Breaking Into Cybersecurity: My Journey and Tips for Success

Breaking Into Cybersecurity: My Journey and Tips for Success

“How do I get a job in cybersecurity?”

This is a question I often hear, along with many other cybersecurity professionals. Despite the well-documented shortage of skilled professionals in the field, breaking into cybersecurity can still feel like an uphill battle for many.

From my experience, there are plenty of people interested in the field, but few who possess the right skills to make it. So, how does one actually get into cybersecurity? The truth is, there is no one-size-fits-all path. Everyone on my company’s InfoSec team has taken a unique journey to get here. Many, like myself, didn’t even start in cybersecurity, but have since built thriving careers in the industry.

My Journey into Cybersecurity

I didn’t follow the traditional path of higher education. In fact, I didn’t go to college at all. I was stubborn and had my sights set on becoming a helicopter pilot, despite my parents’ advice. For anyone who’s looked into flight training, you’ll quickly realize it isn’t cheap. At the time, my family and I had just immigrated to the U.S. from South Africa as I was finishing high school, and we certainly didn’t have the financial means to pursue this dream.

I started working in IT right out of high school, and after some time, I borrowed money from a relative to chase my dream of becoming a pilot. I spent a month making four-hour drives to attend flight school, but it quickly became clear that the cost of becoming a commercial helicopter pilot would be astronomical. After spending nearly $20,000 in that first month and barely learning to fly, I decided to return to my IT job.

Over the next few years, I dabbled in various things but always found my way back to IT. It was something I was good at, though it didn’t excite me.

Then, I found myself at my current company—a SaaS firm in the middle of hyper-growth. They needed someone with a solid technical background to join their support team. It wasn’t exactly what I wanted to do, but the company was fantastic, and the opportunity allowed me to move to Florida. This was a pivotal moment in my career. I was fortunate to join the company as the 250th employee; today, we have over 1,000 employees. This hyper-growth didn’t just benefit the company, it also propelled my own career forward.

About eight months into my role, I had a conversation with our CISO, who was struggling to find an experienced cybersecurity professional to join the team. With some luck and a lot of persistence, I managed to land my first role in cybersecurity as a Junior InfoSec Analyst. It wasn’t a glamorous title, but I had my foot in the door, and that was what mattered.

Over time, I proved my skills, earned a few certifications, and was promoted within my first year. As the workload increased, we grew the InfoSec team, and now, I’m the Senior Director of Product Security, leading my own team.

How to Break Into Cybersecurity

So, what does it take to get into cybersecurity?

Take any opportunity you can get. Getting your foot in the door is the first and most crucial step. Experience is the most valuable asset in this field. Once you’re in, you can start building your skills and moving forward.

Stand out from the crowd. With hundreds of people competing for the same roles, you need to differentiate yourself.

Is college necessary? If you have the financial means and desire to attend college, go for it. But remember, a degree alone won’t necessarily make you stand out. While college can help you land entry-level jobs and internships, which are great for gaining experience, it’s the experience itself that will set you apart. I also wouldn’t rush into getting a master’s degree right away. Focus on building practical experience first—graduate education can be valuable later in your career, but hands-on experience is priceless.

How to Stand Out

1. Certifications are key. At a minimum, you’ll want to obtain the CompTIA Security+ certification. Many entry-level jobs require this, especially those that involve security clearance. But don’t stop there. Look into more advanced certifications like penetration testing (Offensive Security certifications are highly regarded). While CEH (Certified Ethical Hacker) might look good on a résumé, it’s widely considered less valuable in practice.

2. Try cloud security. Cloud technologies are huge right now, and having certifications in AWS, Azure, or Google Cloud can give you a significant edge. There are also specialized cloud security certifications from organizations like ISC2 and CompTIA. Research and plan. Don’t just blindly pursue certifications. Take the time to research what area of cybersecurity you’re passionate about and what skills are in demand. Having a broad range of knowledge and certifications will open up more opportunities.

3. Learn Python. Being able to automate tasks in cybersecurity will greatly enhance your career. Whether you’re pen-testing or writing custom scripts to alert on high-priority security issues, coding skills are essential in nearly every cybersecurity role. Take courses on platforms like Udemy, build scripts that solve real-world problems, and host them on a public GitHub repository to create a portfolio. Showcasing your coding projects proves your skills to potential employers and demonstrates your initiative.

4. Be a real hacker. Start with Capture The Flag (CTF) platforms like Hack The Box and Portswigger Academy to hone your hacking skills. Once you’ve gained confidence, take those skills to the real world by joining bug bounty programs. Not only can you earn money, but these programs also provide valuable real-world experience that will impress future employers.

5. Interested in AppSec? Become a developer. If you want to excel in Application Security, it’s critical to understand how developers work. Start by building your own web application. Having a strong grasp of how Model-View-Controller (MVC) applications work and a good understanding of JavaScript for frontend frameworks will help you test applications and identify common vulnerabilities. By knowing what mistakes developers often make, you’ll be better equipped to find and exploit security issues. Build a real-world application, or even a side business, and add this project to your portfolio. This hands-on experience will make you stand out from the competition. There are plenty of resources on Udemy and YouTube to help you get started—just pick a framework like Laravel and dive in.

Wrapping up

Breaking into cybersecurity can seem daunting, but with persistence, strategic planning, and a commitment to gaining experience, it’s a very achievable goal. There’s no single path to success, but the key is to make the most of every opportunity and continuously sharpen your skills. Whether through certifications, internships, or on-the-job experience, the cybersecurity field offers vast opportunities for those willing to put in the work. With the growing demand for skilled professionals, there’s never been a better time to get started.