Top 10 Cybersecurity Side Hustles

How to survive and thrive when AI puts pressure on Cybersecurity Jobs

I am going to discuss Cybersecurity Side Hustles and the different ways you can start your own business, either as a freelancer, a solopreneur or even a full blown entrepreneur.

This matters to those already in the cybersecurity field, as over the next couple years, AI and automation in general will make an impact in the Cybersecurity workforce. There is a saying, that is quite accurate.

AI won’t take your job, someone using AI?will…

— Unknown author

Most people are obvious to this change coming… don’t be one of them, be prepared.

Warning: I will be discussing this topic in detail over the coming months. Be careful when selecting a side hustle that it does NOT conflict with your day job in any way. It is best to comply with any company policies for “outside” work, which may include notifications. You have been warned.

Here is what you will get out of this article:

• Top 10 Cybersecurity Side Hustles
• Pros and Cons for Each
• An idea of the difficulty of each, so you can find one best suited to you
• An example playbook, for GRC, that shows multiple income streams

Top 10 Cybersecurity Side?Hustles

I will outline these opportunities in the order of difficulty. However, that is relative to your skills, so your mileage may vary.?

After I list these, I will provide an example playbook, for the GRC use cases and how you can stitch together a couple of these paths, to start several income streams.

1. Cyber?Writer

Cyber Writers are communication specialists who translate complex cybersecurity concepts into accessible content for various audiences.

They play a crucial role in bridging the gap between technical experts and the general public, stakeholders, or decision-makers. Their work involves creating a wide range of materials including technical documentation, blog posts, white-papers, policy documents, social media, and educational content.

Cyber Writers need to have a solid understanding of cybersecurity principles, excellent writing skills, and the ability to adapt their writing style to different audiences and purposes.

Examples:

• Technical Documentation Specialist
• Cybersecurity Blogger
• Policy and Procedure Writer
• Social Media Influencer

Pros:

• High degree of remote work flexibility
• Good work-life balance
• Opportunity to simplify complex topics for wider audiences

Cons:

• Often lower compensation compared to technical roles
• Limited hands-on technical work
• May require constant research to stay current

2. Cyber?Educator

Cyber Educators are responsible for developing and delivering cybersecurity training and educational programs.

They work in various settings including academic institutions, corporate environments, and online platforms. Their role involves creating curricula, preparing course materials, conducting lectures or workshops, and evaluating student progress. Cyber Educators need to have a deep understanding of cybersecurity principles and practices, as well as strong teaching and communication skills.

They play a vital role in addressing the cybersecurity skills gap by preparing the next generation of professionals and keeping current practitioners updated on the latest developments in the field.

Examples:

• Security Awareness Trainer
• Cybersecurity Curriculum Developer
• Certification Prep Instructor

Pros:

• Opportunity to shape the next generation of cybersecurity professionals
• Often offers a good work-life balance
• Constant learning to stay current with industry trends

Cons:

• May have lower compensation than industry positions
• Can require significant preparation time for courses/materials
• May face challenges in keeping curricula up-to-date with rapid industry changes
• Technical stack challenges, if working alone

3. Cyber?Mentor

Cyber Mentors provide guidance, support, and expertise to developing professionals in the cybersecurity field.

They offer insights based on their experience, help mentees navigate career challenges, and provide technical advice. Mentors may work one-on-one or with groups, either within an organization or independently. Their role is crucial in fostering talent, promoting best practices, and helping to cultivate leadership in the cybersecurity community.

Effective Cyber Mentors combine deep technical knowledge with strong interpersonal skills and a passion for developing others.

Examples:

• Career Development Coach
• Technical Skills Mentor
• Leadership Development Mentor

Pros:

• Rewarding opportunity to guide and influence careers
• Builds strong professional networks
• Often allows for flexible scheduling

Cons:

• May not be a full-time role, often part of other responsibilities
• Direct compensation for mentoring can be limited
• Requires significant experience and strong interpersonal skills

4. Cyber Consultant: Governance, Risk, and Compliance (GRC)

GRC Consultants help organizations navigate the complex landscape of cybersecurity regulations, standards, and best practices.

