This cheat sheet is designed to augment the aspiring cybersecurity professional and provide them with the tips, resources ,and advice needed to help improve their chances of finding a role in cybersecurity.
Use this sheet in tandem with the "Entry Into Cyber" pages on this website.
This sheet is broken down into particular parts, each part serves to help inform the aspiring cybersecurity professional and help them prepare for a career in cybersecurity.
"Luck is what happens when preparation meets opportunity" - Seneca
1. Find your passion
2. Building Your Network
3. Studying and Training
4. Tailor your profile and CV
5. Additional Resources
Cybersecurity is a massive field with lots of different facets, from GRC to IoT Penetration testing the number of roles and career paths are mind-boggling. There are roles that are more competitive than others which may make it difficult to get a foot in the door in that particular area, an alternative route may be advisable.
With all this said, finding your passion will help you align your studies, your job hunting efforts, your courses, and certifications which will ultimately make the challenge of finding a role less abrasive.
I have included this website to showcase the vast amount of roles available and it is interesting to see just how wide the scope is.
50 titles job seekers should know about: here
You may even find that your passions change halfway through your journey, which is perfectly normal. perform proper prior research and preparation to ensure to move is as less stressful as possible.
Building your network within cybersecurity helps you connect with different businesses, professionals, and roles, this will be very beneficial to your efforts when finding a role as it brings visibility to your endeavours, skills, and professional profile.
LinkedIn is without a doubt the best place to connect with industry professionals and a place where you can showcase your skills, it acts as a shop window to you as a professional and gives you a platform to market yourself.
1. Ensure you include as much relevant information on your profile; skills, experience, certifications, and courses.
2. Include a profile picture and change the default banner to something that describes you, remember the banner is at the top of the profile it needs to draw people in and paint a picture of who you are.
3. When connecting with new people be sure to introduce yourself and let them know why you connected, this will help build professional relationships which can be beneficial for your career and efforts.
4. Engage with the community; comment on posts, like posts and join in meaningful discussions this will help nurture an organic network.
5. Post content that is engaging, relevant, shows your skills and passion.
6. Be selfless, help people when you see people asking for it, be an ally to others.
7. Connect with recruiters, a large number of jobs may never see a job board and will be handled by recruiters whether it be an internal recruiter or external recruiters connect with them, they can give valuable industry insights and guidance on your efforts.
Interestingly a survey was conducted which concluded that in 2016 85% of roles were filled via networking, whether this holds true to today is another question, however commonly most roles in cybersecurity are found via networking, this is from personal experience and from discussions with others.
Relatively new to the cybersecurity scene is the use of discord and the communities that are hosted on there, now there are many different servers you can join and they all have different focuses. Here are a few servers to get you started.
Cyber Job Hunting - Cyber career advice.
Cyber Mentor Dojo - Finding mentorship in cybersecurity.
Certification station - Study and certification help.
Security Blue Team - Blue team focused server.
Blue Team Labs Online - Official BTLO Discord.
Unofficial RangeForce - Unofficial RangeForce server.
Unofficial INE/E-learn - Server dedicated to students of INE.
BlackHills Infosec - Server - A community with good resources.
TMHC (The Many Hats club) - A cyber security community.
Infosec Prep - Cybersecurity study community.
TechVets - Veteran only run community, required to sign up via the website
If you run a server and would like it listed here please reach out to me on LinkedIn
"When a foundation is poorly constructed, it can post a serious risk to the structure"
This quote was taken from a construction website, however, this quote can ring true when describing a cybersecurity professional, they must have a good grasp on the foundational knowledge before they start to specialise in a certain area.
This includes but is not limited to the follow, bear in mind the foundation requirements differ from role to role.
Be sure in whichever path you decide to take to build your foundation strong for the rest of the structure, don't skip ahead.
While this website has a few resources you have the most powerful tools in your arsenal which are Google and Youtube, with the use of specific searches you can find content relating to the topic you wish to learn more about.
Additionally, LinkedIn and Discord are full of very helpful people that can point you in the right direction.
A website built by a titan in the cybersecurity field is dedicated to free resources, please support the creator of the website: here
You will swiftly discover that there is a lot to learn and it can be difficult to keep on track and with this, you may find yourself bouncing between different topics which can become exhausting.
It is best to note down your "plan of attack" when it comes to studying and try to approach it in a structured manner, building a structure based on the research around the desired position may be beneficial because it could save time in the long run.
This all may be easier said than done, but what about certifications? There is a vast amount of certifications available for the various types of roles within Cybersecurity and it can lead to confusion as to what is the best steps to take.
Please check out this useful visual guide to the various certifications available: here
When you begin piling through the books and videos there is a time where you will be like "I need to try this" and you will begin searching for resources that can enable practical application of what you have been learning.
There are two ways I recommend approaching this and both have pros and cons, this is a case of finding what suits you better and fits within your learning budget.
Homelab - Homelab is a setup produced by yourself (self-hosted) which can be a great learning experience, you will find yourself running into issues that you need to troubleshoot to fix and this is where a lot of skills are gained. Once set up the homelab can prove to be a useful addition to your professional developments.
Here is a useful video to introduce you and help you build a homelab: here
Black Hills Infosec have lots of great resources too!
Practical learning online - While homelabs can be great they can also be costly and time-consuming and after all time and money are precious resources when it comes to learning, enter online practical learning resources.
A lot of the battle is about networking and ensuring you stand out from the crowd, but what is the best way to do this in an online world? One word "Marketing" you need to market yourself as a professional as you are a product.
When you walk past a shop what do you see covering the windows? Impactful messages and visuals designed to draw customers in, now let's apply this to the Cybersecurity professional how can they market themselves?
Well, there is no easy answer for this one but it is a journey of learning and trial and error.
Firstly, improve your LinkedIn profile and secondly learn a little bit about marketing and use this to your advantage when networking and promoting yourself.
Steps to improve your profile on LinkedIn: here
Career advice to market yourself: here
How many times have you sat there editing your CV and readjusting it? I have spent countless hours on my CV making sure it was up to a reasonable standard.
I have had the pleasure of speaking to many recruiters and hiring managers and have accumulated a list of tips and advice that could prove useful when building your CV.
Note: this may vary by region
While this list is a good start, it is certainly not everything and the way you approach your CV/Resume differs from region to region, additional research may be required.
Thank you for taking the time to read this guide, I hope that it will prove useful in your endeavours.
If you would like your content featured here and you believe it may be useful please contact me on LinkedIn.