← Back to Main Page

Top

Last Updated: March, 2024

At one point at uni I put together a presentation titled 'How to Get a Job in Cybersecurity' for my university's cybersecurity club. I since received a few requests for the slides, and hence I decided I might as well just put it on my website.

In terms of getting a job at the end, you have two options:

  1. Fall into the grad program of one of the large contracting companies (Accenture, CyberCX, KPMG, etc). Work will be relatively slow, and momentum can take a while.
  2. Float your skills and resume around some Melbourne-based businesses and consultancies to see if they'd be interested in hiring an extra pair of hands in cybersecurity. If you're a robust problem solver, it should be relatively easy to convince them to bring you in. If you have the agency, you'd also generally have much more flexibility and manoeuvrability than if you did a grad program.

IMO, option number 2 is better. The opportunities available to small-medium sized business gives cybersecurity a wide variety of potential involvement in interesting projects, much more so than you might get in a grad program. However, you need to have a large professional network, but as uni students your network is still only small. LinkedIn is now a requirement, add/follow people who are high value, and curate your 'work' version of yourself on there. This will be your professional network, which will eventually blossom into a small group of somewhat well-connected individuals which can help with things like finding new positions, or with information about what's going on in the industry, etc. Then, continue to take part in local/industry/club events and add people on linkedin, the earlier the better. That is how you maximise your chances of success in finding a good job.

In terms of specific jobs, there's generally four:

All of them have roles equivalent to that of a junior/grad available - particularly if you naturally take to the whole "systems thinking, refactored problem solving with computers" thing, and also show a particular interest in one in particular. That said, SOC Analyst followed by Security Engineer are the more general ones, and as such, generally easier to find junior-position roles for.

The following are skills you need to know, ordered by how fundamental I think each one is, hence, you could argue it's a list in descending order of importance. That said, the lower items on the list generally build upon the upper items on the list, so in order of hierarchy, this list would instead be in ascending order:

  1. Networking (LinkedIn, clubs, professional contacts, grow your network)
  2. Networking (Internet Protocol, TCP/IP, traffic flow, wireshark, nmap)
  3. Hard/Firm/Soft-ware (BIOS/UEFI, drivers, motherboard components, operating systems)
  4. Programming and Version Control ([Python, C/C++/C#, Java, Powershell/Bash, SQL, HTML+CSS] pick three, plus git/github/bitbucket/subversion)
  5. Linux (RHEL, Debian)
  6. Administration (System, Network, Database, IAM)
  7. Security (Cryptographic Algorithms/Protocols, TLS, PKI, C/SSRF, etc)
  8. Generative AI (GPT/ChatGPT, and open-source)
  9. Virtualisation (Hypervisors, VMware, ESXi, VxRail)
  10. Cloud Technologies (AWS, Azure, P/SaaS apps like Microsoft E3/E5)
  11. Automation (Jenkins + Python + I/CaC + Immutable Infra = all your dreams come true, make some fucking serious money)

1. Networking (LinkedIn, clubs, professional contacts, grow your network)

This one can be overlooked easily, but is extremely important, hence topping the list – while at university, you need to be building your professional network when you can (assuming, of course, that this is the career path you want). This can somewhat vary in difficultly, but is well worth the effort, as these people might know people who know people that are looking to employ someone like you. Knowing the right people was the linchpin for how I got my first professional job in the cyber industry.

And finally, stop fucking around and make a LinkedIn account. I know, I get it, LinkedIn is weird, wacky, inflatable hand-wavy strange. 99% of interactions are each the most inauthentic thing I’ve seen that week, but the secret is that everyone knows. Everyone is in on it, that we’re putting on our suits and we’re dressing up and saying our lines, and performing our Business™ and doing lots of Business™ and really, just, the Business™ is very Business™. All the world's a stage, and LinkedIn is certainly some peoples’ worlds, but it is a world in which it is currently necessary for you to have a presence in if you want to actually be taken seriously. So I say, do it and have some fun.


2. Networking (Internet Protocol, TCP/IP, traffic flow, wireshark, nmap)

Knowing roughly exactly how everything and everyone talks to everything and everyone is such a fundamentally required skill, and the systems of thought in networking overlap quite substantially with the systems of thought in cybersecurity. Understanding how information moves, networking, not only brings about networking understanding itself, but also a way in which to see contexts or problems that might transit networking as a field. It’s like having a new column in the quality checklist your brain does automatically whenever assessing a system.

The OSI model is an extremely intricate, complicated, and technically detailed framework with which it’s fair to say all global communications use, everywhere. The best way to learn the theory would be to take pure networking classes at university, generally as part of a Bachelor of Computer Science (or something in the sciences). This would generally be similar to CCNA 1-4. You might be provided with Cisco’s Packet Tracer, but if you get the opportunity to work on real hardware routers and switches, jump at the opportunity. Once you get a grasp of what’s going on, look at nmap and wireshark, and see where they take you. Understanding networking, and having it included contextually when you’re problem-solving has huge benefits.


3. Hard/Firm/Soft-ware (BIOS/UEFI, drivers, motherboard components, operating systems)

This one is computer basics – you work with computers, you need to know how they work, and how to care for them, including how to take them apart and put them back together. If you're the sort of person I have in mind while writing all this, you're heading rather quickly into a life where a computer (phone/desktop/smartwatch/worklaptop/etc) might as well just be an extension of of your own body, at least in the majority of the important things you do. This is all to do with encouraging a kind of ‘systems-thinking’ that must be fostered. Essentially, you need to be able to do things such as these:

This list is by no means comprehensive, but these are examples of the sorts of things you should have the knowledge to do correctly, or ability to quickly (less than 60 seconds) retrieve the knowledge to do correctly.


