I've spent more than 15 years building and leading cybersecurity programs at several Fortune 500 companies in the Financial Services industry. I'm also the Founder & Managing Principal of Fraction Consulting where I get to do fractional CTO & CISO work and advise private capital firms. As a result of my background, I often get asked the following question: "How do I advance my career in the cybersecurity field?" Here are the 3 steps I advise people to take: Step 1 Figure out what " " means to you. Is it just more 💰 (money is great don't get me wrong), or is it more responsibility, more autonomy, more respect? advancement Early in your career, you end up getting all of those things as you move from Jr analyst/engineer/operator into more senior-level roles, but you need to consider the path you want to take a few jobs/roles out. Is becoming a security architect the goal (it's a fine goal)? Do you want to remain very deep and technical and go the lead/principal engineer route? Do you want to lead people eventually? Think about how you work and problem solve. Do you like being the one the answers or do you like getting people and teams together to the answers? with get Do you want to specialize in a particular area or technology stack or do you want to be a generalist? All of these questions are to help people reflect inwardly and think through what they want to do. Once you've wrestled with those concepts you can move on to step #2. Step 2 Now that you have a better idea or concepts on what you want to do, you can start on your personal marketing and hype plan📈. If you don't market yourself, then no one else will do it for you. Having a personal marketing and hype plan will help you think about career progression. So you want to be an architect, a manager, or a CISO one day? How will you get the right skills and market yourself to get you there? Look at and what you have (your current job), look at (future roles/jobs), and then plan out how you will what is true what you want close those gaps. A critical piece of the personal marketing and hype plan that is often overlooked - making your intentions known to anyone and everyone who will listen to you. You can't expect people to read your mind to know what you want and you can't get mad when they don't help you with something you haven't communicated. All career interactions are " ." selling points You sell yourself on the job interview, you sell your point of view in that meeting for the next direction to go in the project, you sell why something is more risky than it sounds on paper. OK that's all great, but how do you * * advance, especially in the corporate world in cybersecurity? That's step 3. really Step 3 Build an audience. In AND outside of your sphere of control and sphere of influence. You want people outside of the cybersecurity group at your company to know of you and what you can bring to the table and help them do. Cybersecurity is just another method of effectively enabling the business to do what it was meant to do - sell products/services to customers. Security is about business enablement first You want someone from the engineering group or that business unit to tell your boss how helpful you were in helping them achieve what they needed in a You want to the CTO to comment to the CISO how you have really helped them out. safe and secure way. Building the audience builds your personal value and shows you know how to . The scale always gets broader as you advance and you can start showing this to let people know you are ready for that next level. think and operate on a broader scale To recap: - figure out what "advancement" means to you. Step 1 - create a personal marketing plan to get there Step 2 - build an audience inside and outside your space Step 3 This is a process you should revisit often as you move roles/companies, as new interests come up, and as you move through different phases of your life. Take active control of this approach and don't wait for things to happen you. Make this happen yourself. to for Nothing is guaranteed but this is the playbook that has helped me so far and I'm always refining it. Previously published at https://twitter.com/mikepsecuritee/status/1308769654379347968

Twitter

How To Prepare For A Cybersecurity Manager Job Interview

The Importance of Cybersecurity in Early-stage Startups

Read My Stories

Too Long; Didn't Read

Boost your HackerNoon story @ $159.99! 🚀

3 Steps to Help Advance Your Cybersecurity Career

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

Untitled Story

Grasp The Zero Trust Product Market Space Concept Quickly

What No One Told Me About Being a Product Manager at an Early Stage Startup

10x10: Ten Life Lessons from a Developer After Ten Years in the Industry

10 Things Every New Developer Should Know

10 Steps for Landing a Job at a Startup

Grasp The Zero Trust Product Market Space Concept Quickly

What No One Told Me About Being a Product Manager at an Early Stage Startup

10x10: Ten Life Lessons from a Developer After Ten Years in the Industry

10 Things Every New Developer Should Know

10 Steps for Landing a Job at a Startup

Light-Mode

Classic

Newspaper

Dark-Mode

Neon Noir

Minty

HN StartUps