Paying it forward

At some point, if you are in cybersecurity, you got started. It may have been very planned and intentional; but maybe it wasn’t. It could have been in your room, as a teen, assembling a new computer or breaking things on the internet. Or maybe it was jumping over from an IT department job. Perhaps it was through a bootcamp or college curriculum.

But, regardless of how it happened, my bet is that you had someone or some people that were uniquely helpful at that point in the journey. A particular boss, friend, or mentor that showed you the ropes and got you going.  People that invested their time and wisdom into you along the way.

It isn’t easy to break into cybersecurity. Only about 2% of jobs do not require previous cybersecurity work experience. As the talent shortage continues to bite, we believe that number will nudge upward, but the fact remains that the vast majority of roles in our field do lean heavily on a combination of knowledge and relevant experience. And most employers aren’t looking to invest the time to train from scratch, particularly with the fear that they will walk out the door after it’s all done.

That being said, many people that have been around this industry are more than willing to lend a hand. They can’t do everything, but they are often eager to help people that are newer to security- particularly if those people show a high degree of intrinsic motivation, positive attitude and energy, and a demonstrated willingness to learn.

I spoke with Will Broom, who has built a following of over 30,000 people on Linkedin, mostly by providing incredibly helpful lists of security resources. 

Why has he put the time into this? Because, he told me, when he was getting started, he reached out to a number of experienced cybersecurity professionals who were incredibly generous to him with their time and advice.

This is Will’s way of giving back.

Will had some great advice for people looking to build their careers from relatively early stages.  He recommended:

• Thinking through what type of work will really fit you, and pursuing that with abandon, not just trying to find the highest paying job
• Gathering insights directly from people who do that type of work. He had success reaching out to people on Linkedin, who then were happy to provide additional referrals- as well as speaking directly with hiring managers and recruiters
• Emphasizing networking, volunteering, engaging with the community. Who you know matters at least as much as what you know

I also spoke with Cody Burrows, who is a VP of security at JP Morgan Chase’s travel business, and has been a CISO at several companies before. Cody is very active in the cybersecurity community here in Colorado (where I live), for example having served on the board of the local Cloud Security Alliance and mentoring countless people in the early stages of their careers.

Cody’s advice- meet your mentors halfway. Security is all about taking a different mindset toward systems and technologies... being able to think through them from an adversarial perspective, and then subsequently from a defensive posture. If you can show that you understand the underlying systems / technologies (networks, applications, cloud, etc)- then it’s much easier to learn security. Be curious, put in the time to get the foundational levels of understanding and experience, and experienced people will be more than happy to help, and pay it forward, just as others have helped them.

If you are looking for mentorship, or looking for somewhere you can contribute, here are some resources:

• Engage with your local OWSAP and Cloud security alliance chapters 
• Join the cyber mentor discord server 
• Join the Cybrary user community (must be a subscriber)
• Join the Cybermentor dojo discord server
• Join local area slack/ discord channels & meetups
• Speak with / hire students at local bootcamp programs (shoutout to my friends at Flatiron school)

Additionally, here are a few programs with mentorship opportunities targeted toward particular audiences:

• Veterati- a mentorship connection program for veterans
• Women in cybersecurity mentorship program 
• National cybersecurity alliance mentorship program with HBCUs 

If you have cybersecurity mentorship programs that you support, but that I didn't list here, let me know and I'll make sure to feature them in future posts