How to become a Cyber Security Analyst - a walkthrough for entry level roles
In this blog, Cyber Security Training Courses highlights some valuable insights for becoming a cyber security analyst, and the steps you can take to guarantee success in landing your first cyber role.
These views are taken from the perspective of a recent applicant (who contacted us for some guidance) for an entry level position as a junior cyber security analyst, who wanted to share their journey, for the benefit of other candidates in similar circumstances.
"First, let me start off by saying that I'm not anything special or know too much about cyber, I'm very much at the start of everything and I am the very definition of 'entry level'.
Over the last 6 months I have applied for loads of 'entry level' positions with absolutely no luck at all. I think the vast majority of these roles were for companies in the private sector and were demanding crazy criteria on their job descriptions that shouldn't be part of the 'entry level' role. So, I changed tactics slightly...
I then started applying for public sector positions i.e., Government, Police, and the local council - places that were more inclined to use the competency-based methods of interviewing. I felt this way, I would have a chance at getting an interview in the first place, and then being able to speak to someone to sell myself a little and put my story across.
All these positions also required mini essays for the application stage based on their 5 or so set questions which then reflects the competencies and values of the business. Each application requiring approx. 1500 words max. Then it was just a waiting game to hear back.
Once in the interview, I was able to put my story across to them - explaining how I've come to the point of applying for the position (that I had enrolled myself on a course immediately to retrain after being made redundant) and what I've been doing up to that point in terms of learning. Things like using TryHackMe labs, the CompTIA labs and CompTIA learning materials and it certainly helped that I had managed to achieve the CompTIA CySA+ cert since I had initially applied for the position.
They then asked a load of questions in line with their job description and scenario-based questions. The beauty of the competency-based questions is because I've never worked in cyber before, I could use past experiences from previous roles to answer the questions and still hit the points they needed. And throughout all the interview, I made sure that I did not over-sell myself and they knew exactly what my experience was and what I have and haven't done. The last thing I wanted to do was to completely over-promise on my ability, turn up and then not be able to do the job. I also told them that I was still going to continue studying and that I had other exams coming up".
In summary - if someone came to me and asked how to get an entry level cyber job, I would say...
• Study about the topics using CompTIA material and use platforms like TryHackMe and HackTheBox to see some of the methods used in action.
• Try and get a recognised certificate from CompTIA such as Security+, CySA+ or anything related to that (even if it’s just 1 cert).
• Don't skimp on providing enough detail on the job application, fill those answer boxes!
• A basic understanding about the various software/methods stated on the job description (I had things like IDS, IPS, SIEMS on the job description and they asked about what they stood for and what they do). Make a point of learning and understanding common industry acronyms.
• Aim for businesses that use competency-based style of interviewing (mainly public sector).
• Be completely honest about your experience and what you've been doing to date.
• Even if you have no 'real world' experience of using the various tools/software - it's okay to tell them that you've only used it in the labs environment and what you have learned from that.
• Draw on past experiences even if they are not cyber related for the competencies, it can still answer the questions. Soft skills are an equally important part of the job.
• Do your best to get your personality across during the interview. You can demonstrate your drive and work ethic by self-studying and highlight your desire to continue learning.
• Use LinkedIn to connect with contacts who already have the job title that you are looking to achieve. Connect with them and explain you are seeking to research a cyber career pathway.
Ask them through a private message how they succeeded in securing their role and what steps they took to enhance their job prospects. Check out their LinkedIn profile and look at the ways in which they have highlighted experience, certifications, and skills. You may have to knock on a few doors to achieve this, but the insights are invaluable. Many cyber security professionals are also willing to give back to the industry through mentorship and guidance and it’s worth trying to find these contacts. This way you will be speaking with fellow industry colleagues who have been through some of the same struggles you are having and are sympathetic to your approach.
UK Security Council Career Route map
Cyber Security Field Manual
By Cyber Security Training Courses
• cyber training courses