Maybe it’s the pithy motto, there’s job security in cyber security, that made you consider a career change to cyber security. Or maybe it’s the alluring statistic that by 2025, there will be over 3.5 million unfilled cyber security positions. Or maybe you’re a massive Mr. Robot fan and think that hacking bad guys would be a cool career choice.
Whatever the case, you’re now interested in leaving your past career behind and being reborn as a cyber security professional. The prospect of pivoting is daunting, but the rewards are massive.
Now the question becomes, how exactly can you transition from your current position to one in cyber security?
To make this pivot as seamless as possible, you’ll need a plan of attack to hack into this industry. Let’s talk more about what your new career might look like and how best to make that transition.
- Understanding the Cyber Security Industry
- Determining If You’re Interested in a Career Change to Cyber Security
- Is It Too Late for a Career Change to Cyber Security?
- Evaluate Your Current Skill Set and Leverage Your Experience
- How to Start a Career in Cyber Security With No Degree – Educational Pathways in Cyber Security
- How to Start a Career in Cyber Security With No Experience
- The Difference Between Success and Failure
- Conclusion
- Frequently Asked Questions
Understanding the Cyber Security Industry
In its simplest form, cyber security is about protecting digital information.
When people think of cyber security they often think of data sentries in the trenches, hunched behind a computer using their highly technical expertise to ward off bad guys.
While this image has its place in the cyber security industry, there are dozens of technical and non-technical roles available to you when plotting your pivot.
To gain a wider perspective of everything the cyber security industry encompasses, we can break the industry down into 10 domains.
Of course, there’s more to cyber security than this, the cyber security landscape is massive. However, these provide a solid bird’s eye view of the opportunities within the field.
Cyber Security Domains:
- Security Architecture
- Frameworks and Standards
- Application Security
- Risk Assessment
- Enterprise Risk Management
- Governance
- Threat Intelligence
- User Education
- Security Operations
- Physical Security
Perhaps you’re surprised to see that there are plenty of domains that don’t require professionals to get their hands dirty with highly technical skills such as coding or using cyber security-specific programs.
Such roles can be found within domains such as Governance, Threat Intelligence, User Education, and Frameworks and Standards.
If you have little technical knowledge but experience in the aforementioned areas you may consider leveraging your background to break into one of these less technical areas of cyber security.
That being said, you shouldn’t shy away from pursuing technical roles.
Like with any new skill, cyber security skills can be learned if you devote the time and effort to learning them.
While this can feel overwhelming initially, coming up with a plan and learning the software and tools required for the position you’re most interested in is the best way to penetrate this field.
Some universal skills that would benefit all cyber security professionals regardless of their role include:
- Basic networking skills
- Basic cyber security knowledge
- Solid communication skills to effectively work with team members, stakeholders, and those without a knowledge of cyber security
- Excellent problem-solving abilities
- A desire to stay up to date with the latest happenings in cyber security
Determining If You’re Interested in a Career Change to Cyber Security
Shedding your own skin and starting over isn’t something to take lightly.
A career in cyber security can be fulfilling, but pivoting takes time and dedication. Before committing the time and energy to transition, you need to determine if this new career is right for you and if you’re up for the challenge.
Before making the leap, here are some questions to ask yourself:
- Why do I want to start a new career in cyber security?
- Am I willing to put in the effort to transition into cyber security?
- Do I genuinely find the cyber security industry to be interesting and stimulating?
- Am I making enough money in my current role and will a career change to cyber security bring me closer to attaining my desired salary?
- Am I ready to commit the time to making a career change?
- Am I motivated enough?
One of the main reasons you may be considering the switch is because you want to make more money. We discuss salaries extensively in “How Much Do Cyber Security Jobs Pay?” and “50+ Cyber Security Job Statistics & Trends.”
In short, cyber security positions typically pay more than other fields, and starting salaries are typically higher than national averages.
Here are a few entry-level roles and their average salaries. Starting with little-to-no job experience will have a potentially lower salary, while those with three or more years can be making more. More advanced roles often break six figures.
Entry-Level Role | Average Salary $USD |
Junior Penetration Tester | $96,000 |
Cyber Security Analyst | $77,788 |
IT Auditor | $90,000 |
SOC 1 Analyst | $57,000 |
Threat Intelligence Analyst | $87,500 |
While most would agree that entry-level salaries are still competitive and well above the median US salary, landing one of these jobs can be difficult.
The idea of an entry-level cyber security job is a bit misleading. Employers want to see that you already have hands-on experience and certifications to your name and have the technical prowess to come in and make a difference on day one.
That’s why gaining hands-on cyber skills, obtaining certifications, building a resume, and positioning yourself as a worthy candidate are so important. We will discuss all of this in the coming sections.
StationX creates unique career transition plans for each aspiring cyber security professional, taking the guesswork out of the transition process. This includes a career matchmaker, career guides, and a custom certification roadmap to help you meet your goals.
