front matter
preface
I grew up as a hacker. I have been working with computers all my life and have been a cybersecurity professional for the better part of two decades. My time spent in the hacker communities of the 1990s along with my own successful career progression have etched a special place in my heart for the cybersecurity field.
I’ve watched as cybersecurity has gone from a relatively unknown field, where I often struggled to even explain what it was I did for a living, to now an almost ubiquitous presence in the mainstream lives of every person on the planet. It is no secret that cybersecurity has become one of the most talked about career fields in technology and maybe just in general society.
However, as technology continues to grow, innovate, and permeate our daily lives in so many ways, the need for cybersecurity professionals has skyrocketed. I have read many accounts in industry and mainstream media of this so-called skills gap that we have in cybersecurity. I’ve seen estimates of anywhere from hundreds of thousands to millions of unfilled jobs. Yet, as I spoke with people who were trying to get into this hot job market, I heard stories of the struggles they were encountering. A sort of dissonance exists between what the industry is saying and what job seekers are experiencing. So I set out to solve this issue.
Through surveys, interviews, and other research, I’ve sought the answers. My goal is to help connect job seekers and the companies that need to hire them. One of the primary efforts of my ongoing work to improve the cybersecurity community is this guide. The Cybersecurity Career Guide is here to help those who want to start their career understand, identify, and overcome the many obstacles and challenges they will face. My hope in writing this book is to ease that path and guide those new professionals who will help secure our digital world.
acknowledgments
A book like this does not come together as the result of any one person’s efforts. Thus, I take a moment here to thank all the amazing people who made these pages possible.
I begin with Casey Shuniak, whose love, support, and guiding ideas helped make this book so much better than it might have been otherwise. Casey’s support in helping me navigate many moments during the COVID-19 pandemic in which I lost motivation ensured that this book got out to the many who will benefit from it. Her efforts in reviewing the content of this book provided me with invaluable perspectives on how to connect with a broader audience of readers. For that, I am most deeply thankful.
I also want to acknowledge the many people in the cybersecurity industry who helped in various ways through the interviews I conducted and the research I performed. In no particular order, Alethe Denis, Carolina Terrazas, Kirsten Renner, Kwadwo Burgee, Kathleen Smith, Gabrielle Hempel, Keenan Skelly, Mitch Parker, and Lesley Carhart, thank you for all the knowledge and perspectives you shared that can be found throughout the pages of this guide. Additionally, special thanks to Carl Hertz and Ray [REDACTED] for being tremendous advocates of my work, sounding boards when I needed an outside opinion, and simply two of the most wonderful people I could ever hope to have in my court cheering me on.
I would also like to thank the people at Manning who helped shepherd me through this process: Karen Miller, the development editor; Aleksandar Dragosavljević, the review editor; Deirdre Hiam, my project manager; Sharon Wilkey, my copyeditor; and Jason Everett, my proofreader.
It is also important for me to thank the thousands of people who participated in the research surveys that really kickstarted this book and provided some surprising data and conclusions. So many revelations came from your efforts in sharing your experiences, and I can’t thank you enough for helping me pay it forward to help others navigate their way into a cybersecurity career. And then, finally, thank you to the tens of thousands of members of the security community I am blessed to be able to interact with on a daily basis through social media, professional events, and industry media. This community I love so dearly served as the true inspiration for writing this guide, and I truly appreciate every single one of you.
To all the reviewers: Alex Saez, Amanda Debler, Amit Lamba, Björn Neuhaus, Bobby Lin, Daniel Varga, Dhivya Sivasubramanian, Dipen N. Kumar, Elavarasu A K, Emanuele Origgi, Georgerobert Freeman, Harsh Raval, Hugo Sousa, Jan Vinterberg, Jason Hales, Joerg Discher, Marc Roulleau, Michele Di Pede, Nathan Delboux, Paul Ammann, Rafik Naccache, Rob Goelz, Steve Atchue, and Zarak Mahmud, your suggestions helped make this a better book.
about this book
Cybersecurity Career Guide will assist you in uncovering your path to becoming a great security practitioner. You’ll learn how to reliably enter the security field and quickly grow into your new career, following clear, practical advice that’s based on independent research and interviews with hundreds of hiring managers.
Who should read this book
The book is written as a complete guide to help any individual who is looking to launch a career in cybersecurity. Individuals from all walks of life, all technical skill levels, and all knowledge levels will find something in this book that can help start their career in cybersecurity. Whether this is your first career path or you are trying to pivot from another industry, this guide is written to ensure that you are equipped with the tools you need to succeed in your first job search and to position yourself for long-term growth.
