Follow Mark on LinkedIn Follow @marknca on Twitter Follow marknca on YouTube
marknca

Mornings With Mark
no. // 0 0 0 9

Making A Break To Start Your Cybersecurity Career

Subscribe to the podcast.

Watch the episode here

Join the discussion on LinkedIn

Tweet about this episode

Full machine generated transcript follows

We talked about getting started in cyber security and sort of the principles of the attributes that you need in order to. Of course now, it's bleeding all the time the let me restart that because I got distracted social media is a distraction is the topic for next week. So yesterday we talked about a principal do you need or to the attributes? You need to get started in our habits successful career in cybersecurity.

So I was talking about the ability to learn quickly the desire to continuously learn a puzzling tenacious mindset to crack a problem and I got some great feedback. Thank you for watching hopefully today because today I want to talk about something multiple times and how do you get over the hump? How do you get a crack in the door? How do you get your first opportunity in cyber security now? Yes my opinion my experience.

I have had a very different experience than most people because I've been doing this for very long time ago. When I got started none of the stuff that exist today was really out there or popular cyber security was not a board-level topic and you could not go out and get a graduate degree in cybersecurity.

There was not a plethora of Certifications to get started so nice person is very different than what you will have today starting out. However, I believe some of what I seen in the industry over the years is still relevant in this might be of use to you so fingers crossed I get my opinion my dick.

So the challenge of the few people highlighted was okay. I've got that mindset. I'm love I'm willing to learn I want to get involved but all of the certifications in the industry require a certain amount of experience or are expensive. How do I really get started? So let's cover that again real quick around certifications.

They're important their valuable. They provide some on standardized a recognition of the expertise that you've built up, but they're not the end-all and be-all. So they do not necessarily indicate that you're competent security professional for one thing or that you don't have them doesn't mean that you're incompetent the challenge hear that somebody rightfully highlighted on YouTube yesterday.

Was it how do you get past HR? How do you get you know, if it says I need a c e h o r a g or a that's a really good question. Unfortunately, given the number of HR departments that do the filtering that ends up being a real problem because I couldn't tell you what a good cyber security professional resume.

Looks like I can tell you how to match a resume to a job request, but I can't tell you whether that's a valid an accurate description to cybersecurity professionals. So here's my advice to you now. I know everybody goes all my God networking. What a horrible horrible turn. Nobody wants to know more people.

It's meeting people is putting yourself out there, but it's you know how to conversate. We'll talk. Did you see Jose talk? It was amazing and I was so. You need to meet people because those people will help you get past those artificial barriers those HR berries. Now we have working for us here is that cyber security skills are in such high demand that it's not like HR is getting 10,000 resumes that they need to filter through automatically.

There is a gap in the skills that are there of the people that are out there. So you need to be able to prove that you've got the skills certification are one way to prove that. It's a quick way for people to recognize all you got. So you probably have the skills.

I don't but realistically it's really about who you know and sort of spying these opportunities jobs aren't even necessarily I'm getting posted because it's just such a waste of time cuz nobody's going to end up applying you need to find somebody and be convinced him to come over that being said still scour all the job boards to look for these opportunities.

So here's how you can start networking social media. You're on it right now. I'm hit me up Mark NCAA. Say hi LinkedIn. Hit me up on LinkedIn. See my LinkedIn are cooked. My LinkedIn profile. Send me a connection request or start following me Adam start looking at who I follow.

I follow a lot of folks in cybersecurity server rinse and repeat that a lot of people start asking people are on Twitter are on LinkedIn are actively engaging with the community. So I'm LinkedIn. There's a lot of great groups on Twitter. If you follow cybersecurity or security or infosec as a hashtag, you're going to meet a lot of these folks to see a lot of these folks interacting and then you need to get out in person.

Now, I know budget and travel can be a challenge but the good news is that there's been a worldwide series of events for the last two years called b-sides besides on has a long and cool history on Jack Daniels of the team set it up years and years ago and it's taken off since then.

These are free events happened or Dare free local Community Driven lots of great talks but lock the great networking. There is no sponsor talk stuff allowed and the sponsors that normally show up for their to recruit and witches. Great opportunity to meet them on to introduce yourself to get over that hump.

So and then another great networking opportunity with the community as well. You really just need to get yourself out there to get over the hump and I know that's not a place for yourself out there. It's going to be hard. It's going to take a while, but that's how with if you don't have the sort of on paper pedigree that shows like hey, I've got a cissp of got a bachelor or Masters in this and I've got this and I've got the look at all these great security things that I If you don't have that this is the alternative route as you need to build up the networks.

You need to build up the reputation to show that you can do the job. Right? And I think that's a reasonable and pragmatic way to take it's going to take a little while longer. But that is a good way to sort of prove your chops. A lot of companies are desperate for talent.

