Story: How I got my dream job in cybersecurity
- College was rough. I was taught theory but tested on application.
- While all of my professors were clearly knowledgeable in the topics they taught, not all of them were able to teach in an effective manner.
- I was in classes where if you got at least a 20% on a test, you would get a C+. There was a high priority to weed out people in the first two years of college.
Why did you Seek a career in cybersecurity?
- I chose this career for a number of reasons.
- Cybersecurity jobs are always in demand.
- I liked the flexibility of the work environment. I could work for a start-up with a laid-back atmosphere, a business professional corporate company, the government, etc.
- You do not need a PhD to work in cybersecurity. Getting a Bachelor’s Degree is enough to work in this field, although there is a chance you will need some certifications.
- The field of cybersecurity has many different work roles (developers, analysts, policymakers, etc.) and focuses (networks, intelligence, vulnerabilities, mitigations, etc.). If I ever get bored, I can switch to a different job role or focus, provided I had the needed skillset.
- The income for this field enables me to live comfortably.
What was your first job or nuggets from jobs you had that helped you to get to where you are today?
- I was heavily focused on being mentored in my first 5 years. I turned into a sponge. I learned about the many different jobs in cybyersecurity, how to thrive in these fields, and different forms of tradecraft that I could incorporate into my own analysis.
How did you prepare for an interview?
- I practiced my spiel about my current and previous work. You’d be surprised how many people stumble on talking about their work experiences.
- I re-read the job posting with the goal of being able to talk to the hiring manager about how I had already done these tasks in my current and previous job roles.
- I researched the company. Hiring managers would ask me what I knew about their company. I made sure I could speak about their company at a high level, and also at the level I would ideally be a part of. (if there was publicly available information).
Books that helped you?
Cybersecurity & Computer Science Books
- Cybersecurity and Cyberwar by P.W. Singer and Allan Friedman
- Learn Python the Hard Way by Zed A. Shaw
- The Art of War by Sun Tzu
- On War by Carl von Clausewitz
- Network Security: A Beginner’s Guide by Eric Maiwald
- Introduction to Machine Learning with Python
- Hacking Web Intelligence by Sudhanshu Chauhan and Nutan Panda
Things are changing very fast in the industry, how do you keep yourself updated. Please list techniques or newsletter, podcasts, events etc
- My favorite resource it Twitter. It is a wonderful aggregated platform that enables you to have access to all of the newsletter, events, researchers, etc. you are interested in. I use the “lists” feature to separate the people and blogs I follow by their focus areas.
What can you recommend on CV?
- Make it clear and concise. Recruiters have to read tons of CVs, so make it flow nicely.
- Search “buzz words” for your job role so you can add them to your resume. There are companies that use algorithms that pull out resumes with certain “buzz words” for recruiters to review. Not all companies use algorithms, but this also helps recruiters when they are scanning resumes manually.
- Put in significant effort when developing your CV. This document is your “foot in the door” to a company. It is the first impression to a company.
- Have mentors review your resume.
- Search what resumes look like in your job role.
- Search job descriptions of your job role at different companies to see how your skills are worded.
Advice for someone looking for job?
- Have patience. It can takes months to get a job for even the best candidates.
- Focus on jobs where you actually fulfill the majority of the job criteria. If you cannot speak to at least 70% of the job requirements, than I would not expect a call-back. This does not mean it cannot happen, but the chances are significantly lower if you do not meet most of the requirements for a job posting.
- Always prepare for interviews. Have your spiel ready, and research common interview questions for the field you are applying for.
why do you think you were selected among other candidates?
- I do my research and I plan.
- I put significant effort into my resume (and keeping it updated).
- I study for my interviews.
- I make it a priority to remain current in technology-related news pertaining to my skillset.
- I also make it a priority to remain current in my tradecraft. For example, when I was in college, I had the option of learning Java or C++. Nowadays, knowing Python is a highly sought after skill-set for fields in cyber threat analysis. Upon learning this, I made it a goal to learn this programming language. It was unfortunate I did not have the ability to learn Python in college, but I did not let it stop me. I work in a field that is always evolving, and I need to evolve with it if I am going to be the best analyst I can be.
Lessons from jobs that you couldn’t get.
- Be honest about your level of knowledge for different technologies and programming languages. I believe in the “fake it til you make it,” but only to a certain extent. If you say you can code in Python at the intermediate level (and you actually a beginner coder), there is a chance this will be found out through coding exercises. If your lack of education is not surfaced during the interviewing stages, they will likely find out once you start the job.
Jordan Kovacs is a cyber threat analyst that focuses on technologies relevant to cyber crime. Her specialties lie in blockchain applications, ransomware, and the DarkWeb.
How I got my dream job in cybersecurity