What do you think?
Rate this book
Cybersecurity Career Guide
Kickstart a career in cybersecurity by adapting your existing technical and non-technical skills. Author Alyssa Miller has spent fifteen years in cybersecurity leadership and talent development, and shares her unique perspective in this revealing industry guide.
In Cybersecurity Career Guide you will
Self-analysis exercises to find your unique capabilities and help you excel in cybersecurity
How to adapt your existing skills to fit a cybersecurity role
Succeed at job searches, applications, and interviews to receive valuable offers
Ways to leverage professional networking and mentoring for success and career growth
Building a personal brand and strategy to stand out from other applicants
Overcoming imposter syndrome and other personal roadblocks
Cybersecurity Career Guide unlocks your pathway to becoming a great security practitioner. You’ll learn how to reliably enter the security field and quickly grow into your new career, following clear, practical advice that’s based on research and interviews with hundreds of hiring managers. Practical self-analysis exercises identify gaps in your resume, what makes you valuable to an employer, and what you want out of your career in cyber. You’ll assess the benefits of all major professional qualifications, and get practical advice on relationship building with mentors.
Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.
About the technology
Do you want a rewarding job in cybersecurity? Start here! This book highlights the full range of exciting security careers and shows you exactly how to find the role that’s perfect for you. You’ll go through all the steps—from building the right skills to acing the interview. Author and infosec expert Alyssa Miller shares insights from fifteen years in cybersecurity that will help you begin your new career with confidence.
About the book
Cybersecurity Career Guide shows you how to turn your existing technical skills into an awesome career in information security. In this practical guide, you’ll explore popular cybersecurity jobs, from penetration testing to running a Security Operations Center. Actionable advice, self-analysis exercises, and concrete techniques for building skills in your chosen career path ensure you’re always taking concrete steps towards getting hired.
What's inside
Succeed at job searches, applications, and interviews
Building your professional networking and finding mentors
Developing your personal brand
Overcoming imposter syndrome and other roadblocks
About the reader
For readers with general technical skills who want a job in cybersecurity.
About the author
Alyssa Miller has fifteen years of experience in the cybersecurity industry, including penetration testing, executive leadership, and talent development.
Table of Contents
PART 1 EXPLORING CYBERSECURITY CAREERS
1 This thing we call cybersecurity
2 The cybersecurity career landscape
3 Help wanted, skills in a hot market
PART 2 PREPARING FOR AND MASTERING YOUR JOB SEARCH
4 Taking the less traveled path
5 Addressing your capabilities gap
6 Resumes, applications, and interviews
PART 3 BUILDING FOR LONG-TERM SUCCESS
7 The power of networking and mentorship
8 The threat of impostor syndrome
9 Achieving success
In Cybersecurity Career Guide you will
Self-analysis exercises to find your unique capabilities and help you excel in cybersecurity
How to adapt your existing skills to fit a cybersecurity role
Succeed at job searches, applications, and interviews to receive valuable offers
Ways to leverage professional networking and mentoring for success and career growth
Building a personal brand and strategy to stand out from other applicants
Overcoming imposter syndrome and other personal roadblocks
Cybersecurity Career Guide unlocks your pathway to becoming a great security practitioner. You’ll learn how to reliably enter the security field and quickly grow into your new career, following clear, practical advice that’s based on research and interviews with hundreds of hiring managers. Practical self-analysis exercises identify gaps in your resume, what makes you valuable to an employer, and what you want out of your career in cyber. You’ll assess the benefits of all major professional qualifications, and get practical advice on relationship building with mentors.
Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.
About the technology
Do you want a rewarding job in cybersecurity? Start here! This book highlights the full range of exciting security careers and shows you exactly how to find the role that’s perfect for you. You’ll go through all the steps—from building the right skills to acing the interview. Author and infosec expert Alyssa Miller shares insights from fifteen years in cybersecurity that will help you begin your new career with confidence.
About the book
Cybersecurity Career Guide shows you how to turn your existing technical skills into an awesome career in information security. In this practical guide, you’ll explore popular cybersecurity jobs, from penetration testing to running a Security Operations Center. Actionable advice, self-analysis exercises, and concrete techniques for building skills in your chosen career path ensure you’re always taking concrete steps towards getting hired.
What's inside
Succeed at job searches, applications, and interviews
Building your professional networking and finding mentors
Developing your personal brand
Overcoming imposter syndrome and other roadblocks
About the reader
For readers with general technical skills who want a job in cybersecurity.
About the author
Alyssa Miller has fifteen years of experience in the cybersecurity industry, including penetration testing, executive leadership, and talent development.
