Like many others, I struggled to find my first security job. I eventually broke through the barrier by changing my mindset. I found that I had important cyber security skills that were desired. Every information technology job is important to the overall security of an enterprise. Anyone currently working in IT has or can build the right experience. I figured out how to get into cyber security with no experience.
How to get that first Cyber Security Job?
Some companies have junior cybersecurity positions. They will hire people with just a degree, or maybe even just passion and potential. These companies are great and are common enough that there are stories floating around social media all the time. Most companies, though, do not. They will filter out your resume or tell you at the interview you need more security experience. You wonder, how can you get cyber security experience if you can’t get a cyber security job?
What Are Cyber Security Skills
In order to understand how to secure something, you must know how that something works. Some like me learn how systems and networks function, how to fix them, then how to secure them. Some learn to code and write programs, and then how to exploit or write secure code. Some people learn about the laws of privacy or compliance, then learn why those laws are important and how effective they are. The examples go on, but the point is that security work is considered a higher tier of skill. Cyber security skills are usually built upon a foundation of other skills.
How Did I Change My Resume?
The following are just some examples of how what you are doing can be viewed as important experience for security. I will emphasize my personal examples because it is what I know, but my way is not the only way. I began my career on a help desk, then I moved to a system/network administrator, and finally a system engineer. I thought I was just doing break/fix work, but it was more than that.
Working on a help desk might seem the furthest thing from working in a security role. It was basic break/fix work, writing tickets and talking to customers most of the day. Helping users reset their passwords is something that was done a lot, too. Help desk personnel fix minor issues that hinder the customer from performing their day-to-day functions. This includes troubleshooting e-mail and slow performance, password resets, account unlocks, and more. Availability is an equal piece of the cyber security CIA triangle.
Access Control Management
Another vital task performed by some help desk personnel is processing change requests. If someone wanted access to something, they would submit a ticket. The help desk individual must make sure they have the authority to access that data and only then are they granted permission. They would then remove permissions from a user that left a department. If the requestor moved to a new job within the company, they would submit for new rights. If they left the company altogether, their account should be deleted after a short period of time. These tasks are all part of access control, an important piece of any security program.
Emphasize On Your Resume
When rewriting my resume to get a job in information security, I changed the help desk portion to reflect this. I put emphasis that on the help desk you were a part of the organizations’ access management program. When asked about it in interviews, I was able to explain the importance of removing permissions and deleting accounts. Sometimes people request permissions they should not have, and it is important to know who to speak to within the company. Be able to speak to the importance of these two things.
A System Administrator is not usually considered to be working in cyber security either, but they perform vital security-related tasks. They are boots on the ground for inventory, vulnerability and patch management. Without an inventory of all equipment, an organization does not know its vulnerabilities. If they do not know their vulnerabilities, they do not know what patches to deploy. One of the most important programs to the CISO of a company is the inventory control because it lays the groundwork for the other two programs.
Sometimes, The Best Ability Is Availability
Depending on the company, system administrators can create user accounts and manage permissions, like Help Desk personnel. When users have issues the Help Desk cannot fix, like complex applications or hardware issues, the administrators will troubleshoot and repair it. Learning how to use key troubleshooting tools is valuable as well. This work helps with the availability of systems and software.
Emphasize Your Experience
Being able to speak about the value of proper inventory, vulnerability and patch management is great. When tuning a resume with System Administrator experience, emphasizing these three areas is key. These are the foundations of any good security program in organizations. Being aware of these will demonstrate at least the entry-level cyber security skills companies look for.
A network administrator is another job that has some cyber security responsibilities without the title. I managed access control lists (ACL’s) which are important to control the flow of traffic. Controlling flow is also an important function of security. ACL’s should limit traffic to sensitive areas of the network to essential traffic only. There is patch management for IOS versions on the routers and switches and upgraded networking equipment too.
Hardening And Analysis
Learning to harden routers and adjusting the IOS settings are important aspects of this job. Being able to read config files and understanding the code is important to make sure the most secure settings are in place. Working with VPN’s, learning about how tunnels work and how encapsulation works were insightful. A tool used to analyze network traffic called Wireshark is also a common tool used in network security.
Basic TCP/IP Stack
Understanding the basics of configuring networks, routing and switching are key fundamentals that can be useful in cyber security. On resumes, showing that there is an understanding of the TCP/IP stack is important. Knowing common ports and protocols is also a required fundamental. Some common interview questions are to list some, and talk about how they work.
A typical system engineer has various responsibilities that could be useful for security. Engineers design systems, architectures, programs. Accreditation is an important government process where systems are rigorously tested to make sure they pass standards. Several security frameworks exist that they may have experience with including ISO, NIST, etc. Some system engineers work directly with security appliances without a security title.
Scripting Is Very Important
Some system engineers develop solid scripting skills. Scripting is extremely important for security work. It can be vital to understand languages like PowerShell, Python, or SQL to name some. These can help you put together a script to query a database or collect the required data. Familiarizing yourself with BASH can be very helpful as well. Many forms of Linux are used as a basis for operating systems on various security appliances.
Make Sure To Include This Too
To tailor a resume with this type of experience is easy. Putting emphasis on scripting skills is valuable no matter what the job is. Understanding architecture is key as well because that means you understand where security appliances should be in a network. Accreditation experience is valuable whether working in government or not because the private sector tests their systems as well. Understanding how to calculate the effect of new hardware and software into an enterprise is important knowledge.
List Of Cyber Security Skills
During my career, I had built a resume with cyber security skills. I held multiple positions that taught me some of what I needed to know. My failure was not putting that on my resume properly. Once I touched up my resume to highlight my cyber security work experience, I got more interviews. More interviews equal more chances to show my enthusiasm and passion for the industry. All it takes is one company to extend you an offer. The skills that I highlighted were:
- Understanding of Access Management principles like least privilege.
- How to maintain availability and why it’s important.
- Understanding the importance of inventory control, and how it relates to proper vulnerability and patch management.
- Describe the TC/IP handshake.
- Understand how network traffic flows, and how to control it with ACL’s and Firewalls.
- Being able to view and dissect packet captures.
- Some understanding of layers 2-4 in the OSI model.
- Knowledge of architectures and frameworks, and some benefits to using them.
- Knowing how to write and troubleshoot scripts.
- Understand the basics of security appliances and where to use them within an enterprise.
- Know the differences between Linux and Windows OS, and be comfortable within the environments.
Do Not Have This Experience?
If you have not worked one of these jobs, the skills mentioned can be learned and some practiced in a home lab. They are universal to the field of security or information technology in general. While your career is young, it shouldn’t matter how or where you pick up the foundational skills. Sometimes, doing simple tricks to prepare for the interview can be the difference. Making a good first impression is underrated and often forgotten.
There are many ways to learn Cyber Security Skills such as those listed above. There are tons of resources including books, ebooks, videos, and websites. I have an entire page dedicated to the best cyber security podcasts. Resources are easy to find but take time to digest. If you find yourself struggling, you might be better off trying a different resource.
There is an article on Dice, a job board, that talks about non-technical cyber security skills. It talks about management skills, soft skills, and implementation skills. I wrote about that here as well. One of the most difficult things to realize as a young technician is that a company is in business to make money. Sometimes they might make decisions based on the money involved that might not seem safe, accepting the risks involved. Being able to see the big picture is important.