How I got my dream job in cybersecurity

• College was rough. I was taught theory but tested on application.
• While all of my professors were clearly knowledgeable in the topics they taught, not all of them were able to teach in an effective manner.
• I was in classes where if you got at least a 20% on a test, you would get a C+. There was a high priority to weed out people in the first two years of college.

• I chose this career for a number of reasons.
  • Cybersecurity jobs are always in demand.
  • I liked the flexibility of the work environment. I could work for a start-up with a laid-back atmosphere, a business professional corporate company, the government, etc.
  • You do not need a PhD to work in cybersecurity.  Getting a Bachelor’s Degree is enough to work in this field, although there is a chance you will need some certifications.
  • The field of cybersecurity has many different work roles (developers, analysts, policymakers, etc.) and focuses (networks, intelligence, vulnerabilities, mitigations, etc.).  If I ever get bored, I can switch to a different job role or focus, provided I had the needed skillset.
  • The income for this field enables me to live comfortably.

• I was heavily focused on being mentored in my first 5 years. I turned into a sponge. I learned about the many different jobs in cybyersecurity, how to thrive in these fields, and different forms of tradecraft that I could incorporate into my own analysis.

• I practiced my spiel about my current and previous work. You’d be surprised how many people stumble on talking about their work experiences.
• I re-read the job posting with the goal of being able to talk to the hiring manager about how I had already done these tasks in my current and previous job roles.
• I researched the company.  Hiring managers would ask me what I knew about their company. I made sure I could speak about their company at a high level, and also at the level I would ideally be a part of. (if there was publicly available information).

Blockchain Books

• Bitcoin for the Befuddled by Conrad Barski and Chris Wilmer
• Mastering Bitcoin by Andreas M. Antonopoulos
• Introducing Ethereum and Solidity by Chris Dannen
• Blockchain by Melanie Swan

Cybersecurity & Computer Science Books

• Cybersecurity and Cyberwar by P.W. Singer and Allan Friedman
• Learn Python the Hard Way by Zed A. Shaw
• The Art of War by Sun Tzu
• On War by Carl von Clausewitz
• Network Security: A Beginner’s Guide by Eric Maiwald
• Introduction to Machine Learning with Python
• Hacking Web Intelligence by Sudhanshu Chauhan and Nutan Panda

Workplace Books

• The Lean Startup by Eric Ries
• Women in Tech by Tarah Wheeler Van Vlack
• Rebels at Work by Lois Kelly and Carmen Medina

• My favorite resource it Twitter. It is a wonderful aggregated platform that enables you to have access to all of the newsletter, events, researchers, etc. you are interested in.  I use the “lists” feature to separate the people and blogs I follow by their focus areas.

• Make it clear and concise. Recruiters have to read tons of CVs, so make it flow nicely.
• Search “buzz words” for your job role so you can add them to your resume.  There are companies that use algorithms that pull out resumes with certain “buzz words” for recruiters to review. Not all companies use algorithms, but this also helps recruiters when they are scanning resumes manually.
• Put in significant effort when developing your CV. This document is your “foot in the door” to a company. It is the first impression to a company.
  • Have mentors review your resume.
  • Search what resumes look like in your job role.
  • Search job descriptions of your job role at different companies to see how your skills are worded.

• Have patience. It can takes months to get a job for even the best candidates.
• Focus on jobs where you actually fulfill the majority of the job criteria. If you cannot speak to at least 70% of the job requirements, than I would not expect a call-back. This does not mean it cannot happen, but the chances are significantly lower if you do not meet most of the requirements for a job posting.
• Always prepare for interviews.  Have your spiel ready, and research common interview questions for the field you are applying for.

• I do my research and I plan.
  • I put significant effort into my resume (and keeping it updated).
  • I study for my interviews.
  • I make it a priority to remain current in technology-related news pertaining to my skillset.
  • I also make it a priority to remain current in my tradecraft. For example, when I was in college, I had the option of learning Java or C++.  Nowadays, knowing Python is a highly sought after skill-set for fields in cyber threat analysis. Upon learning this, I made it a goal to learn this programming language. It was unfortunate I did not have the ability to learn Python in college, but I did not let it stop me.  I work in a field that is always evolving, and I need to evolve with it if I am going to be the best analyst I can be.

• Be honest about your level of knowledge for different technologies and programming languages.  I believe in the “fake it til you make it,” but only to a certain extent.  If you say you can code in Python at the intermediate level (and you actually a beginner coder), there is a chance this will be found out through coding exercises. If your lack of education is not surfaced during the interviewing stages, they will likely find out once you start the job.