IT is a constantly expanding sector with its ever-increasing demand for skilled talent and the projected scope for growth within the next few years. This is especially true for the Information Security subfield for which the vacancies are drastically going up while the workers are struggling to catch up in learning the craft.
Although the term “skills shortage” may sound intimidating, don’t let it deter you.
This is great news for anyone wanting to enter IT and cybersecurity fields: there is a legitimate need that needs to be met. Your job here is to determine whether you can fulfill this need and whether a job in this sector will ultimately fulfill your goals, both personal and professional ones.
When I am asked by seasoned professionals about what it takes to enter IT, how can they make a move into cybersecurity or another IT field, my advice tends to not vary much, depending on an individual’s circumstances. Whether you are a current IT professional or someone wanting to enter IT/cybersecurity from an unrelated field, the following steps should help you carve out a solid plan that is realistically achievable.
1. Envision yourself at work
Before doing anything it is important to understand what do you see yourself doing at work on a daily basis? This helps out “eliminate” the plethora of noise out there in the form of job listings. IT and Cybersecurity are very broad fields. You could be a Cybersecurity Engineer inspecting and configuring network firewalls, only to find out another professional with the same title is reverse engineering source code.
If you were to make a switch to this field, what kind of work would you be interested in? This may take some independent research and talking to existing professionals in the field is an excellent idea to get acquainted with the real-world duties which may be expected of you. The point here is to set a target and not be misled by Hollywood into believing that all security jobs would be fancy hacking gigs out of a Bond movie. Within every fields there are can be a dozen subfields and within each subfield a hundred different kinds of jobs.
2. Have a backup plan
You want to be strategic here and have a contingency plan. What if you don’t end up liking your new job? Would returning to your existing one be easy? How about testing the waters first? An ‘undo’ button in real-life would be handy if there was one.
To address this dilemma, I recommend that folks follow what I call, a “free trial” approach: to stick to their current job in the beginning and start exploring if making a lateral shift within the same company is a possibility. For example, if you have been a Database Administrator for years and are curious to explore Cybersecurity, see if there is a Cybersecurity team at your workplace. Chances are you can at least shadow them if not take onto a simple project or two with the management’s approval. In this manner, if you end up absolutely hating the day-to-day work in that field, rolling back to your current role would be effortless.
3. Search for job listings but don’t apply yet
To get a feel for what kind of work you may be interested in, it’s helpful to check out online job boards and career sites like Glassdoor and LinkedIn. Start with the generic keywords and narrow down your searches based on the many job descriptions you’ll be sorting through. As an example, if you are more for policymaking, business and compliance-focused roles, your keywords may better off be “GRC security jobs” as opposed to broader terms.
4. Compare what you have now to what you need
Often times, contrary to our internal fears and beliefs, nobody is ever starting from a zero. Depending on the listing you are looking at, chances are you already have at least some of the skills expected for the position and need to learn others. After browsing through a handful of listings in the areas you can comfortably envision yourself working in, you should now have a good idea about where you are now, where you want to be and what you need to get there.
If you want to be a Network Security Engineer and the job listings in this area specify a certain certification as an absolute requirement, then that is what you need to work towards.
5. ‘Meet’ the skills gap
Meeting the skills gap is now likely to feel slightly more achievable because of increased focus on your end. If a job requires the knowledge of Python language, hands-on experience is easy to pick up, thanks to YouTube, Udacity, Udemy and other MOOC platforms. Similarly, self-teaching via online tutorials may not earn you a credential but it gives you something that’s practically useful: the confidence to declare, “yes, I know the subject,” on your resume, along with links to a hands-on project or two. To a prospective employer, this is excellent proof demonstrating your capability in and knowledge of the subject.
6. Craft a killer resume
At this stage, you should craft a resume which is geared towards the specific jobs within the subfield you’d like to work in. Be thorough demonstrating your previous work experience in the sector along with any applicable certifications earned, and initiatives undertaken by you to meet the ‘skills gap.’
In the next few steps, we will reuse this “template” resume and very slightly modify it prior to applying to a specific job at a specific company.
7. Revisit those listings – apply now
Now is the time to revisit the job postings of your choice, only this time with the intention of applying. Meticulously read the job description for each listing and tailor your “templated” resume to match the requirements of the listing as closely as possible, while maintaining integrity. This is not cheating. You are making it easier for the recruiting managers who find your resume among hundreds to check all the boxes on their end.
If an IT job requires experience with setting up 2FA solutions, and you have done so at a previous job – even in a minimal capacity, or for a school project, it would be advisable to include this milestone within your past job experiences on the resume. On the contrary, if a past job experience lists bullet points which are not as relevant to the gig you are applying to, it might be better to take those out. The objective of a resume is to help you grab the recruiter’s attention and to land your first interview at a particular company.
Following all these steps in order, it is very likely that you’ll land your first IT job in a relatively small amount of time. In this way you can channel your energy and resources into working smarter towards your career goals with results which are realistically achievable and lasting.