Is a University Degree Enough to Secure a Job in IT Security?
Work belongs to Dan Qutaishat, this work can be referenced by using any of the established referencing methods such as Harvard.
As a university student and someone who has sent numerous job applications. I can safely say to you: No.
A university degree though is useful, can only take you so far. You need to put into perspective that most candidates that apply for a graduate job for instance will all have a university degree. So it is essential to ensure that you stand out from the others by any other way possible. Below I have provided some ideas on how to do that.
Capture The Flag Platforms
Capture the flag platforms enable cyber security students and professionals where there are flags hidden in purposefully-vulnerable programs - usually done by running remote machines. These flags are usually in the form of a key which is usually a keyword and after you solve the “puzzle”, you would receive them. A few platforms that I would suggest are:
Hack The Box: is essentially an online playground which submerges the user in the world of being a hacker, pentester etc. in order to teach the skills required to be able to counter attacks or identify them.
TryHackMe: enables the user to learn cyber security in the way of courses which are broken down based on your personal level / experience.
VulnHub: though I have not used it myself, I have heard that it is a good platform that provides the user with vulnerable virtual machines for them to practice their pentesting skills.
Researching
Because Cyber security is a subject that is continuously evolving due to:
New types of breaches occurring.
New technologies / tools being created to combat current-day threats.
New reports / case studies / analysis papers being released.
No matter how knowledgeable you think you are when it comes to the topic, taking the extra step of researching outside the course material and learning about more current-day events and technologies will not only improve your knowledge of the subject but it will let the job recruiter know that you are taking extra steps to learn about the subject - this initiative is valuable.
Once you have cultivated enough information regarding a specific topic that interests you, consider creating an online portfolio such as this, and posting your own blogs and reports with your personal insights on the topic.
Certification
Whilst looking through different job posters, an interesting trend is many entry-level jobs require the applicant to have at least one certificate. Though everyone should aspire to get at least one certificate, the issue is that the certificates are pricey and do not have a high pass rate. Thus, I have picked some of the best certificates that you should consider getting (this is supported by a poll I have created on LinkedIn).
Based on this poll, the top 3 certificates that are suggested are:
Security+ or CySA+ : this was the most popular suggestion, at its core it is a certification that is recognised worldwide and tests the applicant’s to perform core security principles which eases applying for a job. The price point of the exam is $370.
CISSP: allows the applicant to demonstrate that they are knowledgeable in cyber security. This certification has been running for 25 years and the pass rate is considered to be below 50%.
CISM or CISA: This certificate covers information security governance, information risk management, information security programme development and management, and information security incident management.
Networking
Probably one of the most important aspects from what I have discovered, is networking.
Having connections in the IT world is significant and will be helpful for your career and getting job opportunities. Not all companies advertise their job vacancies, some companies prefer to look for potential applicants instead to ensure they are not overloaded with applications.
Creating a blog, posting on LinkedIn and trying to connect with people from relevant job fields that you are interested - allows you to stand out more.
If you have any enquiries, have any advice to add or have any questions, please let me know by either commenting below or sending me a message on LinkedIn.
