Your Guide to Breaking into Cybersecurity in 2024 (No Coding Required!)
Everything You Need to Know to Get Started in Cybersecurity
It’s exciting to see how far we’ve come as a society with technological advancements. From the ability to remotely provision computing resources across the globe to the capabilities of advanced AI chatbots.
As security folks, it’s also important to acknowledge — though inadvertently, this level of innovation is undoubtedly coupled with new attack surfaces. The attack surface is the collection of all potential methods a system can be compromised. The more intricate the system, the larger the attack surface, and consequently the more probable it is that a threat actor will discover a method to breach it.
There’s a huge misconception that cybersecurity is only for nerds that can code. That couldn't be further from the truth. In reality, this dynamic and diverse field has a place for everyone. Whether you're a tech-head or a Risk Analyst, there's a role that fits your skills. Below I’ll share a list of some of these roles — both non-technical and technical — and give you an overview of each.
Non-Technical Roles:
Compliance Officer: Ensures an organisation adheres to relevant security standards and regulations.
Risk Analyst: Identifies and assesses potential security threats to an organisation.
Security Awareness Trainer: Educates employees about security best practices and threats.
Incident Response Coordinator: Manages the response to security incidents and ensures effective communication during crises.
Cybersecurity Policy Analyst: Develops and reviews security policies to align with regulatory requirements and organisational goals.
Data Privacy Officer: Oversees the organisation’s data protection strategies and ensures compliance with privacy regulations.
Security Program Manager: Coordinates cybersecurity initiatives and projects, ensuring they meet organisational objectives.
Threat Intelligence Analyst: Researches and analyses emerging threats to inform strategic decisions and improve security posture.
Technical Roles:
Security Architect: Designs and implements security solutions to protect an organisation's systems and data.
Penetration Tester: Simulates real-world attacks to identify vulnerabilities in systems.
Security Engineer: Builds and maintains security systems, including firewalls, intrusion detection systems, and security information and event management (SIEM) tools.
Security Operations Center (SOC) Analyst: Monitors security systems for suspicious activity and responds to security incidents.
Incident Responder: Investigates and manages security breaches to minimise damage and prevent future incidents.
Data Security Analyst: Protects sensitive data from unauthorised access and breaches.
Digital Forensics Analyst: Investigates cyber crimes and gathers digital evidence.
It’s worth mentioning that job naming conventions are relative to geolocation
It's important to note that though the non-technical roles don’t require you to code, often require some level of technical understanding is required. This is classed as “domain specific” knowledge. For example, a Compliance Officer needs to be familiar with security technologies to ensure compliance with regulations. However, the core skills required for these roles are more focused on analysis, communication, and policy enforcement rather than hands-on technical implementation.
Now let’s talk about the HOW:
1. Explore the Cybersecurity Landscape
Identify Your Interests: Research various cybersecurity roles (e.g., compliance officer, penetration tester, risk analyst) and determine which align with your existing skills and career goals.
Investigate Career Paths: Use resources like LinkedIn to learn about the qualifications, certifications, and education common in your desired roles.
2. Develop Essential Skills
Foundation:
Operating Systems: Gain familiarity with different operating systems.
Cloud Security: Learn about cloud platforms like Azure, AWS, and Google Cloud — shameless plug 😉: check out my YouTube channel, where I post all about the latest cyber threats and mitigations.
Threat Assessment: Identify potential threats (e.g., hackers, malware, natural disasters) that could exploit vulnerabilities.
Vulnerability Assessment: Analyse systems and applications for weaknesses that could be exploited by threats.
Soft Skills: Cultivate strong communication, leadership, critical thinking, and adaptability skills.
3. Consider Certifications
Validate Your Expertise: Obtain industry-recognised certifications (e.g., CompTIA Security+, or the Cloud Provider Security Certs) to demonstrate your knowledge and skills to potential employers.
4. Gaining Experience
Alternative Paths: If you lack direct experience, consider freelance work or personal projects to build your skills.
5. Expand Your Network
Connect with Professionals: Attend industry events, join online communities, and use platforms like LinkedIn to network with cybersecurity professionals.
Seek Mentorship: Find experienced mentors who can provide guidance and support.
6. Prepare for Your Job Search
Update Your Resume: Tailor your resume and cover letter to highlight your skills and experience relevant to each job application.
Practice Interviewing: Prepare for technical and behavioral interview questions related to cybersecurity scenarios.
Key Takeaways
No Degree? No Problem: You can enter cybersecurity without a formal degree by focusing on certifications, online courses, and practical experience.
Continuous Learning: Cybersecurity is a constantly evolving field. Stay updated with new threats, technologies, and best practices.
Google Cybersecurity Professional Certificate: Consider enrolling in Google's program for a comprehensive introduction to cybersecurity and in-demand skills.
Any further questions on this topic? I’d love to hear them, let’s treat the comments as a Q&A.
Hey there! Just wanted to share some good news - I snagged a junior network engineer gig at an investment bank, and get this - I don't even have a degree! Goes to show that us non-degree folks can totally make it happen. Not gonna lie, it took a ton of hustle and sticking with it, but it paid off. Anyway, can't wait to see more of your posts and pick up some industry know-how. Keep 'em coming!