A year ago, cyber security was something mystic that you might have thought only existed in the sensationalised news, the 90’s cult movie Hackers, TV shows like Mr. Robot, and on the Dark Web (that is at least what most of us think the Dark Web is). The COVID-19 Global Pandemic ensued, and increasing opportunities now present to make a career change into cyber security – if you have a passion for the industry, a resume of transferrable skills, and the relevant cyber security training required to work in an entry-level cyber security role.
Part of the journey into cyber security is continuing to build on your practical skills but also understanding the various job opportunities, career pathways, and roles that exist within the industry, for professionals with varying levels of cyber skills.
Cyber security no longer sandwiches organisations at the boardroom and the basement. It is layered through an organisation in a multitude of job functions. Furthermore, an increasing number of dedicated cyber security organisations are emerging. Whether private cyber security firms or organisational centres, these organisations require job functionalities across every part of the business to operate and be consumed.
Here are five pathways to enter into the cyber security job market that you should consider if you’re trying to get your foot in the door:
1. Cyber Security Jobs in Business Development
Working in cyber security business development requires multi-tasking, a multi-discipline of skills, adaptability, and the ability to deal with ambiguity. Duties will vary depending on the company and its size. Regardless, the main thing you will be focused on is developing and growing the business in line with its goals, strategy, innovations, customer satisfaction and client needs. Typically, these roles see a blend of sales, administrative tasks, consulting, client relations, networking and stakeholder interactions.
Examples of responsibilities:
- Lead generation – online, phone, in person, inbound, outbound or something in between
- End-to-end sales – cyber services, technology and solutions
- Responding to clients – Request for Proposal (RFP), Request for Quote (RFQ), Request for Information (RFI)
- Networking – building industry contacts, establishing new client verticals, conferences or events
- Administration – Customer relationship management (CRM), marketing databases, meetings, scheduling
- Consulting – meeting clients to understand their pain points, suitable solutions and developing deliverables with your cyber security team members
Key skill areas: Broad technical and non-technical cyber security fundamental and conceptual knowledge. The ability to listen to a client and understand how to ask the right questions, to truly navigate their issues, will lead to providing valuable solutions, building professional relationships and growing business partnerships.
Transferrable skills: Business-to-business experience, business-to-customer sales, outbound and inbound sales, consulting, communication, presentation and public speaking skills, professional writing, reporting and administrative skills.
2. Cyber Security Jobs in Marketing & Communications
Marketing and communications can be a combined role or two distinct roles, depending on the organisation. A small to medium enterprise (SME) will likely see this as a combined role, with larger organisations requiring a separation of duties, or even teams. These roles involve curating the public or client perceived image of the organisation. Marketing roles could vary from being a brand ambassador to developing marketing collateral, being the first point of contact for new customers, advertising new products and solutions, to designing campaigns. A communications role is usually more focused on large scale audience publications, media releases, external negotiations, or internal staff and stakeholder communications.
Examples of responsibilities:
- Cyber security content generation – digital, including email, social media, traditional media, physical collateral such as brochures or posters
- Reporting – data driven analysis of trends, consumer behaviour, various business metrics, administrative management of databases
- Campaign production – drive consumer or staff behaviours using marketing tools / techniques to raise awareness, educate, train, advertise, etc.
- Communicating – via publications, press releases, internal and external events or meetings, forums and moderating content sharing platforms
Key skill areas: A strong knowledge of your organisation’s cyber security offering, client base and niche are essential, along with innovative, out-of-the-box thinking. Keeping up-to-date with cyber security innovations, technologies, services and industry trends will enable you to drive deliverables.
Transferrable skills: Relevant marketing experience, knowledge of digital consumer trends, business analysis and data analysis skills, design experience, ability to use new technologies and keep up with emerging tools / techniques, communication skills including copywriting, public speaking and presenting.
3. Cyber Security Jobs in Project Management / Coordination (Service Delivery)
A number of roles within cyber security fall under this banner. Many combinations exist. Larger organisations tend to have various tiers of service delivery, program and project management job functions. This department is where things get done. Managing resources and client expectations, finding solutions, identifying risks, optimising processes – all these various responsibilities are coordinated to deliver the desired outcomes for all stakeholders.
Examples of responsibilities:
- Managing projects – utilise IT project management methodologies like PRINCE2 and service delivery frameworks like ITIL to deliver cyber security projects
- Resource management – facilitate various cyber security team resources to projects, meet client needs, expectations and deliverables that balance with business productivity, revenue generation and service-level agreements
- Collaboration – develop continuous improvement processes, work with varying levels of stakeholders, take on escalations, help coordinate and meet compliance requirements
- Communicating – write and present detailed reports, liaise with clients, schedule meetings, assist with staff arrangements and maintain varying records such as proposals, agreements, quotes and legal documents
Key skill areas: A technical, practical knowledge of cyber security will enable liaising with clients and cyber security team members to deliver solutions. You will not only be required to manage projects, administration, scheduling and resources but also connect with clients to answer questions, delegate and report on cyber security centric outcomes. Experience with popular project management practices such as Agile are essential.
