knowledge and skill for the team member coming on-board. These are the types of exams that cannot be faked, you cannot ‘process of elimination’ and multiple guess your way here. You earned the certification, and there is no shortcut to that beyond hard work.

Start a Blog

Oh, don’t judge me…

Believe it or not, this blog is not all selfless. There is a degree of self-improvement and marketing here. 

By starting a blog you show you are trying to be proactive within your industry, to give back and help others improve upon themselves. You are able to demonstrate your technical proficiency, ability to communicate, and your writing skills. You start to build an audience, you have influence, people trust you, over time you establish yourself as an expert and authority within your field.

All of these things increase your value. So learn to leverage it.

Help Desk

This is the “OG” path of getting into the industry. A tried and true method of establishing a foundation from a basic IT role. Learning as much as you can here and when you are able to move into something like a system administrator.

This jump will increase your skill set substantially and is looked upon favorably by recruiters seeking talent in cyber security. Some may move from help desk into a blue team focused role like SOC analyst. But to be honest I think if you are able to get a system administrator role it really adds to the range of jobs you will be able to acquire. Always be looking towards the job you WANT to have a look at the skillset desired. Any gaps you have try to fill them with projects in your free time, or job roles that have some overlap with those skills. Over time you will be able to build a targeted resume to get exactly what you are looking for.

Learning to Code

This skill set cannot be sold enough, there is so much utility in the ability to read and write code. Whether it is automating daily tasks with python or bash scripts to compiling and debugging binaries. The more experience you have living in the guts of computer software the more comfortable you will be when attempting to dig through and find vulnerabilities. 

Are you trying to get into bug bounties? Well… learn some SQL and JavaScript syntax. The vulnerabilities associated with them and the mitigations needed so it’s fixed. This skill set will pay dividends for your career in the long run.

Networking

If you think you can succeed in cyber security and not understand networking you are reading some questionable material. Networking is such a foundational skill when it comes to cybersecurity, and you need to understand it thoroughly. From traffic flow, subnetting, the OSI model (arguably doesn’t belong here but I’m keeping it dammit) , operating routers and switches. There is a lot of foundational knowledge needed within this pillar of the field.

There is a ton to learn within this field, and many places to go to do so. How should you check to make sure you actually learned what you set out to?

Don’t Click Links From Strangers,

Bryce

Bryce
Bryce
Articles: 26

Related Posts

Trending now

The ‘Shortage’ Facing CyberSecurity
Do you need a degree to get started in Cybersecurity?
Best Ways To Get Started in Cybersecurity
Are SANS certifications ACTUALLY worth it?