So, you want a job in cyber security? It can be daunting trying to land your first job in a new industry, whether it’s a career change, your first job out of high school, or getting work in the industry while at university. The cyber-security industry is an exponentially growing field of work not just in Australia but on a global scale. There aren’t enough professionals in the field to meet this demand, with estimates of the Australian cyber workforce needing an additional 17,600 professionals by 2026 according to the institute of data. As a result of this high demand, companies will pay big bucks to hire cyber-security experts.
The rapid change and advancement we are seeing in the technology industry means that every cyber security professional is always learning and updating their skills to keep up with this growth. So, many companies will invest in your training and development as a cyber professional as no matter what level you are all professionals are constantly needing to develop and renew their skills. The industry is desperate for people so if you can show interest in learning about cyber security and you want to work in the industry then you are already halfway there to getting that cyber security job.
This article with discuss:
- Where to start and recommended learning material
- Building your resume
- How to reach out and expand your network
- Stories from industry workers
Where do I start?
Firstly, if you are a TAFE or university student don’t wait for your degree to finish before looking for a job. Companies need people in the cyberspace and will hire motivated individuals and support their journey through their studies and career. If you’re already studying in the field, it makes you a valuable asset to these companies as there is confidence that you would be a good investment. There are government programs as well as private companies that support students studying in these fields. You can work part-time throughout your degree, and in the end, have 4years of experience under your belt.
Whether you are a student, someone making a career change, or just looking at getting into the industry the first thing to do is to learn. Start by building your skills and learn about the fundamentals of cyber security. Start broad and then figure out an area you like and constrain your training to that niche. Once you have a specific profession in mind google jobs with that title. Read through job postings in your area and see what the requirements are to land this job.
Here are some free training resources to start you off:
Udemy has a huge range of free and fee-paying courses to explore. This is a good start to learn some of the fundamentals of cyber security,
CSU free short courses
Charles Sturt University offers free short courses in a range of IT and cyber-related topics. Coming from a university this is quality content and can even be redeemed as university credit if you are studying.
Black hill infosec
Another great resource that is packed with information. Also, check out their YouTube video and sign up for their live boot camps and webinars.
Splunk is one of many SIEMs which analysts use to investigate and monitor computer systems.
Most businesses are using the cloud in some way making cloud security important. Azure is one of many cloud providers and learning about its system is essential to working in cyber security
AWS is the Amazon cloud service, another common cloud provider.
This is the red team training central. It covers everything you need to know about hacking and using burp suite (a popular red team tool).
Blue team training
If you are more of a blue teamer this training module is for you. It provides introductory courses to certification preparation.
TryHackMe is the go-to for cyber security training in all areas starting with beginner levels and worth your way up to harder ones. It goes over different tools, systems, and strategies used in the industry.
Microsoft offers heaps of free training material that prepares you for industry certifications. You can sometimes sign up for a Microsoft training webinar and get free exam vouchers for these certifications.
With such a high demand for cyber security services, companies and governments are always trying to get people involved in the industry. Simply by being proactive and taking the learning into your own hands you tell a lot about yourself to an employer. Showing initiative and dedication can be enough to land you your first job without having work experience.
Build your resume
As someone working in the industry, I can tell you many of the people I work with don’t have a degree or started with any qualifications at all, and some of the ones who do have qualifications obtained them through on-the-job training. An important thing to remember when applying for any job is that everyone is unique and brings something to the table. If you can effectively promote yourself and present what qualities and skills you provide then you are already halfway there to landing the job.
As you complete short courses and online training put every single one on your resume or LinkedIn profile. Once you begin to have more confidence with what you’ve been learning add a separate list of skills. Doing so will demonstrate all the hard work you have put into learning about cyber security again emphasis your proactive and hardworking skills.
Using what you have learned start playing around with things and build not just your theoretical experience but also your practical skills. You can do this by setting up VMs, participating in online labs, playing around with hardware, etc. Build, break and create things from what you have learned and add this to your resume. Presenting your previous projects when applying for jobs shows your problem-solving and creative skills which are the core skills of any cyber security professional. In a job such as a penetration tester creativity is needed to find new backdoors and exploits and is a valuable skill to have.
Your last addition to your resume is something that is often not talked about. Addressing your travel experience is a unique and important aspect of an individual. You can work in cyber security all over the world so showing international connections and cultural experience are respected by an employer. Whether the company has clients in that area or experience working with a system used in a different country it is worth noting your travel experience.
Next is to apply for jobs, ensuring you tailor your cover letter to the employer. Address the skillset they mention in the job description and provide details of where and how you have used it. Whether it’s something as simple as a university assignment or work you have spun up in your home lab, you should always address the exact criteria in a job posting and relate it to your own work.
- Promote yourself
- Add all your training and the skills you have learned to your resume
- Include projects and past work you may have done
- Discuss travel experience
- Personally tailor each cover letter to the employer.
Reach out and expand your network
Don't wait for a job to come around, make the opportunities happen for yourself by reaching out to your network or companies of interest. By making those connections in the industry and expanding your network something will eventually come up. You can do this by:
Going to meetups and joining groups
Find your local cyber security community and attend meetups. Here are just a few around Australia:
Melbourne Cyber Security Meetup
Cyber Security Melbourne
Sec talks Canberra
WIC woman in ICT
Sec talks Brisbane
OWASP Sydney Chapter
Sydney Cyber Security meetup
Cyber risk meetup Perth
Perth Dev Sec Ops
Network security study group
Sec talks Adelaide
ACS – Australian Computer Society
AWSN - Australia woman in Security Network
AISA – Australian Information Security Association
Attend events and webinars
Not only is this another opportunity to learn but it is also a great way to meet people in the area and make connections. Here are some events held online and in-person:
Bsides is a big hacker conference held in Canberra. People from all over Australia attend and present at this event.
Woman in Security Awards
This is the largest security awards dinner. They hold a gala and dinner event at the end of the year awarding nominated Australian for their work in the field.
Black hat are known for their muti-day cyber security event series presented all around the world.
CyberCon is run by AISA is a yearly conference presented by both local and global experts.
Reach out to people and companies
By doing this you are going to stand out from all the other applicants. Whether you are contacting about a job, work experience, or trying to make a connection with another professional you should never hesitate to reach out and make those opportunities happen for yourself.
Stories from Industry Workers
“The story of how I got my first job in cyber security is a bit bizarre. I was working at a bakery; my manager and I were talking about how I was planning on studying cyber security at university the following year. She then mentioned that this man who comes in to get bread every morning works in cyber security.
One morning I was working the open shift and the man walked in. I gained the courage to bring up that my manager mentioned he worked in cyber and that I was interested in the area too with plans to study next year. We got into conversation and exchanged numbers. A few weeks later he invited me to a SOC tour with another company. I then organised work experience through the company hosting the SOC tour that led to a job offer for when I finished high school. It’s amazing to think that none of this would have happened if I didn’t speak up one morning at the bakery. I am now working part time with this company while studying full time at university.”
“I have been working as a PE teacher for the past few years and haven’t worked In IT for about 10 years. I was struggling to get back into the industry and I didn’t know where to start. I reached out to people and got recommendations for online learning and started to redevelop my IT skills. I had a contact who worked in cyber security, and they organised an interview for me. That night I get a call and got the job.
I was a bit unsure as to how much I could bring to the table being out of the industry for so long until my first piece of work came in and it was to help develop a cyber security course for a TAFE. My teaching experience from my previous job came in really handy with this piece of work and made me perfect for the task.”