There is BIG demand for cyber security professionals. So much so, states like Virginia, are offering free grant money to meet demand. In order to become a cyber security professional, there are three ways to do that: complete certifications, earn a college degree or both!
- Begin with CompTIA’s Security+ . Read this book! This vender-neutral certification is entry-level and globally recognized for some 147+ countries. However, if you don’t know a thing about computer networks, go study material for the CompTIA Network+. Even if you don’t plan on taking the exam, it will help you in the long run. If you want to explore these fields without spending a penny, you will want to visit cybrary.it which Mr. Quinn himself helped sponser!There are many different certifications outside of CompTIA such as: ISACA, Cisco Systems, Juniper Networks, RSA, and Symantec. Make sure that you conduct your own search for the latest information on the certifications you most want to pursue as you should not stress in trying to acquire them all!
- Certifications do expire! The reason behind this is because technology changes and the need to adapt to those changes is critical in the security field. Therefore, you must complete continuing professional education (CPE) or continuing professional development (CPD) courses every year! If a certificate holder fails to earn the minimum number of credits, he or she may lose the certification. Make sure you note the CPE requirements for each certification you hold and keep track of the CPEs you earn.
- Find employment! College degree or not, you will need to find employment because the more advanced certifications (CySA+, CASP, PenTest+) require a minimum of 3-5 years of hands on experience before examination. *Caution* If you don’t plan on getting a college degree, you will have a rough road ahead if you seek more than entry-level positions. You will need to stand out among the crowed by racking up as many certifications relating to your field as possible! Not to mention a juicy resume to counter any younger, inexperienced college kid applying for the same position.
- Pick a regionally accredited college (list here). Our top picks are University of Maryland and Old Dominion University. Nothing wrong with two year degrees (A.S. or A.A.S), but the bachelor’s degree is often a requirement for any information/cyber security position other than entry-level positions. *Caution* Colleges like ECPI, ITT Tech, Strayer University, etc. are nationally accredited which means three things: They are over priced, for profit institutions, and any college credits earned will not transfer to regionally accredited colleges. So, if you plan on getting a masters or doctorate later down the road, you will have limited options.
- Decide if continuing on for your Masters or PhD is right for you. Master’s programs are generally very specific to a field of study and generally takes two years to complete. Master’s of science (MS, MSc, and MScIT) degree will prepare you in detail how the IT infrastructure operates and how to design and implement proper security controls. Where as a master of business administration degree (MBA), will prepare you to manage and maintain the people and environment of information security.
The highest level is the doctorate degree. Available doctoral degrees in the areas of information security include the doctor of science (DSc), doctor of information technology (DIT), doctor of technology (DTech), and the widely recognized, doctor of philosophy (PhD).
- Find employment! College degree or not, most businesses require a minimum of three years of experience in the field. An advantage for college students is that most colleges have contracts with local businesses/governments that accept internships. Therefore, finding experience wont be difficult.
Certifications & College Route:
You will be a double threat if you are going to college while completing certifications. It is the most expensive route to take in terms of time and money, but most rewarding. Not only will you prove to your employer that you are “book smart” by having general understanding of the big picture, but you have proven your skill set readiness by obtaining certifications along the way. Finding work should not be a problem, even for those that have a spotty work history.
Wait… What about military courses? For those in the military looking to get in the cyber defense field, you will need to do research on your own. We are not being mean, it is that the military has very unique courses that apply to certain branches of the military. These courses also change in name and number frequently. Therefore, by the time you read our list, it will likely be inaccurate. However, a good place to start looking is the Defense Information Systems Agency (DISA) website. Good luck and thank you for your service!
*PRO TIP*: Once you are out in the real world, you MUST know Unix/Linux! Many colleges even with cyber security courses fail to teach Linux which will hinder your chances of securing internships/jobs. There is a reason why 90% of the world servers run on linux. Go learn it!
Also, if you are just starting out programing but are unsure what programing language to learn first, learn python! It is easy to learn and used by many government agencies.