Table of Contents
PART 1 EXPLORING CYBERSECURITY CAREERS
1 This thing we call cybersecurity
2 The cybersecurity career landscape
3 Help wanted, skills in a hot market
PART 2 PREPARING FOR AND MASTERING YOUR JOB SEARCH
4 Taking the less traveled path
5 Addressing your capabilities gap
6 Resumes, applications, and interviews
PART 3 BUILDING FOR LONG-TERM SUCCESS
7 The power of networking and mentorship
8 The threat of impostor syndrome
9 Achieving success
200 pages, Paperback
Published July 5, 2022
13 people are currently reading
51 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 4 of 4 reviews
July 11, 2022
A useful guide to InfoSec careers. Covers career options (InfoSec disciplines), skills, breaking into the industry, certifications, degrees, gaining experience, conferences, meetups, job searching, interviews, networking, mentorship, and progressing. So it covers a wide range of topics, but not as deeply as I'd like. Includes helpful exercises to identify and rate your capabilities.
Notes
This thing we call cybersecurity
Cybersecurity is an extension of information security. Information security began in 1961, when MIT researchers created first password-protected system, Compatible Time-Sharing System (CTSS). Information security is practice of protecting information and electronic systems that process it from unauthorized access. Cybersecurity began in 1988 with creation of CERT. Cybersecurity is domain of research, technologies, and practices used to protect connected technology systems, data, and people from attack, unauthorized use, and/or damage.
Help wanted, skills in a hot market
Job search duration
• 0-2 months: 32.9% of entry-level, 46.5% of experienced
• 3-6 months: 34.5% of entry-level, 30.2% of experienced
• 7-12 months: 15.9% of entry-level, 7.0% of experienced
• >12 months: 16.7% of entry-level, 16.3% of experienced
Having a degree, whether that degree is in computer science or IT, whether person has security certifications, and whether person has mentor all make little difference to job search duration, according to the author's 2020 survey.
Taking the less traveled path
Identify what makes you stand out
1. Imagine you need to give your autobiography. List 10-15 things people should know about you.
2. Turn that into one paragraph of up to 200 words
3. List 3 things you wish you had more room to describe.
4. Pick the 1 thing that most stands out. If it's unique and fits you, choose it. If not, choose another.
Include the thing that makes you stand out in your social media profiles, cover letter, maybe objective statement in résumé.
Write objective statement
1. Describe the main idea in your personal brand as briefly as possible.
2. Choose 1-2 top passions from your list that you want to highlight.
3. Write statement as "I am …" (e.g., "I am a life-long hacker who since buying my first computer at age 12 has always had a passion for deconstructing technology to understand it and improve upon it.")
4. Get feedback. Does it make them curious to know more about you?
Include 1-2 sentence personal objective statement at top of résumé.
Capabilities
• Knowledge: understanding of concept.
• Skills: ability to apply knowledge to task or situation.
• Experience: demonstrated history of using skill.
Identify core skills
1. From list of your technical capabilities, take all non-security-focused capabilities that you're experienced in and put them in a new list.
2. For each capability, reword description, replacing any terminology that would identify the job or industry; generalize it so it can be applied universally.
3. Break capabilities into singular skills.
4. Deduplicate singular skills.
5. See if each skill could apply to 2-3 careers from multiple other fields. If not, reword to be job-neutral.
Capabilities inventory
1. Take only security-related capabilities from your capabilities list.
2. For each capability you rate as experienced, write number of years of experience.
3. For each capability you rate as skilled, write your proficiency (beginner, advanced, comprehensive, expert).
4. For each capability you rate as knowledgeable, write your familiarity (beginner, advanced, comprehensive, expert).
5. For each core skill, write number of years of experience.
6. Rank core skills from greatest to least proficiency.
7. Rate soft skills by how commonly you received feedback (rare, common, often).
Capabilities gap
1. Collect 10-15 job descriptions that you'd want to apply for.
2. From job descriptions, create list of requirements. Count number of times you each requirement appears.
3. When descriptions require number of years of experience in something, calculate average number of years across all appearances of that requirement.
4. Select 5 most common requirements.
5. Repeat for preferred (non-required) qualifications. List, count number of appearances, select 5 most common.
6. Compare list of 5 required and 5 preferred to your capabilities inventory.
7. Compare those with your technical capabilities, looking for matches in capabilities and years of experience. Label as "complete match or "need experience."
8. Take any top 5 required and preferred that you didn't match to a technical capability and compare them to your core skills. List those and label as core skills matches.
