Interested in starting a career in the cybersecurity consulting world? This article provides a brief introduction for young professionals diving headfirst into modern cybersecurity consulting.
Getting into cybersecurity can sometimes seem overwhelming. There is a plethora of technical topics to learn, and the technology is always evolving. The good news is there are plenty of ways to make the transition into cybersecurity consulting easier. Here are five tips from two of current cybersecurity team interns on starting your journey.
1. Learn Linux
Linux is used frequently in cybersecurity consulting, so exploring a Linux distribution and getting comfortable with the commands and system layout will be immensely beneficial. Having even just basic knowledge of common commands and tools can go a long way in grasping new topics and feeling more comfortable when starting out in the cyber field. The wide variety of free Linux distributions provides easy access to begin developing skills in this important area.
2. Gain Fundamental IT Knowledge
Starting with general IT experience before entering cybersecurity consulting can be a big advantage. Familiarity with IT infrastructure, software, basic concepts, and conventions can make understanding a client’s network and picking up on unusual configurations and behaviors much more natural. For example, Active Directory (AD) acts as the backbone of traditional corporate networks, so understanding the way AD is managed and used improves a consultant’s ability to test the system and advise a client.
3. Get Practice with Common Consulting Tools
It is not necessary to be an expert with every tool used in cybersecurity consulting, but having a little background on some different tools will ease your transition into the field. Virtual machines (VM) are used for many cybersecurity consulting activities, so knowing how to set them up and being comfortable with working simultaneously on a VM and the host computer makes the beginning of the job go more smoothly. While directions for what tools to use and how to run them may be provided, experience with common tools, like Nmap, Wireshark, or Burp Suite, increases efficiency and makes troubleshooting issues easier.
4. Use Your Resources
There is always more to learn and fortunately, a variety of resources exist to support knowledge transfer to up-and-coming cyber professionals. Certifications not only provide a way to gain knowledge and skills but also to prove core competencies. Courses and test prep books provide specific and practical information to ensure that certified individuals are knowledgeable and capable in the area of the certification. Educational programs are another great way to prepare for cybersecurity consulting. Degree programs are expanding and improving to provide students with more hands-on experience and give them the knowledge they need for the industry. Professional organizations, like ISACA, and community resources also provide learning opportunities through conferences and other networking events.
Less formally, there are many instructional books, YouTube channels, twitter feeds and websites, like LinkedIn Learning, to support learning new skills. Podcasts, email lists, and websites, like Ars Technica, can also be beneficial for staying in the loop on current cybersecurity topics. If you haven’t already, be sure to subscribe to our bi-weekly newsletter: Focus on Cybersecurity for the latest cyber tips and news!
5. Embrace Your Role
Especially in a new position, network with people and listen to their experience and advice. Introducing yourself to others and getting to know your teammates will create a more comfortable environment for working and learning. Your teammates are there to support you, so always ask questions about anything you need help with. The sooner your questions are answered, the faster you will settle into your new role.
Everyone should take their own path into the world of cybersecurity consulting, but in our experience, these five tips can go a long way in preparing someone for this exciting field.
The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments and a robust digital forensics and incident response team. For more information, visit www.schneiderdowns.com/cybersecurity or contact the team at [email protected].
You’ve heard our thoughts… We’d like to hear yours
The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at [email protected].
Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.