Transitioning to a cybersecurity career – stories from non-technical infosec pros

become infosec pro no tech background

In today’s job market, many people don’t have linear and traditional career paths. Each of us has a different professional journey packed with varied backgrounds and skills that are transferable to other domains. If you are thinking about transitioning to cybersecurity, it’s worth saying that this field offers endless learning opportunities and rewarding career options for everyone.

Cybersecurity is rapidly growing and so is the need for infosec professionals. In fact, this report highlights the gap that exists in the cybersecurity landscape with an estimated number of 1.8 million unfilled infosec jobs globally by 2022. Also, during research conducted by ESG, 53% of the interviewed companies said they’ve dealt with a lack of professionals to fill cybersecurity roles between 2018 and 2019.

As technology continues to advance and cyberattacks increase, cybersecurity specialists remain in high demand. 

You might think that getting started in infosec is only possible for people with a solid technical background, but that’s not (entirely) true.

Here are some real-life stories of people who succeeded to land a job in infosec with no technical background that may inspire you to take the leap. 

 Infosec professionals’ backgrounds and their surprising career path

Valentina Galea is an ethical hacker at Bit Sentinel and she has a degree in graphic design. Before joining the infosec world, she was a graphic designer for 7 years. At the age of 28, she decided to make a career switch and learn more about the gaming design world. While working for a gaming company, she discovered cybersecurity and the world of ethical hacking.

Although she had no technical background in the field, she found inspiration from other tech women and a community of wonderful people ready to help her. She’s enthusiastic, positive, and eager to learn something new every day.

At this year’s first edition of Ladies in cybersecurity powered by DefCamp, Valentina encouraged everyone who wants to pursue an infosec career to “be open to continuous learning, always looking for new challenges, and remember to get out of your comfort zone.” 

 Jelena Milosevic is another infosec female specialist who doesn’t possess technical studies required for a traditional cybersecurity career. She’s a pediatrician and a nurse with a background in healthcare, and years of experience in different hospitals.

With her passion for cybersecurity and determination to raise awareness about healthcare security, she became an active member of the infosec community by bringing her key skills to the table: enthusiasm, curiosity, openness to learn and teach others, and a can-do attitude.

For those who want to join this field, Jelena advocates for the power of community and a certain way of doing things –  open, honest and always willing to share knowledge and answer your curiosities or questions. 

When you are curious and passionate about something, learning isn’t that difficult. I also was lucky to find enough info security professionals that were impressed that one nurse wants to know more about security, so they did help me a lot.”

You can read more insights from Jelena in the interview we did with her last year, and if you’re attending DefCamp this year, you’ll see her on stage too!

We know cybersecurity is still a male-dominated industry, in which women will represent more than 20% of the global cybersecurity workforce by the end of 2019. It’s an industry that needs more women to bring more gender equality and create more diversity. Fortunately, there are lots of initiatives out there that take action and try to get more women in this sector. 

That’s why we love reading stories from women with a non-technical background in infosec, but a thirst for knowledge and determination to learn more

Drawing on her own story, Laticia Carrow explains how she got from hairdressing to cybersecurity without technical studies. 

A friend encouraged her saying she’s good with computers and she could do more. Being a curious human being, she did a lot of research and tried to learn as much as possible about the key tech terminology. 

She embarked on this new adventure to dive deeper into infosec. Her piece of advice for someone who wants to follow in her footsteps is to discover what’s out there because

“there’s so much going on as far as technology is concerned, and you just need to broaden out. Opportunities are endless in tech, and once you get over the learning curve, the sky is yours.”

Dan Konzen, Phoenix campus chair for the College of Information Systems & Technology at the University of Phoenix, shares his career transition from healthcare to cybersecurity.

“Having a background in something like healthcare or outside the IT world can actually benefit someone going into cybersecurity. It gives a fresh perspective to look at what hackers may be doing or find the information they are looking for.

Dan recommends people who are interested in a cybersecurity career change to research for the certifications that are available, look at other educational opportunities and degree programs, and get hands-on experience. 

As for Javvad Malik, who’s currently a security awareness advocate at KnowBe4, his background is in the business information system. This degree helped him land an infosec job at Natwest, which seemed to be a huge opportunity at that time. He took advantage of it, got plenty of certifications and learned as much as he could.

