Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
The InfoSec Industry Today
It seems wherever you look people talk about the shortage of cybersecurity jobs in the industry today. This becomes confusing when you go on LinkedIn and find a ton of people complaining about sending out hundreds of applications yet receiving little attention. So what’s the disconnect?
Not What It Seems
I think the biggest misunderstanding around this at the moment is there is NOT a shortage of people that desire these roles, and think they are ready for them. But there is a shortage of QUALIFIED individuals for these roles. I believe a lot of people start trying to break into the industry because they either hear it is ‘easy’ or see postings about high average salaries, but you do need to consider some context. Traditionally, cybersecurity was for those who had a basis in an IT role, you did not just start out in cybersecurity. There are exceptions to this, and it probably is even easier to skip the foundational roles today given the vast number of resources available to learn from. But don’t think for a second that starting in a help desk role or some other low level IT position is a waste of time, you are building a foundation for cybersecurity in these IT jobs.
CyberSecurity requires a strong understanding in quite a few computing concepts. Just to name a few you have: Understanding networking, operating systems, how all of these communicate with each other, implementing least privilege for the users of a system, setting up Active Directory, a DMZ, Firewalls… Oh and then there’s the friggin cloud.
The list goes on and on. And there are so many different technologies these days that cyber experts tend to specialize into something a bit more targeted. But even with something niche, having that foundation from IT experience is only going to help you going forward.
But while it may help, traditional IT experience is certainly not required. However the understanding of those previous IT concepts I believe IS required when it comes to cybersecurity. It can be hard to sell to a company that you have the skills they need without any experience, certifications or a degree, but if you somehow land an interview without these you better be ready to crush a technical interview. So many people looking for these types of jobs online are still in the fledgling stages of these skills, yet expect to land a role relatively easily.
The frustration of those online struggling to look for work is only exacerbated by reading that success story of someone landing a dream role with barely any credentials to back it up.
THIS IS THE EXCEPTION… Also that person is probably insanely skilled, just couldn’t be bothered to get any certifications let alone a degree. And yes, I do actually know people like that today.
These types of posts are the ones that will go ‘viral’ because of that underdog factor. Against all odds they succeeded! From a content creator’s perspective, It’s a recipe for a banger of a post, but it is not the norm for the many still looking for a role.
It’s a Numbers Game
You’ve probably heard the phrase ‘it’s a numbers game’ before, basically an argument that quantity matters and the more the better. And to be honest it’s true when it comes to submitting applications. The more you put out the more chances you have, but if you are putting out hundreds of applications and are receiving NO attention. You may want to start looking at your resume in contrast to the roles you are applying for. Being good at self-criticism is a valuable skill, being able to ask for help is good too and both can help with improving your resume. You are lacking something they want most likely. CyberSecurity is not the industry you go into to ‘take it easy’. There are those that probably do something along those lines, but not staying on top of new vulnerabilities and exploits as someone in charge of defending a network kind’ve makes you a liability to a degree. Now, before I get flamed for such a statement, I do completely agree there needs to be a work-life balance. Burnout is very common in cybersecurity, and while you shouldn’t be working from sunrise till sunset all the time to stay up to date. Not doing anything to keep up or improve your skill set borders on negligence.
You should be practicing this mentality as a newbie. Always be improving your skills while sending out those applications. This also gives you something to talk about during an interview.
There is always progress to be made in this field, something new to learn and discover. I talk about this topic a bit further in my post ‘Best ways to get started in Cybersecurity’.
Don’t Click Links From Strangers,
Bryce
