In order to increase the chances in succeeding in anything, you need to have a plan. To excel in a complex field like cybersecurity, you need short term and long term goals.
The list below highlights the route I have taken and continue to do so. Looking back I have no regrets, other than I should have taken more risk!
Hopefully it helps those choosing this career path by having an insight of my lifestyle and schedule.
- Short Trainings
Check out the links section for some recommendations.
- Work on websites, github, help a friend, non-profit
- Explore tools
- Kali Linux, Vulnerability Scanners, Cloud Platforms
- Attend product demos, learn what’s in the market, ask competitive questions
- Create Long/Short term goals
- Get at least 1 per year, in 10 years you’ll have a lot!
- Select industry standard ones, that hold value to the employer
- With vendor certs (like Cisco, Microsoft, etc) the partner gets benefits for selling their products (discounts, rebates)
- Have your company sponsor/pay for the training and certificate (they all have budgets for personal development)
- Prioritize based on demand
- Specialize in topics that interest you
- Develop In-demand skills
- Seek high-demand/low supply skills
- Regularly add more to your toolset
Use this map as a guide: https://www.cyberseek.org/heatmap.html
Events / Seminars
- Learn market trends from topics, speakers, vendors, etc
- Network with professionals in your field
- Public speaking
- Report writing
- Dumbing down technical concepts
- Sell yourself
Create/Contribute to Content
You don’t have to be an expert to contribute to content.
- Make your profile professional
- Professional Headshots
- Clear, concise writeup
- Check grammar, formatting, readability
- Don’t spam or solicit others
- Seek Advice
- Ask professionals for specific advice
Try everything, focus on 1 or 2
- Try multiple fields within cybersecurity and see where you feel most passionate
- To be good in any field, you must know the things that affect it (sort of a jack of all trades). A good consultant can talk high level about everything
- To have greater value, you must specialize in 1 or a few fields
The unemployment rate in cybersecurity is currently 0% (2019-2020).
Since this filed is so vast, the salary ranges from $60-$500,000 in the US. But here’s a general breakdown. This varies with state, experience and company.
- Secure Coding, APIs
- Design, Architecture, SDLC
- Web Application Pentesting
- Solution Architecture
- Ethical Hacker/Pentester
- GRC (Governance, Risk, Compliance)
- Network Security
- Secure Network Design
- Security Implementation Engineer
- Internal Pentesting
- Cloud Security
- Security Operations Center (SOC)
- Incidence Response
Here’s a big mindmap someone created with much more detail.