4. Programming and Version Control ([Python, C/C++/C#, Java, Powershell/Bash, SQL, HTML+CSS] pick three, plus git/github/bitbucket/subversion)

Programming is fundamental. A personal rule of thumb (of mine) is to ask someone to pick (at least) three of the following: Python, C/C++/C#, Java, Powershell/Bash, SQL, HTML+CSS. The languages on that list can be swapped out, but (I hope) the sentiment comes across that these are ways of conceptualising the understanding of how computers function - knowing multiple gives you new (overlay-able) ways of understanding and directing computer systems.

Version control is not optional; it's essential. Git, alongside platforms like GitHub, Bitbucket, or Subversion, is crucial for code management, collaboration, and maintaining a history of your project's evolution. Understanding how to use Git goes beyond basic commands; it's about managing your project's development efficiently, handling versions correctly, creating automates tasks and workflows, and collaborating effectively.

Master these tools to make your work more manageable, your projects more collaborative, and your skills more marketable. Software development is the heart of the tech industry, and version control is one of the most important structures that supports it.


5. Linux (RHEL, Debian)

Unix runs everything. All* servers, cloud infrastructure, embedded systems, S/P/I/DBaaS, networking, telecoms, everything-everything. Start with the basics of RHEL (Red Hat Enterprise Linux) and Debian, including their derivatives like CentOS (including understanding what Rocky Linux and AlmaLinux are) and Ubuntu, respectively. These platforms will introduce you to the Unix-like environment where much of the internet and modern IT infrastructure operates.

Understand the file system hierarchy, bash/shell scripting, package management, and system administration. These are the tools and concepts that make Linux powerful. It’s not just about running commands; it’s about understanding how and why they work, and how to leverage them to manage systems effectively. For instance, being able to automate tasks with shell scripts or quickly string together a powerful command can significantly streamline your workflow and system management tasks.

If you think you're ready to delve further into linux understanding, get to know CoreOS + Ignition/Butane


6. Administration (System, Network, Database, IAM)

Familiarity with system, network, database, and Identity Access Management (IAM) administration is essential for ensuring operational integrity, securing data management, and assessing appropriate access controls, let alone the benefits for understanding as a whole. System administration covers user management and service configuration, while network administration is focused on infrastructure connectivity, including routers, switches, firewalls, and software-defined networking, including full understanding of the OSI model. Database administration prioritises data security, performance, and redundancy. IAM is critical for granting access based on user identity, authentication, and authorisation, pivotal in mitigating unauthorised access and breaches.


7. Security (Cryptographic Algorithms/Protocols, TLS, PKI,C/SSRF, etc)

Key areas in cybersecurity to focus on include cryptographic algorithms and protocols, TLS for secure communications, Public Key Infrastructure (PKI) for verification/validation, and mitigation strategies for vulnerabilities like Cross-Site Scripting (XSS) and Server-Side or Client-Side Request Forgery (SSRF or CSRF). Understanding these concepts is vital for protecting against threats and ensuring data integrity.

Prioritise learning about encryption for safeguarding data, employing TLS and PKI to secure digital interactions, and identifying as well as defending against web vulnerabilities. These are the security basics it will be your responsibility to champion.


8. Generative AI (GPT/ChatGPT, and open-source)

Generative AI, particularly models like GPT4 and other open-source alternatives, are revolutionising productivity and automation. With rapid advancements, staying updated on AI capabilities is crucial. This knowledge isn’t just for innovation; it’s becoming a necessity for efficiency and competitive advantage in nearly all sectors.

Embrace these technologies to understand their potential in streamlining and optimising your personal productivity and abilities. The ability to effectively use generative AI tools is a powerful asset, preparing you for the next wave of technological progress and ensuring you remain at the forefront of your field. You might not be replaced by AI, but you could definitely be replaced by someone else that knows how to leverage AI - be that person.


9. Virtualisation (Hypervisors, VMware, ESXi, VxRail)

Understanding virtualisation technologies like hypervisors, VMware, ESXi, and VxRail is pertinent, as they are crucial for modern IT operations. Knowledge in virtual networking and SD-WAN is also beneficial, enabling better network management and security in distributed environments.


10. Cloud Technologies (AWS, Azure, P/SaaS apps like Microsoft E3/E5)

The shift to the cloud is unstoppable, with technologies like AWS, Azure, and various PaaS/SaaS applications becoming central to IT overall. Familiarity with cloud platforms is not optional; it's essential for navigating the current and future tech landscapes.

Moreover, cloud-based antimalware such as Crowdstrike Falcon, Carbon Black, Microsoft Defender, etc, have transformed security within the cloud, offering robust protection that's both impressive and necessary for comprehensively defending against today's sophisticated threats. Understanding how to leverage these cloud services and security tools is critical for anyone in cybersecurity, not just for efficiency and innovation but for ensuring operational security and compliance.


11. Automation (Jenkins + Python + I/CaC + Immutable Infra = all your dreams come true, make some fucking serious money)

Mastering automation through understanding tools and concepts such as Jenkins, Python, Infrastructure as Code (IaC), Configuration as Code (CaC), Immutable Infrastructure, and Dev(Sec)Ops can significantly boost efficiency, drastically reduce errors, and accelerate deployment cycles. The expertise in automation allows you to not only save considerable time but also to innovate and implement solutions that are both scalable and reliable. With a solid foundation in the areas covered previously, excelling in automation could indeed turn your skills into highly valuable assets, making you indispensable in the modern tech ecosystem.

There are two things that you should try to aim to do well. The first is an extremely easy life hack to make free money in three easy steps:

  1. automate your current work
  2. take on new (preferably higher-level) work
  3. return to step 1

The second is the ability to understand and explain tasks on as wide a range (from low to high level) as possible. Fast scalable thinking like that lends itself towards higher quality work.

Good luck.