Hi All,
I have recently completed Certified in cybersecurity certification and also the SC 900 Certification. My aim is to make a career in cybersecurity but don't know where to go or what skillsets to target. I have approx 20 years experience as a Project, Program manager ; last 13 years managing complex IT infrastructure projects . I do have a basic understanding of the various technologies but lack hands on experience on networking. I do have PMI/Agile based certification and looking forward to upskilling in cybersecurity or IT security but dont quite know what path to take. at this time. My concern is that at this stage of my career, is it possible to move to a cybersecurity role or IT Security without the necessary technical background experience?. Appreciate all your thoughts and suggestions.
Regards
Cybersecurity doesn't have to be technical. In fact, it starts with leadership. Companies make decisions to protect the value of their technology. A former supervisor got into a grad program for a master's in IT management, and he barely had an esoteric exposure to technology prior to that.
If you're looking for technical exposure with a focus on security, pick up an SSCP or Security+ book. I think you'd find the reading fairly enjoyable.
Speaking from experience, you don't necessarily need to have the technical background to transition to information security as long as you have the will to learn. I used to work at a company as a compliance executive - my educational background was law and anti-money laundering. When an opportunity presented itself, I showed an interest in helping in the network setup of our new office and eventually moved to a devops engineering role and straight on to security after a short while despite not having technical experience in the security domain. The learning I did on the job as I went along (with the right support) and the experience I gained were phenomenal.
So, go ahead and give it a try - it's well worth the effort (and it's certainly possible).
Goodluck!