Once you’ve found a position, be ready for how rapidly the industry can change. Embrace being a lifelong student and always be ready to evolve and adapt to the industry.
Read “Top 10 Careers in Cyber Security (and Which Is Right for You?)” to see some of the most popular and in-demand careers to aim for.
Is It Too Late for a Career Change to Cyber Security?
The only person who can tell you it’s too late is you.
A recent survey cited in Harvard Business Review of people who attempted to change careers after the age of 45 found that 82% of respondents said they had successfully changed their careers.
Whether it’s too late for a career change to cyber security isn’t the question you should be asking. Instead, ask how to make the most seamless transition.
If you come from a related field or have skills that lend themselves to your new job as a cyber security professional, changing careers will be easier for you.
Again, it’s okay that you don’t know how to break into a vulnerable machine or use a SIEM to identify potential threats.
These skills aren’t esoteric and can be acquired by leveraging the right learning material and through earnest dedication. A mixture of your previous and newly learned skills may actually make you stand out.
In fact, entering the cyber security industry at a later time in your career may even be an asset. Instead of viewing your professional experience as time lost, imagine it as simply time spent learning and refining transferrable skills.
If you’ve worked in administrative positions, you likely understand how to prioritize tasks. Those who worked in sales or customer service understand how to present information to a wide audience.
Mechanics and tradespeople understand how to see a problem and work backwards to solve it. Leading a team, setting milestones, and reporting and documentation are critical skills that can only be developed through time and experience.
Also, considering how the cyber security field is constantly in flux, even seasoned professionals are required to always be learning and reinventing themselves. This rapid change works to your advantage as it levels the playing field more so than it would in more stagnant industries.
For example, just a couple of years ago, AI had little impact on the cyber field. Nowadays, it’s all everyone is talking about. Learning a new skill at the right time allows you to become a leader of a whole new specialization.
But just how long will this change take?
This all depends on your prior experience as well as what position you hope to obtain.
That being said, even novices can hope to acquire the knowledge and skills needed to find a cyber security job in approximately 200 hours.
In just 200 hours you can learn the fundamentals of enterprise networking, IT, and cyber security.
From here, you can choose the direction you wish to specialize in, whether that be a penetration tester, cyber security analyst, auditor, or one of the many other positions this growing field has to offer.
You don’t need to attend a four-year university program or spend a decade learning hard skills before applying to positions entry-level positions. In just a few months of diligent studying, you too can penetrate this ever-changing field.
Ready to Start Learning?
Evaluate Your Current Skill Set and Leverage Your Experience
You may not realize it, but if you have professional experience in another field, you already have skills you can transfer over to your new career as a cyber security professional.
All you need to do is identify those skills.
To help you do this we’ve created the Capabilities Matrix with Gap Analysis Tool. Fill in your email address and get immediate free access.
Here’s how to use it.
The document is split into two sections, My Current Capabilities and Capabilities I Need.
Even if you don’t come from a technical background there are still plenty of transferable soft skills you may have that can carry over to your new role.
Some of those skills may include:
- Management
- Project management
- Communication
- Experience working alone and in a team
- Remote work experience
- Problem-solving
- Critical and creative thinking
- Adaptability
- Time management
Fill in any hard and soft skills you can demonstrate.
Next, you’ll want to identify skills you’ll need to be considered for certain cyber security roles. Check job postings for the required skills and experience employers are asking for based on your job goals.
Some of these skills may include:
- Computer networking
- Python
- Windows/Linux/MAC OS
- Powershell
- VPNs
- Nessus
- Bash
- SIME
- IDS/IPS
You’ll then want to take note of your prowess or shortcomings in each of these capabilities.
Filling out this document in full will give you a better understanding of your current capabilities and what you need to work on to break into cyber security. Analyze the gap and focus your efforts.
How to Start a Career in Cyber Security With No Degree – Educational Pathways in Cyber Security
Many people may be turned off by the idea of shifting gears and moving into cyber security from an unrelated field because of the pressure to go back to school and earn a cyber security degree.
But that pressure is internal more than indicative of what your future employer wants to see from you. You don’t need to go back to school for four years to break into cyber.
Earning industry certifications is both more cost-effective and holds more weight than a degree. This is because certifications are standardized.
When the hiring team examines your resume and sees your certifications, they’ll be precisely aware of your skill and knowledge base. This isn’t the case with a cyber security-related degree.
With a degree, an employer will be unaware of the courses you took, how rigorous they were, how good your teachers were, or how you were tested. Not to mention many cyber security degrees are new and the curriculum is still being refined.
So, if you had a choice to put on your resume that you graduated from a four-year university with a degree in cyber security or had CompTIA’s A+, Network+, and Security+ under your belt, we’d advise opting for the latter and then pursuing more advanced certifications.
If you’re wondering which security certification you should study for next, consider exploring the following:
The certification you aim for should depend on what you already know and what area of cyber security you’d like to get into.
