What is "Entry Level" cybersecurity, and can I get in? (Yes, you can!)

So, you’ve decided to dive into the wild world of cybersecurity? No biggie. Just be prepared to face a field where employers ask for 3-5 years of experience for a junior position, or, you know, 15 years for a “cyber-intern” role. It's like they want you to be born with a computer in your hand, hacking the hospital's WiFi before you can walk.

?

But don't worry. We’re going to break down how to land that elusive entry-level job in a way that’s fun, doable, and sprinkled with a bit of humor. We'll also throw in some guidance from the pros, like SANS GIAC and ISC2 studies, because we need to prove to your mom that this career plan isn’t just a pipe dream.

First things first. There are three things you need to do to before you read any further…

·???????? Join Professor Roger’s Cyber Lounge here on LinkedIn Professor Roger's Cyber Lounge

·???????? Join my Facebook Group Security+ in Shades! For more info like this!

·???????? Join me on Clubhouse for engaging cyber talks on Sundays!

There’s one on 10/7 2PM EST on just this very topic called What is “Entry Level” & Can I Get it? Check my profile feed for details!

?

Ok, here we go!

?

Step 1: Face Reality (But with Optimism)

Let’s start with the hard truth. According to the ISC2 Cybersecurity Workforce Study, there's a 3.4 million shortfall of cybersecurity professionals. Seems promising, right? And it is! But here’s the catch: companies still want to hire people who already know everything. Just a small, insignificant detail.

?

But don’t let that scare you! Here’s the good news: the SANS GIAC Workforce Study reports that 57% of cybersecurity professionals entered the field without a background in IT or cyber. That's right—you can literally come from anywhere. So, if your current job title is "professional sandwich artist," don’t despair. Hackers love sandwiches too.

Know how I know? I got into IT back in 2001 from being a restaurant manager! It works...but there's work to be done!

?

Approximate Timeline: 0 months

Action Plan:

?

Cry for 10 minutes. Let it out. We’ve all been there.

Accept that the road might be tough but not impossible.

Step 2: Get Certified or Get Left Behind

Now that you're emotionally prepared, let’s talk about something less dramatic: certifications. Employers want you to prove you can do more than reset a router or plug in a USB stick correctly. Certifications are the golden ticket to showing you’ve got the chops.

?

Start with entry-level certifications like:

?

CompTIA Security+: It’s the industry’s way of asking, “Can you defend my network from the angry 12-year-old in his basement?”

Certified Ethical Hacker (CEH): For when you want to feel cool saying you’re an "ethical" hacker, which is just a fancy way of saying you hack stuff with permission.

According to the SANS GIAC study, a significant percentage of entry-level cyber folks got their start with CompTIA certs. You don't need a PhD in network security to get going, but these certs will boost your credibility and put you ahead of that guy who still thinks phishing is just something you do with a rod and reel.

?

Approximate Timeline: 3-6 months

Action Plan:

?

Sign up for CompTIA Security+ or Network+ (if you have zero tech experience).

Study! (Pro tip: create a Spotify playlist with epic soundtracks to make studying feel like you’re in a high-stakes thriller.)

Take the exam. Pass. Flex on LinkedIn about it.

Step 3: Get Real (Experience)

“But I need experience to get a job, and I need a job to get experience.” Classic conundrum. Employers throw that one at you like it’s a clever puzzle. The trick? Find experience without getting a job. Confused? Stick with me.

?

Here are a few tricks:

?

Internships: Some companies will take a risk on fresh-faced, eager learners. Plus, they pay you in experience (and sometimes pizza).

Volunteer: Non-profits and small businesses need cybersecurity help but can't afford it. Offer your skills and slap that on your resume.

Home Lab: Set up a lab at home. Get yourself a Raspberry Pi or virtual machine, and start simulating attacks. (But please, for the love of all things encrypted, don’t actually hack anything illegal.)

According to ISC2, a whopping 40% of cybersecurity professionals reported entering the field through non-traditional means—like volunteering or starting in IT helpdesk positions. These experiences give you the hands-on knowledge that hiring managers crave.

?

Approximate Timeline: 6-12 months

Action Plan:

?

Apply for internships or volunteer work (cybersecurity conferences are goldmines for networking!).

Build a home lab and get nerdy with Kali Linux.

Join communities like Hack The Box or TryHackMe to flex your practical skills.

Step 4: Network Like Your Career Depends On It (Because It Does)

Networking is a must in cybersecurity. And no, I’m not talking about connecting routers and switches. I’m talking about schmoozing, mingling, and becoming a LinkedIn wizard.

?

Here’s the secret sauce:

?

Join cybersecurity groups on LinkedIn, Reddit, or Discord. You never know who might offer you a job after you share a funny meme about phishing.

Attend conferences like DEF CON or BSides. You’ll meet like-minded cyber nerds and might even get a job lead between workshops on how to hack an ATM.

Mentorship: Find someone who’s already in the game. They’ll guide you and potentially hook you up with opportunities.

According to SANS GIAC, 70% of cybersecurity professionals say networking was the key to landing their first job. So, time to shake hands, pass out business cards, and work on your “I’m not a bot” small talk.

?

Approximate Timeline: 12-15 months

Action Plan:

?

Join LinkedIn groups and start conversations. Avoid sending weird, robotic connection requests.

Attend a local cybersecurity meetup or workshop. (Bringing donuts never hurts.)

Reach out to a potential mentor. Be cool about it though—nobody likes a clingy newbie.

Step 5: Apply Like Your Future Depends On It (Because It Does)

You've studied, volunteered, hacked (ethically), and mingled. Now comes the scary part—applying for jobs. But here’s the trick: apply for jobs even if you don’t meet every single requirement.

?

Many entry-level positions are designed by HR departments that think “junior” means “must have already worked at NASA.” Don’t be afraid to apply anyway! Emphasize your certs, home lab experience, and volunteer work. Cybersecurity hiring managers are increasingly valuing skills over degrees (thanks, GIAC).

?

Approximate Timeline: 15-18 months

Action Plan:

?

Tailor your resume for each job (don’t just hit “Apply All” like you’re buying socks on Amazon).

Apply for security analyst, SOC analyst, or IT support jobs. Even if the role isn't strictly cybersecurity, an IT job can be a gateway.

Don’t get discouraged if you get rejections. Even the best hackers have their systems compromised from time to time.

Guess what? There’s more too… Join my Facebook Group Security+ in Shades! to learn even more than these gems dropped here!