Even after nearly 25 years, I continue to be excited and passionate about security. I enjoy discussing my experiences, opinions, and crazy ideas with the community. I often respond to questions and comments on my blogs and in LinkedIn, as it is a great platform to share ideas and communicate with others in the industry. Recently I had responded to a Network Admin seeking a career in cybersecurity. With their permission, I thought I would share a bit of the discussion as it might be helpful to others.
Mr. Rosenquist - I have been in the Information Technology field as a network administrator for some 16 years and am looking to get into the Cyber Security field but the opportunity for someone that lacks experience in this specialized field is quite difficult. I too recognize the importance of education and believe it is critical to optimum performance in your field. What would your recommendation of suggested potential solutions be to break into this field? Thank you for your time and expertise.
Glad to hear you want to join the ranks of cybersecurity professionals! The industry needs people like you. You have a number of things going for you. The market is hungry for talent and network administration is a great background for several areas of cybersecurity.
Depending on what you want to do, you can travel down several different paths. If you want to stay in the networking aspects, I would recommend either a certification from SANS (or other reputable training organization with recognizable certifications) or dive into becoming a certified expert for a particular firewall/gateway/VPN product (ex. PaloAlto, CISCO, Check Point, Intel/McAfee, etc.). The former will give you the necessary network security credentials to work on architecture, configuration, analysis, operations, policy generation, audit, and incident response. The latter are in very high demand and specialize in the deployment, configuration, operation, and maintenance of these specific products. If you want to throw caution to the wind and explore areas outside of your networking experience, you can go for a university degree and/or security credentials. Both is better but may not be necessary.
I recommend you work backwards. Find job postings for your ‘dream job’ and see what the requirements are. Make inquiries about preferred background and experience. This should give you the insights to how best fill your academic foundation. Hope this helps. - Matthew Rosenquist
The cybersecurity industry is in tremendous need of more people with greater diversity to fill the growing number of open positions. Recent college graduates, new to the workforce, will play a role in satiating the need, but there remain significant opportunities across a wide range of roles. Experienced professionals with a technical, investigative, audit, program management, military, and analysis background can pivot into the cybersecurity domain with reasonable effort. This can be a great prospect for people who are seeking new challenges, very competitive compensation, and excellent growth paths. The world needs people from a wide range of backgrounds, experiences, and skills to be a part of the next generation of cybersecurity professionals.
An open question to my peers; what advice would you give to workers in adjacent fields who are interested in the opportunities of cybersecurity?