And if you go back to those core principles and can show some basic knowledge some stuff that you picked up some stuff that you've learned rapidly companies in my experience are willing to invest and to build a town because it was not out there. It's not like other areas where there's a plethora of programmers in you know, a specific technology and go out.

This person is Canada's workout. I got a speed in react so I can hire somebody else cybersecurity. We are in control right now because there is such a gap. You just need to get over that how can I get it? This is not an end. I'll be all solution.

But at least it's something get out their Network be social start online and move into the real world go to as many events as you Start shaking hands meet people put yourself out there a bit do some videos demonstrate, you know your knowledge the great way to do that is share your initial learning experiences.

I know a lot of people I'm not afraid I can't log in it, you know what being in the beginner and explaining your thought processes? Probably more valuable than an expert on the topic and I'll give you a fantastic example, and I hope it's on YouTube if it isn't yet it will be or no.

Sorry. It's not on YouTube. I know that for sure but let me give you a real example and I'll send you the link of the blog posts and the friend of mine at Middleton are in Atlantic Canada did a talk Atlantic security conference on experience around cybersecurity traditionally. He's a software tester and he's moving more and more than cybersecurity World, which is great person.

She's been learning going to these events networking for years and he gave his first talk at the Atlantic security conference. It went well great job Maddie, but his talk was basically as a beginner. Here's the challenges of hatch. Here's the cool things I learned here is the crappy things that I signed up for his the money I wasted here's some money that was a value that is a hugely informative talk your experiences as a beginner are important to other people who are further behind than you are on the path, right? Everybody's on this path.

Some people are leading. Some people are just starting no matter where you are. There's almost always people ahead of you and people behind you. You can always teach the people behind you going to learn for the people had it put yourself out there. That's how you can start on it to get into cyber security.

I hope that helps a lot more in the next couple weeks. Please stay tuned. I hope you are set up for a fantastic. Friday. Hit me up online Mark NCAA start that dialogue and tell me what you think about that. Is this a good way as it's worked out for you, you know is are you still there? I'm going to try to meet people within the community.

Let me know have a great weekend, and I will talk to you next week. I am traveling on Monday morning. So no mornings with Mark on Monday morning, but I'm hoping to do with the rest the week even though I'm at an internal Trend Micro event in Miami, but hopefully you'll still see me doing mornings with Mark.

If not, I'll be active on Twitter all week for sure. Will. Talk to you soon. Have a great weekend. We talked about getting started in cyber security and sort of the principles of the attributes that you need in order to. Of course now, it's bleeding all the time the let me restart that because I got distracted social media is a distraction is the topic for next week.

So yesterday we talked about a principal do you need or to the attributes? You need to get started in our habits successful career in cybersecurity. So I was talking about the ability to learn quickly the desire to continuously learn a puzzling tenacious mindset to crack a problem and I got some great feedback.

Thank you for watching hopefully today because today I want to talk about something multiple times and how do you get over the hump? How do you get a crack in the door? How do you get your first opportunity in cyber security now? Yes my opinion my experience. I have had a very different experience than most people because I've been doing this for very long time ago.

When I got started none of the stuff that exist today was really out there or popular cyber security was not a board-level topic and you could not go out and get a graduate degree in cybersecurity. There was not a plethora of Certifications to get started so nice person is very different than what you will have today starting out.

However, I believe some of what I seen in the industry over the years is still relevant in this might be of use to you so fingers crossed I get my opinion my dick. So the challenge of the few people highlighted was okay. I've got that mindset. I'm love I'm willing to learn I want to get involved but all of the certifications in the industry require a certain amount of experience or are expensive.

How do I really get started? So let's cover that again real quick around certifications. They're important their valuable. They provide some on standardized a recognition of the expertise that you've built up, but they're not the end-all and be-all. So they do not necessarily indicate that you're competent security professional for one thing or that you don't have them doesn't mean that you're incompetent the challenge hear that somebody rightfully highlighted on YouTube yesterday.

Was it how do you get past HR? How do you get you know, if it says I need a c e h o r a g or a that's a really good question. Unfortunately, given the number of HR departments that do the filtering that ends up being a real problem because I couldn't tell you what a good cyber security professional resume.

Looks like I can tell you how to match a resume to a job request, but I can't tell you whether that's a valid an accurate description to cybersecurity professionals. So here's my advice to you now. I know everybody goes all my God networking. What a horrible horrible turn. Nobody wants to know more people.

