Thinking about doing a mid-career transition to a cyber security position?
It is a great field to get into. There are currently millions of unfilled cyber security jobs in the US and countless more around the world. There simply are not enough qualified applicants to fill these jobs.
Because qualified applicants are limited, the salaries for cyber security jobs are on the rise. It is very common for cyber security positions to pay in excess of 6 figures to folks who have some strategic IT certifications and just a few years of experience.
In your 30s, 40s, or 50s?
It is never too late to get into cyber security. I know plenty of folks in the industry that got started their 40s and 50s. With age comes valuable experience. Combine your current experience with some cyber security training and you will have a great head-start over many of the younger folks who are trying to break in the cyber security industry.
Perhaps you have years of experience in management, sales, teaching, or another profession where you deal with people. Such people skills can make you very attractive to a technology company. Many people who get into the field are introverts. A whole team of introverts requires leadership and someone with the interpersonal skills needed to deal with the clients and manage the people. With a little bit of cyber security education and a few certifications you will be able to talk the talk, understand the mission, and become a leader or manager in this growing field.
Here is what you need to do:
You first need to prove that you know the basics. If you have been working with computers your whole career then you probably have a good head start on your transition. If you have little experience with computers then you have a bit more work to do.
Step 1: Get Certified
The first thing that employers look for is certifications. Certifications prove to the industry that you know your stuff.
CompTia certifications should be your first step. Each certification will likely take up to a couple of months of preparation in order to pass.
For the absolute beginner, you should first choose the CompTia A+ certification. If you already have a good background in computers then you could skip to the Security+ certification. Here are the CompTia certification paths…
The certifications get harder as you move along the path.
Passing the Security+ exam will begin to open doors in the industry. The certifications are categorized by the Department of Defense. The three levels are IAT1, IAT2, and IAT3. The Security+ certification puts you in the IAT2 category. Here is a visual of the certification levels:
You can see the value of each of these certifications by searching the job search engine, Indeed.com for IAT1, IAT2, and IAT3. You will find that the higher IAT levels qualify you for positions at a higher average pay. As an example, here is a summary of positions that are available in Northern Virginia for people who hold the Security+ (IAT2) certification:
But your ultimate goal should be to earn an IAT Level 3 certification. It will be a pretty large commitment to studying and passing the CASP exam. The CASP exam does not require any actual experience in order to sit for it, but it is designed for well experienced professionals. If you can do it then you are setting yourself up to be qualified for a six figure income. As an example, here is a summary of positions that are available in Northern Virginia for people who hold the CASP (IAT3) certification:
The CASP certification clearly demands a higher salary range.
Step 2: Get some experience
The next step is to get some experience on your resume. This might not be as hard as it seems. There are many businesses that are looking for computer help. Since you are already working you may be able to pick up some additional job duties at your existing company. You could volunteer to help out with configuring laptops, troubleshooting issues, and a wide array of other tasks that can build your credibility in the industry.
One way to gain the needed experience is to start your own cyber consulting business. You can set this up as a sole proprietorship or a limited liability corporation.
You will just need a website and some business cards. You can have a lot of fun and learn a lot if you set up your own site using WordPress. There are plenty of tutorials online about how to get a WordPress site up and running.
You can then start approaching small businesses and offering your assistance as a part time gig. The experience you gain can be strategically incorporated into your resume.
Step 3: Find your first position
After you have your certifications and have a bit of experience then it is easy to get an entry level job in cyber security. You may have to start at the bottom, but you can quickly leverage your experience to move up the ladder.
You may find it a bit harder to step into the industry at a mid-level position but it is certainly not impossible. You can leverage your professional experience to get into a leadership position. You can then continue to learn and grow without having to be the one that actually does the highly technical work.
Step 4: Keep learning and growing
The fun thing about cyber security is that it continues to evolve and change. This requires continuous learning. After you are full time in the field you should continue to gain certifications. Your goal should be to get to IAT level 3 (CASP or CISSP).