9. For any requirements that aren't on your list, see if they're soft skills. List those and mark as soft skill matches.
10. Add to your list any remaining requirements or preferred qualifications that didn't match any of your capabilities, and label them as "not matched."
Addressing your capabilities gap
For entry-level, 1-2 certifications are enough to meet job posting requirements.
Conferences
• RSA Conference
• Black Hat
• InfoSec World
• DEF CON
• BSides
• ShmooCon
• THOTCON
• Layer 8 Conference
• OWASP Global AppSec Conference
Local meetups
• Cloud Security Alliance (CSA)
• DEF CON Groups
• Information Systems Security Association (ISSA)
• InfraGard
• International Association for Healthcare Security and Safety (IAHSS)
• ISACA
• (ISC)2
• Open Web Application Security Project (OWASP)
• Women in Cybersecurity (WiCyS)
• Women of Security (WoSEC)
Resumes, applications, and interviews
Give your elevator pitch in 1-2 minutes. If any of the things you described aren't in your résumé, consider adding them. If anything in your résumé wasn't in your pitch, consider removing it.
List key terms included in job listing and note their frequency. Add those keywords and their variations to the copy of your résumé you'll use for this listing.
At end of interview, ask about next steps, if they haven't already been explained. That will help you know when to follow up.
As soon as you're scheduled for a technical interview, ask recruiter if they can share suggestions for how to prepare, or tell kinds of questions you should expect.
Questions for potential future teammates
• What's the manager like?
• What is day-in-the-life like?
• How does the team work together?
• How does manager interact with team?
• What challenges or frustrations do you experience?
If you don't know an answer, don't fake it. Say that you're not sure, then explain how you'd figure out the answer.
It's acceptable to consider an offer for 1-2 biz days.
The power of networking and mentorship
Follow well-known people on social media and pay attention to the people who comment on and share their posts. Consider following and interacting with those people to grow your network.
Look for mentor at https://cybermentordojo.com or #CyberMentorMonday on Twitter.
Notes
This thing we call cybersecurity
Cybersecurity is an extension of information security. Information security began in 1961, when MIT researchers created first password-protected system, Compatible Time-Sharing System (CTSS). Information security is practice of protecting information and electronic systems that process it from unauthorized access. Cybersecurity began in 1988 with creation of CERT. Cybersecurity is domain of research, technologies, and practices used to protect connected technology systems, data, and people from attack, unauthorized use, and/or damage.
Help wanted, skills in a hot market
Job search duration
• 0-2 months: 32.9% of entry-level, 46.5% of experienced
• 3-6 months: 34.5% of entry-level, 30.2% of experienced
• 7-12 months: 15.9% of entry-level, 7.0% of experienced
• >12 months: 16.7% of entry-level, 16.3% of experienced
Having a degree, whether that degree is in computer science or IT, whether person has security certifications, and whether person has mentor all make little difference to job search duration, according to the author's 2020 survey.
Taking the less traveled path
Identify what makes you stand out
1. Imagine you need to give your autobiography. List 10-15 things people should know about you.
2. Turn that into one paragraph of up to 200 words
3. List 3 things you wish you had more room to describe.
4. Pick the 1 thing that most stands out. If it's unique and fits you, choose it. If not, choose another.
Include the thing that makes you stand out in your social media profiles, cover letter, maybe objective statement in résumé.
Write objective statement
1. Describe the main idea in your personal brand as briefly as possible.
2. Choose 1-2 top passions from your list that you want to highlight.
3. Write statement as "I am …" (e.g., "I am a life-long hacker who since buying my first computer at age 12 has always had a passion for deconstructing technology to understand it and improve upon it.")
4. Get feedback. Does it make them curious to know more about you?
Include 1-2 sentence personal objective statement at top of résumé.
Capabilities
• Knowledge: understanding of concept.
• Skills: ability to apply knowledge to task or situation.
• Experience: demonstrated history of using skill.
Identify core skills
1. From list of your technical capabilities, take all non-security-focused capabilities that you're experienced in and put them in a new list.
2. For each capability, reword description, replacing any terminology that would identify the job or industry; generalize it so it can be applied universally.
3. Break capabilities into singular skills.
4. Deduplicate singular skills.
5. See if each skill could apply to 2-3 careers from multiple other fields. If not, reword to be job-neutral.
Capabilities inventory
1. Take only security-related capabilities from your capabilities list.
2. For each capability you rate as experienced, write number of years of experience.
3. For each capability you rate as skilled, write your proficiency (beginner, advanced, comprehensive, expert).
4. For each capability you rate as knowledgeable, write your familiarity (beginner, advanced, comprehensive, expert).
5. For each core skill, write number of years of experience.
6. Rank core skills from greatest to least proficiency.
7. Rate soft skills by how commonly you received feedback (rare, common, often).
Capabilities gap
1. Collect 10-15 job descriptions that you'd want to apply for.
2. From job descriptions, create list of requirements. Count number of times you each requirement appears.
3. When descriptions require number of years of experience in something, calculate average number of years across all appearances of that requirement.