How this book is organized
This book is divided into three parts of three chapters each. The first part provides a common understanding of cybersecurity. You will learn just how expansive this domain of knowledge is and see the details of many varied paths you can pursue when embarking on a cybersecurity career. This part also discusses many of the challenges and obstacles you may encounter along your journey. Research is presented to illustrate some of the difficulties that new entrants face.
Part 2 focuses on you as the job seeker. In the chapters of this part, you will find practical exercises that you can use to discover your passions and interests and map those to the various disciplines of cybersecurity. The goal is to focus your efforts and maximize the chances that you pick a discipline that will best align with your capabilities. You will also learn how to structure your job search, create your resume, and prepare for and ace the interview process.
In the final three chapters that make up part 3, you will learn how to set yourself up to achieve the goals of a long-term career in cybersecurity. This part presents tools for understanding and leveraging networking and mentoring to drive your journey. You will also be given powerful tools for overcoming one of the most damaging influences that derails careers, impostor syndrome. Then, in the final chapter of this guide, everything comes together as you’ll learn to set realistic goals and ensure that your journey stays on a path to new and greater accomplishments.
liveBook discussion forum
Purchase of Cybersecurity Career Guide includes free access to liveBook, Manning’s online reading platform. Using liveBook’s exclusive discussion features, you can attach comments to the book globally or to specific sections or paragraphs. It’s a snap to make notes for yourself, ask and answer technical questions, and receive help from the author and other users. To access the forum, go to https://livebook.manning.com/book/cyber-security-career-guide/discussion/. You can also learn more about Manning’s forums and the rules of conduct at https://livebook.manning.com/discussion.
Manning’s commitment to our readers is to provide a venue where a meaningful dialogue between individual readers and between readers and the author can take place. It is not a commitment to any specific amount of participation on the part of the author, whose contribution to the forum remains voluntary (and unpaid). We suggest you try asking the author some challenging questions lest her interest stray! The forum and the archives of previous discussions will be accessible from the publisher’s website as long as the book is in print.
Other online resources
Several online resources are available to help you embark on your cybersecurity career. The following are three that can help get you started:
-
Cyber Career Pathways Tool —This tool from the National Initiative for Cybersecurity Careers and Studies (NICCS) and hosted by the US Cybersecurity and Infrastructure Security Agency (CISA) can help you explore and map out possible career journeys (https://niccs.cisa.gov/workforce-development/cyber-career-pathways).
-
TryHackMe —This free online training website is designed to help cybersecurity professionals learn various skills through short lessons and challenges (https://tryhackme.com).
-
CompTIA Resource Center —You can use this collection of free educational resources from the Computing Technology Industry Association (CompTIA) to learn more about cybersecurity and cybersecurity-adjacent technologies and fields (www.comptia.org/resources).
about the author
A hacker since her childhood years, Alyssa Miller has a passion for technology and security. She bought her first computer herself at age 12 and quickly learned techniques for hacking modem communications and software. Her serendipitous career journey began as a software developer, which enabled her to pivot into her cybersecurity career. Beginning as a penetration tester, she has spent the better part of two decades in cybersecurity. Those years have seen her grow as a security leader with experience across a variety of organizations and cybersecurity roles.
By the age of 30, Alyssa was already serving in leadership roles in cybersecurity. Running the security testing and vulnerability management program for a Fortune 200 financial services firm, she learned the rewards and challenges of hiring and developing cybersecurity professionals early on. During her years in consulting, she was called upon to build an application security consulting team from the ground up. Now as an executive leader for another large financial services firm, she yet again is putting the experience of building teams to work as she builds out a cybersecurity practice for a multibillion-dollar division.
Alyssa is a highly recognized and regarded professional in the cybersecurity industry. She regularly advocates for improving the security community, both in terms of professional disciplines and the workforce. Alyssa is often called upon to share her research with business and industry audiences through a wide variety of international public speaking engagements, interviews, and other media appearances. She uniquely blends technical expertise and executive presence to bridge the gap that can often form between security practitioners and business leaders.
Alyssa’s goal is to change how we look at the security of our interconnected way of life and to focus attention on defending privacy and cultivating trust. She is a committed activist within the security industry. Her advocacy for the security community is also displayed in her work with various industry nonprofit organizations, board membership for multiple community conferences, and her membership in multiple executive leadership communities.
about the cover illustration
The figure on the cover of Cybersecurity Career Guide is “Jacout” or “Yakuts,” taken from a collection by Jacques Grasset de Saint-Sauveur, published in 1797. Each illustration is finely drawn and colored by hand.
In those days, it was easy to identify where people lived and what their trade or station in life was just by their dress. Manning celebrates the inventiveness and initiative of the computer business with book covers based on the rich diversity of regional culture centuries ago, brought back to life by pictures from collections such as this one.