- The cybersecurity industry needs more job seekers to fill the more than 500,000 positions available in the United States.
- According to experts, a resume devoid of work experience in cybersecurity can still stand out for its skills.
- Experts recommend job seekers identify a niche within the big industry before applying.
With cybersecurity comes job security.
According to Cybersecurity Ventures, there will be around 3.5 million unfilled cybersecurity jobs by 2025. A separate estimate revealed that there are currently around 597,000 open cyber roles in the United States. Many of these roles pay at least six figures, according to data from Columbia University.
But contrary to popular belief, cyber jobs cover much more than the covert national security issues depicted on TV and movies. In reality, there are at least seven categories, 33 specialty areas, and 52 different roles within the cybersecurity industry, the National Initiative for Cybersecurity Education Framework showed. Positions include Data Analyst, Security Architect and Vulnerability Assessment Analyst.
“Overall, this industry requires a lot of new learning, constant learning,” said Adam Kujawa, director of Malwarebytes Lab, an anti-malware software company. “So being self-taught, being able to learn very quickly and taking what you learn and creating a product with it or using it in some way, is important.”
Insider spoke with Kujawa and two other cybersecurity recruitment experts to find out what traits they look for in candidates and what resources are available for people with little or no prior experience who want to embark on a career in cybersecurity.
Unconventional journeys are valuable
Today, the cybersecurity industry is predominantly male and white, but Renana Friedlich, PayPal’s senior director of security operations, is one of the leaders in this space looking to change that.
“I think one of the biggest things that scares people about cybersecurity is ‘I’m not technical enough’ or ‘I don’t have coding skills,'” Friedlich said. But, she added, her team includes people from customer service programs, academia and other fields.
She recommended that people of any level or type of work experience use free online training programs, such as Hack the Box and TryHackMe, to jump-start their careers. Additionally, Twitter has an information security community that experts recommend to job seekers.
On social media, job seekers could make connections and read major cybersecurity updates, said Kujawa and Janet Van Huysse, director of human resources at Cloudflare, a website security company. .
“Watch YouTube videos, go to blogs, go to various websites and news sites and educate yourself on threats,” Kujawa said. “Learn how they work. Learn the basics about them.”
Both Malwarebytes and Cloudflare have blogs that can help educate job seekers about the industry, and the Malwarebytes blog even accepts submissions. For those looking to join Cloudflare in particular, Van Huysse recommended that job seekers who have used Cloudflare’s products on their personal websites or past projects show it during the interview.
Kujawa advised eager newcomers to be hypervigilant about which companies they apply to. He said “sketchy” or “rogue” companies existed in the space that could damage someone’s resume. He encouraged job seekers to consider the company’s online presence and the company’s work purpose.
“Be careful who you’re trying to work with,” he said. “Don’t jump at any opportunity that comes your way.”
Finding your niche is important
The cybersecurity industry is highly competitive — Cloudflare, for example, has received 50,000 applicants per shift over the past eight quarters and hired 0.5% of them, Van Huysse said. Experts agreed that a focus on the industry was key to breaking into it.
Kujawa said there were two main options job seekers had to choose between when joining cybersecurity. The first option is defensive, and it’s about fighting cybercrime. The second option is offensive and involves finding a way to prevent cybercrime.
“I think that kind of understanding where you want to go on that road is really important, in my opinion,” he said, “because you might drive yourself down a path and find, ‘You know what, I ‘like to go the other way.'”
To figure out where they can fit into the industry, Friedlich recommended job seekers focus on their skills — skills like problem-solving, coding and attention to detail can help with different job functions. professionals. Then lean heavily into that niche.
“You don’t have to know everything,” Friedlich said. “I think that’s one of the biggest hurdles people put on themselves when considering a career in cyber.”