Resume Hack for Inexperienced Cybersecurity Professionals
By contributor Lyan Ware
For those trying to break into the cybersecurity job market, it can be very difficult when job listings are asking for a lot of previous work experience in the field. One way to give yourself an edge, after arming yourself with the proper training and certifications, is to volunteer your services to a small business or local organization. Not only will you be getting relevant hands-on experience, you’ll also be showing hiring managers that you’re passionate about developing yourself as a cyber security professional—that you’re willing to allocate your free time towards helping others while putting your recent education to use. Most small businesses don’t even have dedicated IT staff, nor the budget for one, so they’ll be especially grateful for gratis services.
Below are some suggestions on how to help a small business with their compliance, so that you can get some hands-on experience on your resume:
Conduct a cybersecurity risk assessment: Perform a risk assessment of the business’s network, systems, and applications to identify potential vulnerabilities and threats. Use nmap to conduct a vulnerability assessment on their open ports. However, be sure you have their express permission before doing so. You should also examine their network configurations, firewall settings, and access control policies to ensure that they are configured correctly.
Develop a cybersecurity policy: Collaborate closely with the business owner to develop a comprehensive cybersecurity policy that outlines security measures and protocols for employees to follow. The plan should include access control policies, password policies, and incident response procedures.
Educate employees: Offer to train the employees on cybersecurity best practices like routinely changing passwords, and how to create strong, unique passwords. Making sure that they enable two-factor authentication and update their software on a regular basis. You can also train them on how to spot a suspicious email and how to avoid phishing scams.
Implement security controls: Help them implement security controls, such as firewalls, intrusion detection and prevention systems, and antivirus software, as protection against threats.
Understand the laws and regulations: Familiarize yourself with the relevant cybersecurity laws and regulations that the business must comply with. For example, if the business handles payment card information, they must comply with the Payment Card Industry Data Security Standard (PCI DSS).
Document everything: Keep detailed records and logs of any assessments and training you provide. Make sure you keep records for both you and the business owner. Documentation makes up a large portion of what you do as a cyber security professional, so honing your writing skills is paramount in developing yourself. Keeping this documentation will serve as a way to measure your progress with the skills you obtained through your training. It also provides potential employers with verifiable proof of your abilities and what you can bring to their company.
There you have it! There’s no reason why you should wait for a company to take a chance on you in order to begin your work as a cyber security professional. Create your own opportunities and experience by volunteering your services in places that are small and overlooked. Not only will this fill in the gap for what you’re lacking in work experience, it will also showcase your drive and initiative to break into the industry.
Do I Need to Learn Coding to Get into Cybersecurity?
What Skills Transfer into IT and Cybersecurity?
Tips on Becoming a Better Interviewee
Leave a Reply
You must be logged in to post a comment.