The learning process can take many forms in different stages, but Javvad realized that

when you’re young, you don’t always know what you want to do in life. But when you get an opportunity, grab it and run with it.”

The journey to infosec isn’t always straightforward, but with a thirst for knowledge, a positive attitude and determination to learn more about this field, you will progress in the right direction.  

Amanda Rousseau, a malware researcher started out studying graphic design in college. But after attending a computing science course, she “couldn’t look back”. She had a network security internship, which got her first job at DoD Cyber Crime Center.

I spent many hours outside of work trying to catch up and understand the technical aspects of my job,”

she added.

You can excel in cybersecurity through previous experience in a different domain, by bringing a fresh and different approach mixed with a set of transferable skills.

KPMG employees shared their insights and reasons why they moved from entrepreneurship, trading, or forensics to infosec career. What they had learned from their previous roles, they applied in cyberspace.

 “The challenges, the fast-moving space, the need to stay up with the latest attacks that happen, and be creative in your solution,”

said one of them. 

Breaking into cybersecurity can be achieved through nontraditional paths, said some of the DEFCON 27 attendees. 

They emphasized the importance of networking and being open to learning more about infosec which could close the gap between hands-on experience and job requirements. 

Ismaelle Vixsama, the founder of cyber consulting firm Vix Cyber, talks about her transition to cybersecurity. She believes that “almost all the skills that are out there in the real world can be transferred into cybersecurity.” “If you are a good person, you can read people, there is a career path for you in social engineering.”

“If you ever decide to transition from one field, you can build up your technical skills and then essentially work towards something different.

pointed out Vixsama who has a degree in finance and business management in college, and six months of working in the finance field, which she didn’t love. 

Speaking of DEFCON, BiaSciLab is only 12 and she spoke at this conference 3 times already. Although she’s young, Bia is really determined to make a difference in this field and encourage other girls to consider pursuing an infosec career. The recent interview we did with her confirmed there’s hope for more teenagers and women to get into cybersecurity.

Her natural way of speaking, her passion for infosec and desire to teach others really got us inspired and confident about the future of this community. You can see her live this year at DefCamp!

Key recommendations for transitioning to cybersecurity without having a technical background

    • Remember there are plenty of career opportunities out there for everyone, with 3.5 million job openings by 2021, according to Cybersecurity Ventures. More than that, the infosec community has plenty of role models, peers, and infosec specialists to follow and get in touch with. 
    • Knowledge is power, so you should focus on learning as much as possible, joining an infosec community, and getting certifications and online courses. They will help you get a better understanding of basic concepts and fundamentals. 
    • To kickstart your career, check out this beginner’s guide packed with useful and valuable resources. Also, we recommend reading this cybersecurity workforce framework that structures the types of role within infosec, so you better understand them and what you’d like to focus on.
    • Prepare for ups and downs, and also be ready to deal with challenging situations along your journey. Also, remind yourself to stay engaged and put into practice a growth mindset.
    • Be determined to make a difference, attend cybersecurity conferences and volunteer at events, if you can. Such valuable experience will help you grow and develop new skills. At the same time, connect and meet the awesome people from the infosec community.
    • Cultivate long-lasting curiosity, be a lifelong learner, and always strive to do your best.

Final thoughts

We hope all the above stories and examples inspired you to get started in cybersecurity, even if you aren’t the best fit on paper. What’s essential is your desire to learn more, be open-minded, and have a can-do attitude, regardless of your background or experience level.

Yes, there will be lots of challenges along the way, but you’ll discover so many things to do and contribute to this wonderful infosec community that you won’t be able to stay away!

This article was written by Ioana Rijnetu. You can get in touch with her on LinkedIn or say hello on Twitter.

    Related articles​

    Securing the cloud: insights on threats, ..

    BY Adina Harabagiu
    There is no mystery that everything nowadays has a digital component. A growing number of companies are ..

    Striking a balance between security updates, ..

    BY Adina Harabagiu
    The world of cybersecurity is fast paced, there’s no denying it. Innovation is constant and threats are ..

    Pentesting: a tool for empowering – not ..

    BY Adina Harabagiu
    You’ve likely caught wind of this rising tide – offensive security, pentesting, and #RedTeams are not ..