It's meeting people is putting yourself out there, but it's you know how to conversate. We'll talk. Did you see Jose talk? It was amazing and I was so. You need to meet people because those people will help you get past those artificial barriers those HR berries. Now we have working for us here is that cyber security skills are in such high demand that it's not like HR is getting 10,000 resumes that they need to filter through automatically.

There is a gap in the skills that are there of the people that are out there. So you need to be able to prove that you've got the skills certification are one way to prove that. It's a quick way for people to recognize all you got. So you probably have the skills.

I don't but realistically it's really about who you know and sort of spying these opportunities jobs aren't even necessarily I'm getting posted because it's just such a waste of time cuz nobody's going to end up applying you need to find somebody and be convinced him to come over that being said still scour all the job boards to look for these opportunities.

So here's how you can start networking social media. You're on it right now. I'm hit me up Mark NCAA. Say hi LinkedIn. Hit me up on LinkedIn. See my LinkedIn are cooked. My LinkedIn profile. Send me a connection request or start following me Adam start looking at who I follow.

I follow a lot of folks in cybersecurity server rinse and repeat that a lot of people start asking people are on Twitter are on LinkedIn are actively engaging with the community. So I'm LinkedIn. There's a lot of great groups on Twitter. If you follow cybersecurity or security or infosec as a hashtag, you're going to meet a lot of these folks to see a lot of these folks interacting and then you need to get out in person.

Now, I know budget and travel can be a challenge but the good news is that there's been a worldwide series of events for the last two years called b-sides besides on has a long and cool history on Jack Daniels of the team set it up years and years ago and it's taken off since then.

These are free events happened or Dare free local Community Driven lots of great talks but lock the great networking. There is no sponsor talk stuff allowed and the sponsors that normally show up for their to recruit and witches. Great opportunity to meet them on to introduce yourself to get over that hump.

So and then another great networking opportunity with the community as well. You really just need to get yourself out there to get over the hump and I know that's not a place for yourself out there. It's going to be hard. It's going to take a while, but that's how with if you don't have the sort of on paper pedigree that shows like hey, I've got a cissp of got a bachelor or Masters in this and I've got this and I've got the look at all these great security things that I If you don't have that this is the alternative route as you need to build up the networks.

You need to build up the reputation to show that you can do the job. Right? And I think that's a reasonable and pragmatic way to take it's going to take a little while longer. But that is a good way to sort of prove your chops. A lot of companies are desperate for talent.

And if you go back to those core principles and can show some basic knowledge some stuff that you picked up some stuff that you've learned rapidly companies in my experience are willing to invest and to build a town because it was not out there. It's not like other areas where there's a plethora of programmers in you know, a specific technology and go out.

This person is Canada's workout. I got a speed in react so I can hire somebody else cybersecurity. We are in control right now because there is such a gap. You just need to get over that how can I get it? This is not an end. I'll be all solution.

But at least it's something get out their Network be social start online and move into the real world go to as many events as you Start shaking hands meet people put yourself out there a bit do some videos demonstrate, you know your knowledge the great way to do that is share your initial learning experiences.

I know a lot of people I'm not afraid I can't log in it, you know what being in the beginner and explaining your thought processes? Probably more valuable than an expert on the topic and I'll give you a fantastic example, and I hope it's on YouTube if it isn't yet it will be or no.

Sorry. It's not on YouTube. I know that for sure but let me give you a real example and I'll send you the link of the blog posts and the friend of mine at Middleton are in Atlantic Canada did a talk Atlantic security conference on experience around cybersecurity traditionally. He's a software tester and he's moving more and more than cybersecurity World, which is great person.

She's been learning going to these events networking for years and he gave his first talk at the Atlantic security conference. It went well great job Maddie, but his talk was basically as a beginner. Here's the challenges of hatch. Here's the cool things I learned here is the crappy things that I signed up for his the money I wasted here's some money that was a value that is a hugely informative talk your experiences as a beginner are important to other people who are further behind than you are on the path, right? Everybody's on this path.

Some people are leading. Some people are just starting no matter where you are. There's almost always people ahead of you and people behind you. You can always teach the people behind you going to learn for the people had it put yourself out there. That's how you can start on it to get into cyber security.

I hope that helps a lot more in the next couple weeks. Please stay tuned. I hope you are set up for a fantastic. Friday. Hit me up online Mark NCAA start that dialogue and tell me what you think about that. Is this a good way as it's worked out for you, you know is are you still there? I'm going to try to meet people within the community.

Let me know have a great weekend, and I will talk to you next week. I am traveling on Monday morning. So no mornings with Mark on Monday morning, but I'm hoping to do with the rest the week even though I'm at an internal Trend Micro event in Miami, but hopefully you'll still see me doing mornings with Mark.

If not, I'll be active on Twitter all week for sure. Will. Talk to you soon. Have a great weekend.