They assess an organization’s current security posture, identify gaps in compliance, and develop strategies to mitigate risks. Their work involves interpreting complex regulations, conducting risk assessments, developing security policies and procedures, and guiding organizations through audits and certifications.

GRC Consultants need to have a thorough understanding of relevant laws and standards (such as GDPR, HIPAA, PCI DSS), strong analytical skills, and the ability to communicate effectively with both technical and non-technical stakeholders.

Examples:

• Privacy Consultant
• Cyber Insurance Consultant
• Regulatory Compliance Specialist
• Risk Assessment Analyst
• Vulnerability Manager

Pros:

• High demand due to increasing regulations
• Often allows for remote work
• Opportunity to work with diverse industries
• Less technical than other positions

Cons:

• Requires staying up-to-date with complex, changing regulations
• Can involve high-pressure situations during audits or breaches
• May require extensive documentation and report writing
• High demand has led to saturation and limited openings

5. Cyber Consultant: Offensive Security

Offensive Security Consultants, also known as penetration testers, ethical hackers or red teamers, proactively identify vulnerabilities in an organization’s systems, networks, and applications.

They simulate real-world attacks to test an organization’s defenses and provide actionable recommendations for improvement. Their work involves a range of activities including reconnaissance, vulnerability scanning, exploitation, and post-exploitation analysis. They can also perform threat hunting, as they understand an attackers behavior best.

Offensive Security Consultants need to have a deep understanding of hacking techniques, strong problem-solving skills, and the ability to think creatively like an attacker while maintaining strict ethical standards.

Examples:

• Penetration Tester
• Red Team Specialist
• Social Engineering Tester
• Exploit Developer
• Threat Hunter

Pros:

• Often high compensation due to specialized skills
• Exciting, dynamic work environment
• Constant learning of new techniques and technologies

Cons:

• High stress due to the nature of the work
• Potential legal risks if proper permissions are not obtained
• May require irregular hours or travel

6. Cyber Consultant: Defensive Security

Defensive Security Consultants focus on protecting organizations from cyber threats by implementing and managing security controls, monitoring for threats, and responding to incidents.

They work on a wide range of activities including security architecture design, implementation of security tools and technologies, threat detection and analysis, and incident response planning and execution.

These consultants need to have a broad understanding of cybersecurity principles, hands-on experience with various security technologies, and the ability to respond effectively under pressure during security incidents.

Examples:

• Incident Response Consultant
• Threat Intelligence Analyst
• Security Operations Center (SOC) Analyst
• Digital Forensics Specialist

Pros:

• Strong, consistent demand across industries
• Opportunity to directly protect organizations and individuals
• Varied work involving both proactive and reactive measures

Cons:

• Can involve high-stress incident response situations
• May require on-call duties or irregular hours
• Constant pressure to stay ahead of evolving threats

7. Cyber Consultant: Security Engineering

Security Engineering Consultants design, implement, and maintain the technical security controls that protect an organization’s data, systems, and networks.

They work on a variety of projects including secure network design, implementation of authentication and access control systems, encryption solutions, and secure software development practices.

These consultants need to have strong technical skills across a range of platforms and technologies, an understanding of security principles and best practices, and the ability to translate security requirements into technical solutions.

Examples:

• Cloud Security Specialist
• Network Security Architect
• Secure Code Reviewer
• IoT Security Consultant
• Application Security Engineer

Pros:

• Often high compensation due to technical expertise
• Opportunity to work with cutting-edge technologies
• Strong demand across various industries

Cons:

• Requires deep technical knowledge and constant learning
• May involve complex project work with tight deadlines
• High responsibility for critical infrastructure security

8. Cyber Bug Bounty Hunter: Web?2.0

Web 2.0 Bug Bounty Hunters are independent security researchers who search for and report vulnerabilities in websites and web applications, often through organized bug bounty programs.

They use their knowledge of web technologies, common vulnerabilities, and hacking techniques to identify security flaws that could be exploited by malicious actors. Their work involves testing various aspects of web applications including authentication mechanisms, data validation, session management, and API security.

Successful bug bounty hunters combine technical skills with creativity and persistence.

Examples:

• Web Application Security Specialist
• API Security Tester
• Mobile App Security Researcher

Pros:

• Highly flexible, work-from-anywhere role
• Potential for high rewards for critical findings
• Opportunity to constantly improve hacking skills

Cons:

• Inconsistent income, dependent on findings
• Highly competitive field
• Limited job security

9. Cyber Bug Bounty Hunter: Web?3.0

Web 3.0 Bug Bounty Hunters specialize in finding vulnerabilities in blockchain technologies, smart contracts, and decentralized applications (DApps).

They work in a cutting-edge field that combines cybersecurity expertise with deep knowledge of blockchain architectures and cryptocurrencies. Their work involves analyzing smart contract code, testing DApp security, and identifying vulnerabilities in blockchain protocols.

These specialists need to have a strong understanding of blockchain technologies, experience with relevant programming languages (like Solidity), and the ability to think creatively about potential attack vectors in decentralized systems.

Examples:

• Smart Contract Auditor
• Blockchain Security Specialist
• Decentralized Finance (DeFi) Security Researcher

Pros:

• Cutting-edge field with potential for high rewards
• Opportunity to work in an innovative, rapidly evolving space
• Highly flexible work arrangements

Cons:

• Requires specialized knowledge of blockchain technologies
• Potentially volatile income
• Field is still evolving, with uncertain long-term prospects

10. Industry Cyber Consultant

Industry Cyber Consultants specialize in addressing the unique cybersecurity challenges of specific industries such as healthcare, finance, energy, or defense.

They combine deep industry knowledge with cybersecurity expertise to provide tailored solutions that address sector-specific regulations, technologies, and threat landscapes. Their work may involve developing industry-specific security strategies, advising on compliance with sector regulations, or implementing specialized security controls.

These consultants need to have a thorough understanding of both cybersecurity principles and the specific operational and regulatory environment of their chosen industry.

Examples:

• Healthcare Cybersecurity Specialist
• Financial Services Security Consultant
• Industrial Control Systems (ICS) Security Expert
• Automotive Cybersecurity Consultant
• Aerospace and Defense Cybersecurity Advisor

Pros:

• Often high compensation due to specialized knowledge
• Opportunity to become a recognized expert in a specific industry
• Potential for long-term, stable client relationships

Cons:

• Requires both deep industry knowledge and cybersecurity expertise
• May involve frequent travel to client sites
• Limited ability to transfer between industries without additional training

As you can see, there are many types of opportunities available for a Cybersecurity Side Hustle. Each one may be performed as an individual. Again, we will discuss how to obtain these types of positions in future articles.

Multiple Revenue?Streams

Now, I will share, how these can work together, to build out your side hustle. There is often overlap between these positions. For example, using the topic of GRC (you could pick any niche of cyber), see the below mindmap of the possible revenue streams, in green.

This is not meant to be exhaustive, but to get you thinking of the possibilities. By the way, AI can assist in most, if not all of these methods.

I will explore these potential revenue streams in future articles.

Stay tuned and Subscribe!

TL;DR

In this article, we have discussed:

• The Top 10 Cybersecurity Side Hustles
• Cyber Writer
• Cyber Educator
• Cyber Mentor
• Cyber Consultant: GRC
• Cyber Consultant: Offensive Security
• Cyber Consultant: Defensive Security
• Cyber Consultant: Security Engineer
• Cyber Bug Bounty Hunter: Web2.0
• Cyber Bug Bounty Hunter: Web 3.0
• Industry Cyber Consultant
• We provided the pro and cons of each
• We discussed the skills required and level of difficulty

If you found this article useful, be sure to like it, and forward it around your network, so others may enjoy it. Stay tuned for more of these articles, by subscribing to my newsletter and my mentoring groups, which can be found on my homepage at www.allenharper.com

In particular, the content here, would be discussed deeper in my Cyber Value Creator Founders private group, here.