4. Select 5 most common requirements.
5. Repeat for preferred (non-required) qualifications. List, count number of appearances, select 5 most common.
6. Compare list of 5 required and 5 preferred to your capabilities inventory.
7. Compare those with your technical capabilities, looking for matches in capabilities and years of experience. Label as "complete match or "need experience."
8. Take any top 5 required and preferred that you didn't match to a technical capability and compare them to your core skills. List those and label as core skills matches.
9. For any requirements that aren't on your list, see if they're soft skills. List those and mark as soft skill matches.
10. Add to your list any remaining requirements or preferred qualifications that didn't match any of your capabilities, and label them as "not matched."
Addressing your capabilities gap
For entry-level, 1-2 certifications are enough to meet job posting requirements.
Conferences
• RSA Conference
• Black Hat
• InfoSec World
• DEF CON
• BSides
• ShmooCon
• THOTCON
• Layer 8 Conference
• OWASP Global AppSec Conference
Local meetups
• Cloud Security Alliance (CSA)
• DEF CON Groups
• Information Systems Security Association (ISSA)
• InfraGard
• International Association for Healthcare Security and Safety (IAHSS)
• ISACA
• (ISC)2
• Open Web Application Security Project (OWASP)
• Women in Cybersecurity (WiCyS)
• Women of Security (WoSEC)
Resumes, applications, and interviews
Give your elevator pitch in 1-2 minutes. If any of the things you described aren't in your résumé, consider adding them. If anything in your résumé wasn't in your pitch, consider removing it.
List key terms included in job listing and note their frequency. Add those keywords and their variations to the copy of your résumé you'll use for this listing.
At end of interview, ask about next steps, if they haven't already been explained. That will help you know when to follow up.
As soon as you're scheduled for a technical interview, ask recruiter if they can share suggestions for how to prepare, or tell kinds of questions you should expect.
Questions for potential future teammates
• What's the manager like?
• What is day-in-the-life like?
• How does the team work together?
• How does manager interact with team?
• What challenges or frustrations do you experience?
If you don't know an answer, don't fake it. Say that you're not sure, then explain how you'd figure out the answer.
It's acceptable to consider an offer for 1-2 biz days.
The power of networking and mentorship
Follow well-known people on social media and pay attention to the people who comment on and share their posts. Consider following and interacting with those people to grow your network.
Look for mentor at https://cybermentordojo.com or #CyberMentorMonday on Twitter.
November 5, 2022
Very valuable “coaching” book on how to approach a career in cybersecurity. But although the title suggests that this book is focused on cybersecurity, I think that much of the learnings can be extrapolated to the larger IT industry. There is a lot of valuable information in these pages, for novice and experienced alike.
I read it more as a “paper mentor”, to get more perspectives on growing myself and my career. What I found was a true gem, one which I undoubtedly will revisit later on. Not all chapters really resonated with me, but especially the final chapters were really valuable, as they are more long term focused. I especially liked the extensive breakdown on the Imposter Syndrome, a few passages really stayed with me.
Highly recommended!
I read it more as a “paper mentor”, to get more perspectives on growing myself and my career. What I found was a true gem, one which I undoubtedly will revisit later on. Not all chapters really resonated with me, but especially the final chapters were really valuable, as they are more long term focused. I especially liked the extensive breakdown on the Imposter Syndrome, a few passages really stayed with me.
Highly recommended!
October 2, 2022
The Cybersecurity Career Guidehas been on my reading list since Alyssa announced its release. I cannot overstate how this book is filled with so much valuable information that provides both direction and insight for those developing a career in Cybersecurity. This is the kind of book I wish I had when I was just starting in my own career. The beauty of Miller's book is her ability to provide guidance for people in all different stages of their career. While I am further along in my career than someone just starting, I still found many gold nuggets of info among many sections such as mentorship, or the daunting imposter syndrome. This book will come highly recommended from me. I'm grateful that this book will be around to use as a guide for those entering into the wild and exciting world of CyberSecurity!
Read
August 18, 2024It is a bit of a boring book as it describes everything about Cybersecurity in detail, which is behind the scope of this book, which is Cybersecurity as a career. It exceeds the scope from my point of view.
Displaying 1 - 4 of 4 reviews