computer repair bench under a lamp

How to Hack into Cybersecurity with No Experience

The tech world is hurting for skilled cybersecurity professionals, and there is only going to be more demand in the future. ESG does a State of IT survey annually. In 2014, 25% of IT professionals had a shortage of skills for the cybersecurity sector, while in 2018 51% of companies said they needed more staff with cybersecurity skills. These numbers will only continue to grow until we have filled the need for cybersecurity professionals. With so many positions open, why haven’t they been filled yet? Plenty of people looking for work, right?

Get a job from always sunny

All of these positions are for SKILLED professionals, meaning a company is looking for someone they know can do the job. With a cyber attack happening approximately every 39 seconds, and a successful data breach costing a company on average $3.6 million dollars, companies aren’t willing to risk their security on a person that claims to know what they are doing, but have no proof. So how do you hack into cybersecurity without experience?

when employers want you to have 10 years of work experience before the age of 22

Wondering if you are the right person for cybersecurity? READ: Is Cybersecurity Right for Me?

How can I prove myself?

First, you have to gain the skills to become a skilled cybersecurity professional. You don’t need a degree to show you have the knowledge. In fact, several reports have come out saying that employers care more about experience and certifications than any degree.

“Most respondents believe that experience, hacking competitions, and professional certifications are better ways to acquire cybersecurity skills than is earning a degree.” – McAfee Study

Entry level job requirements

The first thing to do is determine where you are starting from. The bare minimum to get into cybersecurity is the CompTIA Security+ certification. There are a few steps before that depending on your experience, so read below to see what the best path is for you. Or, feel free to reach out to one of our career advisors through the forms on our website.

Wondering what the best certifications are for cybersecurity? READ: Top 10 Best Cybersecurity Certifications

Getting experience before having experience

So you're telling me I have to get experience before I get experience?

Yes, that seems counterintuitive. However, there are several ways to hack into cybersecurity without experience. One of the best ways is to get free experience by giving free services.

Volunteer at a local non-profit of your choice

This is a great way to combine your passion for helping people with bettering your career and gaining experience. Think about what you are good at: is it pups? Nature conservation? Disabled children? Whatever you are passionate about, find a local nonprofit in your area and ask if they need any IT work done.

(Trick question: they all do) No matter where you look, nonprofits are running on technological fumes. The printer is from the 80s, the computer is running Windows XP, and the cables are almost assuredly a tangled mess. This is your chance to make a difference.

Ron Swanson throwing away a computer

Make sure to have the conversation with them before about getting a reference for your job hunt. That way, they get free technical assistance and you get free experience, all while making the world a better place in whatever area you care about.

Join a Professional Organization

Lots of cybersecurity certifications have communities you can become involved with. Most of the time it is students helping other students with questions, but a lot of it includes networking. Find out what organization has an active chapter near you and check out a meeting, and hack into cybersecurity without experience! Here are some you can check out:

AISP – Association of Information Security Professionals

CompTIA Information Sharing and Analysis Organization (ISAO)

CSIA – Cyber, Space & Intelligence Association

IAPP – International Association of Privacy Professionals

ISACA – Information Systems Audit and Control Association

ISC2 – International Information Systems Security Certification Consortium

WiCyS – Women In Cybersecurity

Through these, you can find opportunities to network with people of your skill level, find a mentor that has been through what you want to do, and just connect with like-minded people. They also host events to showcase your skills.

flaming businessman shaking hands after an interview

Go to a Bug Hunt or CTF (Capture the Flag)

Conferences are great for networking and increasing your knowledge, but nothing shows off your skills more than going to a cybersecurity competition like a Bug Hunt or CTF (capture the flag) 

Bug hunts and bug bounties are ways to practice your hacking/testing skills on your own and make some money on the side. Basically, you can earn money for each vulnerability you turn in to the company sponsoring it. Its a way companies are crowdsourcing their security and incentivizing results, and also a great way to earn up to $3000 per vulnerability found. (www.bugcrowd.com/bug-bounty-list/)

Dale punching a bug from king of the hill

Capture the Flag is a game that was invented for cybersecurity challenges. 2 teams face off and can either attack or defend a network. Teams get points for finding or fixing vulnerabilities before the other one. There are a few different versions, but having CTF experience is a great way to learn what you are doing and show off to your future employers.

Classic Networking

Beef up your LinkedIn! Everyone says to do it because it is THE place to go for networking in any profession. Ignore the social media aspect if you want to, but definitely start following organizations and people that are respected in your field.

Ways to make your Linked In POP!

Use a Professional Photo

Seems self explanatory, but you would be surprised at the number of up-angle selfies found on LI

Make a distinctive Headline

Say something that pops! Using 3 words that describe what you bring to the table is a good way to give a recruiter the TL;DR (Bug Hunter – Solution Creator – Fixer)

Tell your story in the Summary section

This is where you make yourself stand out. Tell your personal story (not a sob story, a story of overcoming barriers and improving yourself) Think Rocky Balboa, recruiters love Rocky 

rocky balboa doing 1 handed pushups

After that, start making connections with people in your field. Use LinkedIn to engage with folks, stay in front of important industry experts that are active, and don’t be afraid to tag anyone and everyone in a nice comment. Posting is important to build a following, but don’t feel like you need to rush into becoming an influencer just yet. Reach out to your network with questions, ask for advice and recommendations, and eventually use it to ask for an interview.

Winning the interview

The first thing you need to do is buff up your resume. No matter where you are coming from, having a solid and well refined resume makes a recruiter take you seriously. Get it all on one page, and make it relevant to what you are looking for. There are great free templates on Google docs. 

Do you have trouble making a resume look good? Just hire someone. Getting the job is a great reason to support a liberal arts major from your community college, and it will look 1000x better than if you did it. 

The Parable of 2 Inexperienced Jobseekers 

Two young cybersecurity candidates came from the same company and same background in Helpdesk support. They both have the same experience level and have achieved a Security+ certification. Both apply for the same job as a Network Security Administrator.

Bob and Marie are identical on paper. However, as people they are very different. Bob is doing this just for the money.  He started in helpdesk because he had some experience with computers before and could google what he didn’t know. He heard someone tell him about the money and career opportunities, so he decided to just do the bare minimum so he could coast by.

Marie is a gamer and has always been intrigued with how computers work. She built her own PC and loves learning why computers work. She has always wanted to learn how to code, but only picked up the basics and never took a course for it. She loves puzzles and making things work, and enjoys figuring out why something went wrong.

From the start, these candidates are coming with different mentalities. Marie is coming from a place of passion and enthusiasm, while Bob is just trying to find his next paycheck. Both have the same skill level, since they both passed the certification exam, but that only goes so far in the employment process. Employers want someone who will actually care about doing a good job.

what if I told you that Just because a person has no experience doesn't mean they aren't qualified for the job

Thankfully, recruiters are looking for that in their prospecting. They want to see how a person takes their passion and puts it into practice. In cybersecurity, there are a lot of great ways to achieve that.

Marie went to a networking event through CompTIA after she completed her certification. She put in an extra hour of work to make sure she understood how it worked, not just to get through the next module. She got a mentor in cybersecurity that she can go to for questions, and started building her LinkedIn network. She got some help with her resume, and went into the interview prepared.

Bob did the bare minimum and got the same achievements, but without the passion and the network, an employer is likely to choose someone else. Someone they know will give it their all and continue to improve and learn.

Be a Marie. Win that interview, win that job, and show recruiters that you have what it takes to hack into cybersecurity without experience.