If you’re starting with relatively little experience or certifications to your name, we recommend securing the following:
- An IT certification (our choice is CompTIA’s A+)
- A networking certification (Network+ provides the best foundational knowledge for cyber security, though CCNA is also a strong choice)
- And a beginner cyber security certification (Security+ is the industry standard and often a stronger choice than SSCP or GSEC)
Understanding essential IT, enterprise networking, and general cyber security will bring you to “Stage 3” of your cyber security journey (see our roadmap below).
It’s at this stage that you can begin applying to entry-level positions and choose to pursue a specialization (such as ethical hacker or incident responder) or become an advanced generalist (consulting, auditing, and risk assessment).
This is detailed further in our article, “Cyber Security Career Path: The 5 Stage Roadmap to Success.”
How to Start a Career in Cyber Security With No Experience
Even after obtaining a couple of certifications, most employers are going to want to see that you have hands-on experience.
But how are you supposed to get this experience if you’re not employed in cyber security?
More than anything employers want proof that you can handle the responsibilities of the job you’re applying for. If you can demonstrate your abilities they’ll consider you. Not all experience needs to be from paid positions.
Apart from more hands-on certifications that test your ability to use specific tools, here are a few other ways to showcase your experience:
- Volunteer
- Capture-the-flag competitions
- Bug bounty hunting
- Internships
- Attending conferences
- Completing labs and writing up reports
- Creating your own tools
- Become a teaching assistant at StationX
One of the most common ways aspiring cyber security professionals demonstrate their skills is by completing virtual labs and writing reports documenting the experience. Doing so not only gives you hands-on experience but also demonstrates your abilities.
Ask yourself what experience you have that is relevant to cyber security. Chances are you already have some, as we discussed earlier. Take a moment to look back and write down anything you think might be pertinent to cyber security.
At StationX, we have over 1,000 classes and labs for students to complete. After demonstrating sufficient expertise students have the chance to take on a teaching assistant role. This will give you the chance to instruct others, refine your skills, and work in cyber security in a more professional capacity.
We also help students with personal branding. It’s sometimes not enough to jot down a few skills and certifications on a resume. You need to present yourself as a more polished package to win over the ever-increasingly distracted attention of hiring teams.
In our members section, you’ll learn how you sell yourself as a product the same way you would a software or cloud service.
You’ll learn to leverage personal projects, blogs, labs, and your social media platforms to appeal to the company you want to work for.
The Difference Between Success and Failure
The only reason you’d fail to break into cyber security is if you stop trying.
Smarts have nothing to do with your ability to pivot, it’s all about grit and motivation.
It’s easy to make excuses as to why it’s not going to work out. Maybe the excuse will be that you don’t have enough time or that the material is too difficult to learn. Or maybe you’ll give it a shot, only to stop after encountering your first obstacle.
The only reason you won’t be able to make the change is if you give up.
- To set yourself up for success first begin by determining if and why you’re interested in cyber security. Passion will play a big role in maintaining the drive and focus needed to pivot.
- Recognize that it’s not too late to make the switch.
- Once you’re committed to transitioning, do some research and figure out the direction you wish to go in. Find a roadmap that works for you and understand that you can always go in a new direction as you learn more about the field.
- Once you can see the road ahead it’s time to build up skills and acquire industry certifications, which will prove to yourself and employers that you have the knowledge to break into the field.
- Don’t forget to evaluate the skills you already have in your toolkit. You have soft skills that transfer over to this new field. Identify them and use them for personal branding purposes. Also, take a moment to figure out which hard skills you need to acquire to get the job you desire.
- Once you’ve acquired skills, recognized what skills are working to your advantage, and polished your personal branding, it’s time to apply for jobs.
Remember that this transition will take time, but that with proper planning and motivation, success is a question of when and not if.
To ensure success we’ll equip you with the motivation, support, and tools you need to transition we’ve created the Accelerator Program.
This program addresses all the pain points newcomers face when breaking into the field. You’re provided with personalized learning paths to keep you on track, mentorship to answer your burning questions, a supportive community to lift you up, and of course, all the technical material you need to equip you with the skills and knowledge employers want to see in candidates.
Our goal is not just to supply you with courses and practice tests but also the guidance and motivation to meet and surpass your goals.
This program is your one-stop shop for everything you need to effectively transition into the industry of your dreams.
Conclusion
It’s never too late to equip yourself with the cyber skills you need to break into this booming industry.
The cyber security industry is vast and offers newcomers a myriad of jobs to choose from as they transition into the industry. You need only to consume the right resources, muster the motivation, and choose the career path that makes the most sense for you.
To learn valuable cyber skills, surround yourself with fellow motivated cyber security professionals and create a concrete path forward. We encourage you to join students also transitioning into the field as well as established cyber security professionals as a StationX member.
You don’t need a four-year formal education to make a successful career switch. You need only the grit and passion to learn new skills.
To get started on your pivot, we recommend exploring the following courses: