The million dollar question people always ask: how do I get a job in cyber? Unfortunately, the industry is not yet mature with established paths to entry or career growth like other professions, so your entry may still be by accident or brute force. It could also happen via a job title that does not seem security related. Let me tell you why.

I sat on a Women in Security Panel a few years ago and was surprised to discover that most of the women in the audience and on the panel fell into their roles by inadvertently or deliberately creating their own opportunities. Some of the stories included people who:

• Did work that most technical people hate: DOCUMENTATION.
• Helped their company pass an audit.
• Produced an SSL Labs report showing a failing website security grade.
• Taught themselves the new security product their company purchased.
• Were system administrators.
• Stumbled upon holes or weaknesses in their company’s systems.
• Presented research at conferences or local ISSA chapter meetings.
• Asked for cyber related project work.
• Published articles about domains of interest.
• Saved the network guy from drowning.

If you are trying to break into cyber as a graduate or transitioning from another career, your strategy should include uncovering hidden job opportunities. You may have to pivot into the field in an unconventional way.

Also consider this: depending on the company, their descriptions do not have cyber OR security in the job title because HR is often misinformed about what the role is actually about.

Some people are also under the impression that security is all about hacking. I assure you, it is not. BUT, you can hack your way into the industry.

Here are 80 back doors into cyber careers to help you expand your search:

1. Miracle Worker
2. IT Specialist
3. IT Advisor
4. Network Advisor
5. Fortune Teller
6. Architect
7. System Administrator
8. Systems Analyst
9. IT Analyst
10. Magician
11. IT Administrator
12. IT Coordinator
13. IT Manager
14. Systems Manager
15. Spin Doctor
16. Network Specialist
17. Network Operator
18. Network Engineer
19. Network Administrator
20. Fall Guy
21. Professional Services Consultant
22. Product Specialist
23. Product Manager
24. System Specialist
25. Psychologist
26. Administrator
27. Analyst
28. Sales Engineer
29. Computer Operator
30. Warm Body
31. IT Consultant
32. Consultant
33. Operations Lead
34. Operations Specialist
35. Guinea Pig
36. Operations Analyst
37. Vulnerability Management
38. Vulnerability Analyst
39. Vulnerability Specialist
40. Functional Alcoholic
41. Incident Specialist
42. Incident Responder
43. Incident Analyst
44. Systems Engineer
45. Security Guy
46. Malware analyst
47. Reverse engineer
48. Intelligence officer
49. Threat analyst
50. The Corner Cubicle
51. Compliance analyst
52. Compliance administrator
53. Compliance specialist
54. IT Compliance analyst
55. IT Auditor
56. Audit specialist
57. Control specialist
58. Identity and access management specialist
59. Policy Analyst
60. SOC analyst
61. SOC engineer
62. Application specialist
63. Cloud specialist
64. Application engineer
65. Application Support
66. Cloud engineer
67. Cloud architect
68. Server administrator
69. PEN tester
70. Infrastructure lead
71. Infrastructure specialist
72. Infrastructure engineer
73. Infrastructure administrator
74. Continuity Specialist
75. Systems investigator
76. Program Manager
77. Project Manager
78. Forensics analyst
79. Forensics investigator
80. Technical Account Manager

While some of these are obviously just for humor (although you could actually end up really playing those roles), the fact still remains that your job search may need to be expanded to include the real titles that are not comedy relief.

Depending on your interest, you could be overlooking the role you want because an HR person has it mislabeled.

Or they still use standard titles from the 1980s because that’s what they’ve always done.

You also may need to step out of your comfort zone and put yourself in positions where people want to talk to you. I’ll discuss ways to do that in a future post.

JOB ALERT! 

Speaking of jobs, one of my contacts is trying to recruit a Security Engineer for a major international airline in Atlanta. Here is the job description:

Qualifications:

• 2 plus years of cyber security engineering experience preferred
• 5 plus years of IT experience preferred
• Bachelor’s Degree preferred
• ITIL preferred
• Experience with Bit9, Cylance, FireEye HX, SEP, Tripwire, BitLocker, MegaCryption, Bit9, TuFin, Tokens, and PKI Operations preferred

Responsibilities: This job requisition is for a “Domestic” position in ATL. Function as a member of the CyberThreat Unit’s (CTU) Engineering (E) function Responsible for operating EndPoint security technologies

• Shares responsibility for maintaining CTU Eng SOPs
• Accountable for managing Encryption, FIM, Firewall Rule Management, and MFA Technologies.
• Responsible for engineering and executing BitLocker, MegaCryption, Bit9, Tripwire, TuFin, Tokens, and PKI Operations
• Shares responsibility for audit support and CTU E SOPs

If interested, please send your cover letter and resume to David McCollum at  [email protected].

Oh and tell him where you found this role.

Have you signed up to receive blog updates?

If you found value in this post, please consider sharing!