Making the Move to Cybersecurity

Criterion Careers Blog

Making the Move to Cybersecurity

Facebooktwitterlinkedinmail

By Krissy Rogers, Recruiting Manager

With all the buzz around cybersecurity these days, perhaps you are thinking about making a career change. One thing is for sure, working in cybersecurity for a federal government agency customer is truly work that matters! There are many opportunities to make a difference. How hard is it then, to transition to cybersecurity from other IT specialties?

The first point to be aware of, is that working for a government contractor in cybersecurity represents a balancing act between cyber certifications and security clearance. If you have the latter, you already have a step up! That being said, if you are a systems administrator with some certifications like CompTIA Security + CE (see our post on needed certifications) and fluency with a variety of tools, you could also be well-positioned to make the move.

Remember, you don’t need to know everything all at once. Cybersecurity is constantly changing, and it is nearly impossible to know everything in the field. Therefore, focus on the basics, start at an entry-level role, learn from others and ask lots of questions, and advance into areas of cyber that most interest you. If you are a female and considering cyber, please do. There is a true shortage of women in the field. Criterion has many talented women working here: Two were recently recognized as finalists for the Las Vegas Women in Technology Awards.

Here are some steps you can take to prepare for a new career in cybersecurity.

  • Figure out what tools you use already that are also used in cybersecurity. Investigate others and look for opportunities to train on them.
  • Go after your certifications – no matter what career level you are at. Federal agency customers are very demanding in this area! Don’t just go after the CEH and CISSP first. Although they are very important to the federal customers, you should spend your time learning the trade first and not learning tests.
  • Invest in SANS training to learn how to do hands-on threat intelligence gathering, incident response, penetration testing, packet analysis, and advanced forensics analysis. SANS has a great maturity and learning paths. Here’s a roadmap.
  • Make a list of the other skills you need to be successful in cyber. It is not all about technology – management, leadership and people skills count too.
  • Start going to cyber conferences and keep up on the news and events in the space. Here are a few: Cloud Security Alliance, BSides, Redhat, Splunk, Elastic, SANS, DEFCON, and Blackhat. Look for local chapters for cybersecurity forums such as BSides, as entrance fees are generally affordable and the content is rich.
  • Get initial experience by setting up a home network and securing it – for yourself and/or friends and family. Experiment with cyber tools and techniques. Then, include this information in your resume and/or cover letter. One easy way to get started is to install Security Onion on a decent sized computer, preferably a server. Look for used equipment on eBay. For instance, a full duplex Gigaman network tap is in common use in many enterprises. For firewalls start with PfSense. You can use their software for free and build you own or buy an appliance starting out at $99. If you want to centralize logs like enterprises do, use the free version of Splunk or build your own Elastic Logstash Kibana (ELK) instance. There are many resources online to guide you through installation and configuration procedures.

Being successful at a company like Criterion requires more than just certifications and technical excellence. We also look for people who are relentlessly curious and driven to succeed. Are you good at solving problems? Can you identify innovative approaches? Do you do whatever it takes to get the job done? Are you a leader? Do your colleagues trust you? If the answers to these questions are yes, then you are most of the way there. Criterion has a generous education and training assistance allocation for employees to help them get and maintain their skills and certifications. If you think you have what it takes, please contact us!