This is an invite-only program for positive members of r/cybersecurity, r/SecurityCareerAdvice, etc. to create an article detailing how they broke in to security, where they are now, and what people should know about the field. We would want those hosted on your blog, in a GitHub gist, or whatever works best for you - and we will provide a link to those plus a short bio about you in a handful of situations.
This is inspired by: https://lethain.com/my-career-story/ as a possible solution to our need to express that people take many winding paths into security, because a lot of people are looking for the "one true way," and there truly isn't one. These should be detailed and broad, perhaps a bit rambly, to try to give readers context about your experience and the cybersecurity field as a whole.
My hope with these is that we can build a library of different parts of cybersecurity and show peoples' experiences in a more comprehensive and complete way, then allow readers to draw their own conclusions.
We're going to try to favor people who recently or semi-recently broke into the cybersecurity field instead of big-name security celebrities or now-director-level folks. Their experience is welcome of course, but the focus should be on what the 'contemporary' experience breaking in to cybersecurity is (and if this elevates generous community members with smaller platforms, even better).
Outside of the obvious benefit of "we'll put links for your page in a moderate-viewership area," we may also be able to post these in a "feature of the week" in the Mentorship Monday thread or similar. This will take several hours at least to write out, and we want to ensure your efforts are rewarded, on top of the self-promotion you can do on your own.
This repository is CC BY-NC-SA 4.0 licensed, so external parties (such as other subreddits, etc.) can publish/modify/adapt/etc. the contents of this repository - typically to help explain the variations in the cybersecurity field. Contributor works that are linked to by this repository are not expected to be licensed in any way.
- Submit an issue (example) containing:
- A short, beginner-friendly summary about your first role, a minimum of 3 sentences, and no more than 5-7
- A link to your blog post
- A one-liner about where you are now - so if you started in a SOC but later became [x], it helps people to know [x] as well
The blog post should roughly fit the questionnaire, but please add or subtract content as you see fit for flow or to cover important things that newcomers should know. If there's anything outside of this list you think all respondants should answer, please open an issue, and we'll add it (people who have already written their article won't be expected to add it though).
About your first job:
- What was your first job in cybersecurity? When was that, and what were your responsibilities?
- Be sure to explain how your role fits into the broader security field, ex. DevSecOps puts security into the software development lifecycle, which tightly integrates security and software development efforts, etc. This may not be obvious to outsiders.
- Can you discuss some specific tasks you did, or goals you contributed towards?
- What were the most important technical skills that allowed you to succeed in that role?
- What were the most important attributes and personality traits that allowed you to succeed in that role?
- What did you like about that job? Is there anything you didn’t like?
About how you broke in:
- What degrees, certifications, bootcamps, or field experience did you have at that time?
- If you have a tech or tech-adjacent degree: Were there other degrees you were considering at the time? Why did you choose the degree(s) you did?
- If you have a non-tech degree: How has your degree contributed to your career in cybersecurity?
- If you have certifications: What certifications were most impactful for advancing your knowledge or job hunt while breaking in?
- If you have bootcamp experience: [still thinking about this one]
- If you have prior experience: How did your field experience help you at the start of yout career in cybersecurity?
- Out of degrees, certifications, bootcamps, and field experience: what mattered the most for obtaining your role?
- Would you recommend the path you took to get into cybersecurity? Are there cases where you wouldn't recommend it?
Giving advice:
- What are the top three things you think people considering cybersecurity careers should know about the field?
- If coding was a big part of your role: What coding languages would you recommend people learn to be best-prepared for [your first role]?
- What are some projects you'd recommend for people trying to figure out if [your first role] could be right for them?
- What do you think readers should take away from this series?
About the author:
- Free space. Talk about the cool stuff you do now, all the ways people can find or follow you for research articles or hot memes. Don't be afraid to toot your own horn a bit. This is a long questionnaire if completed in depth and we - maintainers and readers alike - appreciate that you've taken the time to do this.