cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Sonia-01
Newcomer I

Looking for help - Entry Level Cyber Security

Hello everyone,

I am looking for some career advice with a entry level Cyber security roles within the UK.

I have recently passed my CC and have my certification, I am also lucky enough to be gaining valuable

work experience with a  IT Company in the UK, Which i feel will help me along the path of

complete career change. I Have many years of customer service and combined with my certificate and work experience im hoping i am on the right path to secure a job.

Any advice would be much appreciated and thank you for taking the time to read my post.

10 Replies
nishantrege
Viewer

Hi All

 

I have 20 years of experience in Software Testing including 2 years in Identity and Access Management Testing. I have completed my Certification in cybersecurity and am looking for entry level cybersecurity jobs. i am based in Melbourne Australia.

 

Any help would be greatly appreciated.

 

Thanks

 

Nishant

Sonia-01
Newcomer I

Thank you for your Reply and will check out and research the link you gave me.

Sonia-01
Newcomer I


Thank you for your reply.
Reading your suggestions are of great help to me as it helps to expand my mind with what is possible for me in the future.
Now this is interesting CSM - i will do some research on this, I have" the interested in people and empathy and understanding them". 
" Before the" WHY" Is My "What IF" this happens is biggest part of me, Example - a simple car journey i will end up with so many scenarios with what might happen, if this happens what can i do to solve the problem, what countermeasures can i put in place, what backup can i put in place. Nothing goes wrong on the journey but my back up plans are there ready if needed , Being a Artist as well i have a very creative and imaginative mind. 

I am studying ITIL V4 - so your suggestion helps me to know i'm definitely on the right path with courses i am learning. i am also studying BCS Cismp.

Once again thank you for your advice and Have a Great Day.

Sonia-01
Newcomer I

Joepete
Thank you so much for your reply.
Yes i do have many many years of customer facing experience and a natural flair to talk with people in person on the phone,
 where building a connection and relationship with the person is more difficult - I am very much a people person empathy and understanding wanting to help.
Although Help is one of humans - weakest points in defense of protecting all Security. All of the training goes out the window and security aspects are forgotten in the moment of helping.

 

Which for you Tech people makes life very much more difficult. So in a way i am learning from a different approach what the Customer wants and needs (end user) down to service desk - hardware.
I would be great at a job where i get people to look before they leap and how them changing their behaviour in one small way can make a big difference or just stopping to help them think for a moment before they decide to leap .
Really appreciate you taking the time to Reply to me. Have a Great Day.

Early_Adopter
Community Champion

That Experience puts you in a better place than many people asking for entry level cybersecurity jobs.

I think that building, imaging, configuring, retiring and maintaining systems is solid experience, as is ticketing, if you find yourself working with ticketing etc and their is a path to turn into paid work then an ITIL foundation certificate could help. Also the Operations part of DevOps came from people doing operations in general. A year or so here with a big company could help you to move laterally into a security role.

Here’s a coupe of other defined options for you to explore:.

Given your tool experience then a possible stretch goal might be to find an endpoint SOC analyst role working with alerts and Endpount Detection and Response (EDR) tools, this tends towards shift work and is useful in that there are playbooks in these places with relatively well defined SOPs. An incident comes in and generates an alert and is then enriched with information about what happened to trigger it and the additional context. You then need to investigate, collect information and decide on the next course of action - was this a genuine incident? Or were developers just integrating notepad and calc into teams via powershell again..? As part of the blue team you not only get to find out, but fight the real enemy… The Red Team! 😛

To Joe Pete’s consideration customer service and diffusing, managing situations potentially opens up an intriguing option for you. Customer Success Manager(CSM) working for a Cyber Security vendor. This is a pretty decent in (even though it’s quite oblique) as it tends to pay well in comparison to early years cyber security. Jobs with vendors tend to be highly sought after, but for CSMs there are not frankly many people that can do it well as you have to e interested in people, empathic(but also consider what’s possible) and have broad understanding(your statement on principles may indicate you’re interested in “why” and that leads to framing problems before trying to solve them which can be expensive but is really required for difficult technical issues. If you get a role with a vendor then there is huge opportunity to train on there products and massive encouragement to do so.

Good luck!
JoePete
Advocate I


@Sonia-01 wrote:

My experience is within different departments from service desk - requests - image Laptops etc, I will be covering Change Management, Incident Management.


Change Management means different things in different contexts. I think what we often lack in IT and security is a good sense of the human aspects of change and governance. We tend to focus on functional and technical requirements without really understanding the human dynamics. I put that out there because you seem to have some customer facing experience and it could be valuable as more and more security responsibility gets diffused out to employees. This is the deperimeterization trend, and I think we'll continue to see this as individuals and companies rush to new technologies.

 

It's another way of saying don't doubt your experience or skills. Yes, there are some details and technical knowledge you need to develop, but if you can teach people and work with them, you have something to offer. A lot of this job is about changing behavior or at least getting people to look before leaping.

tldutton
ISC2 Team

For resources in your area, check with the UK Cyber Security Council (UK CSC) (https://www.ukcybersecuritycouncil.org.uk/about-the-council/).

 

We've partnered with them on a number of issues.

Sonia-01
Newcomer I

HI Thank you so much for your reply and giving me valuable advice from your years of experience

 

Really appreciate the feedback and what i need to consider on the next steps,

As for my work experience it is unpaid and clocking up about 16 hours per week.What i enjoy is the continual 

learning and improving elements.

My experience is within different departments from service desk - requests - image Laptops etc, I will be covering Change Management, Incident Management.

My area of interest is in Security Principles. 

I will look into the courses you have suggested.

Once again Thank you so much and have a great day.

Early_Adopter
Community Champion

A quick postscript this is a very nice resource covering the many specialisations, including cybersecurity, in IT.

https://www.reddit.com/r/ITCareerQuestions/s/cI5XbGtqvr
Early_Adopter
Community Champion

Hi Sonia, congratulations on passing your CC exam.

Starting with entry level cyber security roles friendly doing things on hard mode, not saying you can’t just that you’re less likely to get one than if you have experience in IT, so congratulations! Your having IT work experience is helpful and working out how to present that, and what it helps with is important so do put a metric on it, paid unpaid, and do think about how that can help. More is better, so do see if you can carry on in IT as most of what is done has a security element.

Now for the CC there are three things where you need to be cautious -1) it’s not widely known as yet, so do search for it daily in linked in, job sites and note which jobs need it. 2) it doesn’t have any hands on, most entry level jobs require use of tools - consider Security+ and Google Certified Cybersecurity professional(google has Career circle and Security+ is widely accepted(MS/Amazon/VMWare/CISCO and other certs help.

Join you local ISC2 chapter, however while I may be out of date in the UK ISSA used to be the one to join, huge and friendly membership.

Feedback your daily job search reasearching into your CV/Resume writing focusing on ho you relate to the keywords you see and look for those trainee roles, being prepared to travel relocate - after the Army and moving into IT and security about a year later I lived in five towns within a year and a half contracting, and even quit twice in disgust at my employer’s venality this settled down and my next role was eighteen months, and after that I still work for the company I started with fifteen years ago.

Lastly always think about the roles that make sense to you and you think you understand them - many people when asked about that don’t have a clear, lucid and sensible answer they can talk fluidly about. Make a mental model and refine it as you get better data.