You are probably like me. You just started on a new career path aimed at Cybersecurity. Red team, blue team. Offensive, defensive. Networking security, app security. So much security that it makes you lost in the noise. Where do you start? What should you do? How to get a job in Cybersecurity? I don’t have all answers, but I have a few words on this topic, and today I want to share them with you.

Start somewhere

I am preparing for CompTIA Security+. However, having a certificate does not guarantee a job. It’s just a piece of paper, but you will get something out of it as long as you put in effort, time, and practice. So, start small, get a good overview of Cybersecurity, and see where it leads you.

Adjacent Job Experience

That’s an experience that is sometimes called a feeder role. In his article How To Get a Cybersecurity Job in 2021, Roger Huang writes that adjacent job experience can make a difference. For example, many people come to Cybersecurity from IT roles, such as network administration, system administration, or IT support.

My adjacent job experience is web development. So I know my way around terminal and code.

And this is just the beginning. Various programs help to bridge the gap in Cybersecurity.

SOC Analytics Roles

Roger Huang, in his article, mentions SOC analyst roles as an excellent way to break into the cybersecurity field. However, this is an entry-level role but can be a good starting point. You will need technical knowledge such as familiarity with industry-specific tools like SEIM and SOAR. Experience with command line and scripting. Knowledge about cybersecurity frameworks.

How to Become SOC Analyst

I have to admit, his article spoke to me personally. He clearly explained the situation, steps needed to get into Cybersecurity, and how this role can be an excellent way to start. To become SOC Analyst, you need to know how to code and systematically look through logs.

That involves Python, terminal, Linux commands. If some of it is intimidating, don’t get sad. There are plenty of courses that help you to level up. If you Linux or Mac system, you are already off to a good start!

The author also mentions Kali Linux and a set of tools it has. You need to know NMap, Wireshark, John The Ripper, Snort, and Metasploit for the Cybersecurity analyst level.

As for non-technical skills, you have to know some compliance frameworks. Author mentions CMMC, OWASP Top Ten, HIPAA, GDPR, SOC-1, and SOC-2.

And it is always important to be up to date with current trends in your chosen profession. For example, I have an RSS client, so I read news about particular topics that way.

Wrapping Up

I will focus on CompTIA Security+, but at the same time, I will do Python, Linux, and compliance frameworks as well. Finally, I want to try what Roger Huan suggests in his article. I hope this article helps and I will see you soon.