When it comes to developing IT security strategies, Security Consultants are in demand. They advise their customers on how to protect their systems. This ranges from the purely technical level of tools, applications and networks to the "human" factor with recommendations for action or security awareness workshops.
Project managers are also important in cybersecurity - they keep the threads of a project together. In order to understand the requirements and measures in cybersecurity projects and to plan them sensibly, you need a basic knowledge of IT security in addition to knowledge of processes and methods in project management.
Internships and traineeships are very important
Although not all jobs in cybersecurity require a university degree, the classic route into the industry is a university degree (B.Sc./M.Sc.) in computer science or IT security. However, there are also career changers who, thanks to their passion, work intensively on the subject and continue their education. In any case, you need a strong IT background and the willingness to delve deeply into the subject matter.
However, entry-level job seekers should explore internships and traineeships to gain experience and as much information as possible. At SEC Consult, we offer internships as well as working student positions - both are great opportunities to get a taste of the industry.
Internships also allow you to find out how the company works and what job profiles are available. You probably will be surprised by the diversity!
Gain experience, experience and more experience
Most companies expect that their candidates have gained different sorts of experience. In addition to "real" work experience through internships, part-time or student jobs, outside the professional field IT security challenges such as CTFs ("Capture the Flag" competitions) are a very good opportunity to get an overview of the professional requirements. They also offer a chance to gather more information from professionals and peers.
A great way to gain technical experience is to expand your knowledge and skills through industry certification programs. Offensive Security's OSCP certification is particularly recommended, but it is also the most demanding entry-level certification in penetration testing/IT security.
Familiarize yourself with the industry and its language
The cybersecurity industry can seem like a whole different world to newcomers. Not only the (in the beginning) unfamiliar, science fiction-sounding terminology but there is also a constant stream of news, new trends, techniques and developments.
Reading industry websites is one of the best ways to keep a virtual finger on the pulse. In the German-speaking world, Heise Security is highly recommended; the portal covers all facets of IT security.