Build contacts, start or join a hacking society and follow security’s trends and news to get a good start in the industry.
Speaking at the Cyber Recoded conference in London, a panel of graduates in their first jobs spoke on the 'Getting Past the Gatekeepers' panel about their experiences on getting the necessary experience that employers are looking for.
The panelists, who came from a mixture of universities across the UK and from different academic backgrounds, talked of the need to gain contacts and get involved in local security groups in order to achieve mentoring and career advice opportunities.
Chloe Ungar, student at Leeds Beckett University and intern at Hedgehog Cyber Security, said that it is invaluable to have a network around you, such as a hacking society as it “takes away scary aspects [of security], gives you confidence and allows you to experience things” more than just doing a degree would. “Without the society, I would not have pushed myself to go to conferences where I met the company who would become my employer.”
The panelists were unanimous on engaging with societies and groups both local and national, as well as joining DEF CON groups and rookie track opportunities at Security BSides events.
Asked by moderator Daniel Nash if industry were interested in experience such as working with hacking societies, James Stevenson from BT said that “if you’re passionate about it, someone else will be passionate about it.”
Jack Wilson, former Abertay University student, said that their HackSoc allowed members to present research in their meetings and gain experience in speaking.
In terms of finding work, Stevenson said he had been actively writing and producing podcasts before applying for jobs, and employers were more interested in that sort of work.
Ungar said she had identified the company she wanted to work for and met them having emailed, and heard back within half an hour, at 4 am. Brett Calderbank, who had worked in policy and governance before working in a SOC, said it was important to keep on top of what is happening in the industry, “as this is such an evolving industry.”
Nash concluded by saying that if there is no society then start your own, as while it is a lot of effort it will pay dividends for experience.
Infosecurity asked which of the panelists had picked the company they wanted to work for, and what qualities they were looking for in an employer? Ungar said she found her employer at a BSides London conference, and she was attracted to a smaller company “where every employee counts.”
Wilson explained he had started to look for a graduate scheme six months before graduating, and gathered enough information to determine what he liked and what they [potential employer] were looking for, while Stevenson said it was important to identify the company and even if they say no, take the feedback and improve yourself, and keep on applying.