At the inaugural 44CON Cybersecurity I conducted a workshop on career planning. Career planning is something people tend to do at school, college or university but rarely as adults. Many people experience career planning through a disinterested and irrelevant prism, so it’s not surprising they find it dull. When I was at school trying to work out what I wanted to do with my life, the careers advice function at school took me through a coma-inducing process, often producing unrelated gems like the suggestion that I should be a formula 1 driver or a truck driver, just because I like the idea of driving.
A lot of people ask me about how they can get into the wider information security industry from outside, be that as a student or as someone looking to change careers. The first thing I ask them is, “What infosec experience do you have?” Inevitably, the answer is almost always the same. “Absolutely none, otherwise I’d be in the industry!” Now here’s the thing. When I say that question, people interpret as, “What infosec positions have you held?
The Recruiter The recruiter is the first person that sees your CV or job application. This could be an internal HR manager or it could be an actual professional recruiter. The recruiter is normally (but not always) non-technical, and their goal is to weed out the obvious no hires usually by looking for keywords supplied with the job description and red flags that could be anything from your recent 6 month training holiday in Syria to a long-forgotten college MySpace profile extolling the virtues of various illegal substances.