The Institute of Data caught up with Matt who made a career change from hospitality to cyber security in 2020. Matt was passionate about building his cyber career and focused on gaining practical cyber security skills to land a job quickly in the industry. He was mentored and trained by industry experts and secured a job as a Cyber Security Analyst before graduating the course. This is Matt’s journey so far:
What is the most exciting / challenging part of working in the cyber industry?
“Since starting I have found that the most exciting and challenging aspect of my job is threat hunting, researching malware I’ve caught, and finding out what it does / how it interacts with the network and software. Finding ways to mitigate the threat is always challenging but rewarding.”
Coming in from a background in hospitality – what motivated you to pursue a career in cyber security?
“I was a kitchen hand for 5 years, though it was fun and I worked with good people it wasn’t where I wanted to be in my life. I had always had a passion for technology and during high school self-taught myself basic scripting, networking and some Linux. When I finished high school my local CIT was offering a certificate in cyber security, after researching the course content I became interested and decided to start taking the steps to specialise in cyber security.”
What appealed to you about the Institute of Data’s Cyber Security Part-Time Program?
“The most compelling part of the program was how well it worked with me working nights and the skills I was looking to learn. Before coming into the course I had a good understanding of interpersonal skills from my work experience in hospitality and I had some experience with governance and technical skills from my previous studies. However, having gone through IOD’s program and after going in depth with governance and learning from people who actually work with it on a daily basis, I was able to see the importance of learning from industry experts because of how quickly I was able to develop my skills / improve my understanding of technical concepts. It was also extremely beneficial completing lab work with experienced industry professionals during the course.”
You’ve landed a new role as a Cyber Security Analyst – Congratulations! What does your day to day involve and what do you enjoy most about your role?
“My day usually consists of SIEM monitoring which is looking for threats or intrusions in a client’s system, meetings with colleagues and clients – discussing client cyber security needs / what we should or would like to do next. For example, my boss might request I research some malware that has recently emerged and ask me to perform a threat report. My day also involves constant training but threat hunting is what I enjoy the most. I seem to use a little bit of everything I have learned during threat hunting and I find that to be the most exciting thing about my job.”
How has COVID-19 impacted your experience on the job?
“I’m very fortunate to have COVID-19 not affect my occupation unlike so many others during this time though there were changes to how we operated. We needed to adapt in order to remain capable and effective working from home including being able to effectively communicate with each other and work together despite no longer being in the same office. I was actually only in the office for a month before being given the order to stay home due to COVID-19. Learning how the workplace works from home has been a challenging but valuable experience.”
You also landed your new role before completing your training! How did you prepare for your cyber security job interview?
“I took notes and I was honest about my abilities. When I was asked to come in for an interview I had another look at the job requirements and wrote some specific notes based on my knowledge and how it related to the subjects relevant to the role, I also took the notes with me to the interview. When I was asked a question I didn’t know the answer to, I answered honestly that I didn’t know, later I was told that they were impressed with my ability to come prepared and that I was honest.”
What are some tips you would give someone applying for jobs in the cyber industry after upskilling?
“Don’t stop learning or upskilling whether that be through industry certifications or self-learning – everything helps and it shows that you’re ambitious, willing to learn and that you can adapt to the requirements of a new workplace that might have their own policies and procedures.
You will need to interact with people everyday so don’t neglect your interpersonal skills, learn how to effectively communicate verbally and in writing. It is also important to showcase that you’re up to date with technology, threats and industry tools.
Good communication skills are essential skills to have in the cyber security industry and anyone that has worked in hospitality or any other customer facing roles, already has some excellent transferable skills. Finally, I suggest asking for feedback from unsuccessful interviews. This has helped me address my weaknesses whether that be related to further building my knowledge or improving how to talk and act in an interview setting.”
What is it really like working as a cyber security analyst? Is it everything you expected / is the cyber industry different to what you imagined?
“It was very different to what I expected when getting into a small team and the learning curve was much steeper than I had anticipated. I had to learn how the client’s SIEM worked, understand what the clients were asking from us / looking to achieve, I had to be aware of new threats I hadn’t encountered before, and I had to be able to effectively perform my duties with limited supervision – this took time to adjust to however my education and training made it a lot easier to adapt to the workplace.”
What core technical / interpersonal skills does someone need to land their first job in the cyber industry?
“Technical skills that I believe cyber professionals should have: skills / knowledge in networking, incident response, current malware, Kali Linux and how to use its tools (I would even go as far to understand how Kali Linux tools work not just how to use the tools, a top down approach for example). Interpersonal skills I believe a cyber professional should have: risk assessment skills, report writing, the ability to talk to stakeholders and being able to relate security and IT concepts to an audience with a limited understanding of these things.”
Which transferable skills helped you while upskilling to cyber security?
“I was in the hospitality industry for 5 years and as it turns out being able to work well under pressure – rallying messages in busy environments clearly and talking to customers and writing orders, actually helps and aligns with the necessary interpersonal skills needed in the security industry.”
Tell us about your Capstone Project! What did you learn / would you do anything differently?
“My capstone project was about how to develop a 3 legged firewall for a small business, my project taught me that even with just some simple research and a willingness to learn a little bit of firewall configuration, you can create a cost effective network security solution that can be easily implemented. If I could do anything different I would include a demo on how to create this type of network.”
What Capstone project tips would you give someone taking the cyber security program?
“Relax and have fun with the project as you’re developing it throughout the course, after you’re nearly finished with the course content you’ll know everything you need to create a good project. I wish that I had taken some more time to actually enjoy the process of creating my project although looking back I really enjoyed presenting it.”
How did the program change your perspective on the importance of soft skills and needing a job outcomes strategy?
“When coming into the program I didn’t really think about the importance of developing soft skills and a job outcomes strategy though witnessing the positive outcomes first hand, I wish more institutions would implement this approach.”
How do you compare your career situation now to 6-12 months ago?
“My career outlook has been completely turned around since upskilling and coming into the cyber security industry. Although I had transferable interpersonal skills, my new responsibilities and the expectations of me as a cyber professional are completely different to being a kitchen hand. I’m enjoying what I do now more than ever and I’m excited to keep progressing.”
Now that you’re trained with in-demand skills in cyber security analysis, governance, compliance, risk assessment, assurance and incident response, what do you hope to achieve going forward in the cyber industry?
“I hope to be able to lead my own SOC or red teams in the future and be able to contribute more to the industry.”
What advice do you have for those looking to break into the cyber security job market – how can they set themselves apart?
“Constantly upskill, keep up to date with the latest malware and threats, be willing to adapt, never be afraid to ask for help and always be honest with your abilities.”
If you are interested in up-skilling and landing a role in the Cyber Security industry, book a consultation with a Data Industry Career Consultant today.