Transferrable skills: Any project management or coordination experience, project management methodology experience, problem solving ability and analytical skills, high-level verbal, written and face-to-face communication skills including stakeholder liaising, presenting and public speaking experience.
4. Cyber Security Jobs in Customer Experience / Account Management
Keeping clients is just as important as gaining new ones. Meeting client needs and building a relationship that benefits both parties is essential. Enter the Customer Experience Manager. Although many variations of this job title are used in industry depending on the business, existing team structures or processes – other common job titles include Customer Success Manager or Account Manager. These roles typically involve understanding the cyber needs of a client on an ongoing strategic basis, and could also involve the onboarding of a client, assistance with product or solution deployments, and layering solution offerings to build the client’s portfolio. A role like this will involve maximising client satisfaction to ensure business growth.
Examples of responsibilities:
- Consult – meet new clients to understand their objectives and workshop ideal solutions, identify problems your company can provide solutions for
- Customer Life Cycle – onboarding of clients to set up and configure solutions, training clients, change management, promoting add-on features and relevant up-sell opportunities, renewal of services
- Monitor and review – keep and track ongoing communication with clients about the use of solutions to ensure they maximise value, can voice issues, resolve issues and work on remediating
- Negotiate – discuss and maximise budgets, value propositions, negotiate terms, value adds, administrative undertakings like contracts, agreements, legal obligations
- Connect – network with clients, organise events, meetings, social engagements, conferences and solution demonstrations
Key skill areas: A broad understanding of cyber security concepts, pain points and solutions will be essential. Generally, your company will train you on their dedicated solutions but you will need a knowledge of common cyber security solutions and what they aim to achieve, as well as a practical understanding of cyber security risks and threats. You have to be an effective communicator across all mediums, able to articulate yourself well, and show a passion for your solutions.
Transferrable skills: Sales experience, IT hardware sales or business development skills / experience, client account management experience, understanding customer satisfaction surveying, data analytics, contract creation and delivery, customer service experience, creative problem solving and high level communication skills, event / project management experience.
5. Cyber Security Jobs in Quality Assurance Reporting
Reporting is not often thought of as a cyber security skill, but it appears in almost every type of role and involves ensuring stakeholders have access to relevant insights to make informed decisions. Cyber security reporting is needed to relay essential information, findings, statistics and metrics of cyber security undertakings. In a security operations centre (SOC) a massive amount of data is consumed, and the reports highlight for the client the need-to-knows and often translate complex insights to a high-level overview. A Quality Assurance Report Analyst will draft reporting for clients and ensure the language is clear and concise to meet the agreed deliverables including checking grammar and spelling to guarantee quality work is delivered.
Examples of responsibilities:
- Writing – report drafting, review, revisions and fact-checking
- Communication – liaising with various cyber department members to understand data feeds, information provided, clarify and iterate as needed to formulate the reporting
- Policies – interpret, review and revise policies to ensure optimised efficiency and effectiveness
- Stakeholder engagement – navigate communication channels with internal and external stakeholders to ensure satisfaction and clear understandings exist, provide feedback on existing formats and processes, collaborate to improve on an ongoing basis
Key skill areas: Foundational technical cyber security knowledge and hands-on practical experience will be required to understand data provided, and transpose relevant findings in a high-level format. A significant focus on outcomes and excellent written communication skills – grammar, punctuation, spelling, and use of language will be needed for this role.
Transferrable skills: Previous QA, reporting and administrative work, MS Office Suite experience, G-suite experience, typing skills and speed, professional written communication skills, data analyst experience.
Many budding cyber security professionals dream of those well-known jobs such as Penetration Tester, Security Analyst, Security Engineer, or Cyber Security Specialist. In cyber security there’s little to no room for error and the demand for exceptionally high quality work from clients is ample and well paid for. However, from the employer’s standpoint, it would be too risky to give junior cyber professionals the full responsibilities of mid to senior-level cyber professionals, so it’s important to note, entry-level cyber candidates must be ready to work within a team to develop their skills and experience to steadily add more value as they build their career.
Cyber security graduates and those coming into the industry from other professions or sectors should also get creative in how they approach cyber security job applications. Aim to highlight relevant experience and transferrable skills when applying for jobs that sit within the cyber security profession, but also allow yourself room to learn, grow, understand and create connections in the industry.
The above are jobs that provide massive room for growth, are essential to this booming industry and are truly an exciting part of the cyber security professional realm. If you are a career changer, cyber security student or a fresh graduate, taking a creative approach to first researching evolving cyber opportunities and then strategically applying for cyber roles that match your interests and transferrable skills, will enable you to broaden your opportunities in the cyber job market. You will also be able to find your true calling within the profession by understanding the unique entry-level opportunities that exist for professionals with practical cyber skills.
Click here to learn more about the Institute of Data and University of Technology Sydney’s practical cyber security training program – the fastest way to gain job-ready cyber skills and industry experience.
Industry contributor: Ez Yiap | Cyber Security Business Development Executive | Triskele Labs