We talk to a lot of people who want to know how to make their next career move. People are looking for not just better pay, they are looking for opportunities for professional development, better work-life balance, and permanent remote offices. Covid-19 has brought some changes to the workplace and the way we interview for jobs, but one thing remains the same—there is still a shortage of qualified cybersecurity professionals.
Here, we’ll talk about advancing your cybersecurity career, whether you are looking for work or are thinking about changing companies, and ways to find a job you’ll love.
With many roles and responsibilities in the cybersecurity field, there are numerous ways for someone in infosec to work their way from entry-level to a more advanced cyber career. For example, starting as an IT auditor or security analyst can give you the experience needed as a penetration tester. From there, roles like security architect and security engineer can take you on to a management role like information security manager.
As you consider your cybersecurity career pathway, it certainly helps to understand the skills and certifications that will position you for advancement into these roles. But, almost as important is understanding where you want to go and what kind of role you want to play.
Talk to the people on your team, and within the cybersecurity industry, about how they got to where they are. Did they start on the help desk? Did they focus on honing specific skills? What are the attributes they consider valuable to advancement? This knowledge will not only show you what to do to land the role you want, but also help you discern which jobs provide the most opportunity for career advancement.
Unfortunately, the economic downturn brought about by Covid-19 has led to downsizing in all industries, even vital roles in cybersecurity. That’s the position Stefan Rajaram, now a global information security assurance analyst at Crane Co., found himself in earlier this year.
“The roles that are out there right now are mainly senior roles and required a lot more years of experience than I already had,” said Rajaram in an interview with CyberSN Founder and CEO Deidre Diamond.
Instead of fixating only on the job hunt itself, Rajaram said he treated getting a new job like a job, spending eight hours a day applying to positions, and also doing online training and advancing his skills. As a pen tester, he focused on red teaming, a skill he later heard from a recruiter was a must for a position he was applying for.
Hear more of what Rajaram learned during his job hunt here
Opportunities for advancement often present themselves when you’ve already got a job, sometimes when you weren’t even looking. Chad Fame started his job hunt when he was approached by a CyberSN recruiter. Although he had been approached by a recruiter before and found that job was not a good fit, the option presented by CyberSN “was a good opportunity to explore.”
“I was coming from a place where I had a job, I was comfortable, I knew where everything was,” he told Diamond. “Coming in to look for a new job, or interview for one, is kind of daunting.”
Among the things to consider is whether the company where Fame was interviewing would be doing well six months down the road. He said if a company is putting the effort into hiring now, “they have the work that needs to be done now and in the future.” However, he still wanted to ask the right questions about where the company was going, including if there were cuts planned.
Asking the hiring manager the right questions is especially important during today’s job climate to ensure the move will be the right fit, including whether the team can remain fully remote, if there is opportunity for training and mentoring, and availability for other benefits that can drive a cybersecurity career in the right direction.
Getting to this stage of career development for Fame was the result of working in a number of different industries, including legal, pharmaceutical, and healthcare. Fame said he gained cybersecurity experience by working on audits and compliance. From there he moved into risk management. Having a variety of experience can give cyber professionals more options when seeking the next opportunity, and helps when negotiating compensations with a new employer during the hiring process.
When leaving his old position, Fame told Diamond he got a counter offer from his previous employer and that anyone looking should be prepared for that conversation too. Companies want to retain their talent and could offer you what you’re looking for if they’re at risk of losing you.
Hear more about Fame’s interviewing experience >> “Career Advancement During Covid”
With career advancement comes increased challenges and responsibility, but also greater compensation. Diamond said in the “Career Advancement During Covid” interview that cybersecurity professionals should be ready to negotiate.
“Compensation is more than just salary,” said Diamond. “When you’re in the conversation of salary, make sure you’re in the conversation of total compensation at the same time.”
Salaries may differ depending on the company’s compensation structure, including bonuses, stock options, benefit plans, vacation time, how often you have to be in the office, the cost of living in that region, and many other factors. Once an offer has been made, professionals should evaluate the opportunity based on the whole package.
“It is ok to keep talking if you don’t have what you want,” she said.
Even with some uncertainty in the job market, there are still many opportunities at leading companies, and it’s clear that organizations are willing to negotiate to get the right person for the position. Building your skills, knowing your worth, and having a great resume to show it off can help any cyber pro make the next move in his or her cybersecurity career.