Breaking into the Security Industry as a student

All throughout the media and news we see the stories of how Security professionals are in high demand with alluring salaries attached to them, as well as stories about how all ‘these big companies’ need security graduates. Sounds easy enough to get a job then, just run through a ‘Cyber-Security’ course and you’ll be ready for a job, right?

Not quite so right, it’s not farfetched to say the media has created a mirage in regards to IT Security jobs, they are correct to say that IT Security professionals are very much in demand, but they forget to mention that there’s a very good reason they are in demand.

IT Security jobs are difficult.

A single course in ‘Cyber-Security’ or ‘Comp-sci’ doesn’t provide nearly enough practical or theoretical knowledge about IT systems or about IT security. It provides a solid foundation to get into IT, but if a student wants to particularly target IT security then they need to be self-motivated and eager to learn everything there is to know about IT Security by themselves.
If you’re here then hopefully you already are eager to learn! Maybe you’re a student in a university course, or perhaps you’re a network admin looking to branch out, either way I hope I can provide helpful advice on how to make it in the Security Industry.

The following advice is my own advice, talking from my experience as a graduate in regards to getting a job in the IT Security Industry.

1. Have a passion for Security, and be eager to learn. This can’t be repeated enough, IT Security requires you to be independent and self-directed, there will be endless hours of self-learning to do before you can find your first Security job.
2. Google everything! If you find something you don’t understand google it and understand it; see someone mention something on a forum you don’t know about, google it and understand it. Never stop learning, IT Security as a field moves very fast and if you don’t keep up to date you’ll quickly find yourself out of touch with the field and lacking in skills.
3.  Hacking isn’t done in big green GUI menus. It’s done on the command line, and what command line is the strongest, most versatile command line out there? Linux. Learn Linux, and learn how to control Linux with the command line, you’ll need it to run the majority of tools in the Security world, and for good reason.
4. Build a home lab, it doesn’t need to be extensive or even physical. It could just be a virtualized home lab, but either way it’s important to both build your own home lab, and practise hacking on your home lab. Add in premade vulnerable VM’s to your home lab and figure out how to hack them, the only way to learn a lot of the tools in IT Security is too practise them.
5. Go to your local security meetups! Most major cities will have monthly groups that are focused around IT Security which will meetup and have presentations over recent happenings in the IT Security world, or just act as a form of socializing for people in IT Security. Either way it’s worthwhile to go out to these meetings and talk to other people from IT security, you’ll be amazed at what you can learn from them!
6. Finally, after having learned so much, and having come so far. It’s time to prove yourself to the world! It’s time to become certified, and what better certification out there then Offensive Security Certified Professional. This certification is very practical focused, requiring you to hack five machines in order to pass the exam, and because of this it is very respected in the IT Security industry. It’s a certification that shows how far you have come, and it will open numerous doors in getting your first IT Security job.

The above points shouldn’t be followed to the dot, use them as a rough guide in your journey through the world of IT Security, and remain dedicated and passionate to the journey. However above all have fun, and enjoy the journey.