To open the door to a lucrative career in cybersecurity, the consensus is you’ll need some form of a degree. Beyond that, the routes to various roles vary widely. Three cybersecurity experts in particular have forged very different career paths. Lesley Carhart leads the security incident response team at Motorola Solutions; Daniel Miessler is the client advisory services director at IOActive; and Julian Waits is the CEO of SAIFE, Inc. Let’s take a look at how they each got there – and the words of wisdom they can offer you.
After an early start in coding, thanks to her father’s home computer, Lesley developed her skills with a nearby firm as she progressed through high school. Once the dot-com bubble burst, a degree in network technologies and a career in the U.S. Air Force beckoned, and with it the opportunity to get “hands on with electronics,” as she described it in an interview with Tripwire.com.
With a strong background in tactical communications and networking, Lesley now heads up a security incident response team at Motorola Solutions that deals with many forms of digital compromise. It’s a role that allows her to focus on digital forensics in combating vulnerabilities that could affect customers.
Lesley Carhart’s tips on starting your cybersecurity career: Creativity and diversity are a key part of dealing with unpredictable intrusions. As she told Tripwire, “The more backgrounds, hobbies, previous careers and methodologies we can bring into our field, the better we will be at responding to complex problems in an innovative way.”
Other pointers include speaking at information security events and networking as much as possible. Many hiring managers will keep an eye on cybersecurity communities, so playing an active part will help get your name recognized.
A cybersecurity expert who started out in the military, Miessler has a hugely varied resume in the information security sector. Working his way from web developer through a number of information security analyst and architect roles, he now directs client advisory services at cybersecurity consultancy IOActive.
There, Miessler launched a security program assessment framework using an adversary-based approach to risk management, and established a trend briefing service to keep executives up to speed on shifts in technology sectors. He’s a regular speaker at industry conferences and in the media, commenting on just about every aspect of information security.
Daniel Miessler’s tips on starting your cybersecurity career: Have a bank of projects ready to show off. On his own website, Daniel says projects show potential employers you have passion and are prepared to work on your own to get things done. Few things are more appealing to recruiters than seeing curiosity being turned into a tangible outcome.
“While you’re learning,” he points out, “don’t worry too much if someone has already done something beforehand. It’s fun to create, and you want to get used to the thrill of going from concept to completion using code.”
An IT-sector veteran of well over 20 years, Waits has held positions at seemingly every point on the spectrum. From network engineer to CEO, he’s well placed to offer advice on almost any entry point to the industry. He began as a self-taught programmer who harbored dreams of becoming a blues musician. After moving from programming into a security analyst job, Julian soon doubled down on the cybersecurity field.
Now, as he leads Baltimore-based PivotPoint Risk Analytics, Waits is one of the foremost authorities on cyber-risk aversion. He also chairs the advisory board of the International Consortium of Minority Cybersecurity Professionals, which aims to improve diversity in information security.
Julian Waits’ tips on starting your cybersecurity career: Above all else, exposure to science, technology, engineering and mathematics (STEM) before a student reaches college is key. Since cybersecurity is rarely studied before college, Julian believes exposure to STEM subjects is the best way for students to get a taste for the field earlier. As he told DC Inno, “The kids that I grew up with, in my neighborhood, weren’t exactly dreaming of becoming security analysts … it couldn’t have been considered; no one knew it existed.”
No matter how they arrived, these experts all share a number of traits: an early interest in IT, a passion for innovative problem-solving and the desire to share their learnings with others. Demonstrate the same, and you may be rewarded in your cybersecurity career.
To plot out your own career path, check out our roadmap to a career in cybersecurity.