Career Advice for Cybersecurity Newcomers


Digitalization has made the world small and intensively connected. Almost all industries now depend on secure IT systems, and IT security professionals are needed in a variety of professions around the world. On the bright side: the benefits and opportunities for qualified cybersecurity professionals or career starters are huge.


Since IT is a major factor in all areas of our lives, the job is not only important, but also meaningful. The flexibility in terms of time and location that is generally offered is another big plus and makes the field very attractive.

Christine Teichert, Teamlead Human Resources Management, and Hussam Cheaib, Ethical Hacker/Security Consultant, at SEC Consult, give an overview of what newcomers to the cybersecurity industry can expect and how they can prepare themselves. Their insider tips are great to prepare for the challenging but incredibly exciting world of cybersecurity.


"At SEC Consult I’m not only encouraged to contribute my ideas, but I can really implement them and watch them becoming real."

Hussam Cheaib, Ethical Hacker/Security Consultant, SEC Consult

Cybersecurity Job Search Tips and Strategies

Choose a focus within the job opportunities

Most people immediately think of a hacker when they hear the word "cybersecurity" and associate it with the romantic image of a Hollywood-style virtual car chase. However, cybersecurity is a broad and diverse field. Therefore, it is advisable for young professionals to decide which area they would like to focus on.

A popular job is the one of a Penetration Tester. He/she tests applications and systems to identify vulnerabilities and reports them to the customer. This requires basic programming skills, a lot of curiosity and great knowledge about what types of vulnerabilities can exist and how they can be exploited. It also requires learning how to use the tools we use to penetrate the vulnerabilities and document them afterwards.

When it comes to developing IT security strategies, Security Consultants are in demand. They advise their customers on how to protect their systems. This ranges from the purely technical level of tools, applications and networks to the "human" factor with recommendations for action or security awareness workshops.

Project managers are also important in cybersecurity - they keep the threads of a project together. In order to understand the requirements and measures in cybersecurity projects and to plan them sensibly, you need a basic knowledge of IT security in addition to knowledge of processes and methods in project management.


Internships and traineeships are very important

Although not all jobs in cybersecurity require a university degree, the classic route into the industry is a university degree (B.Sc./M.Sc.) in computer science or IT security. However, there are also career changers who, thanks to their passion, work intensively on the subject and continue their education. In any case, you need a strong IT background and the willingness to delve deeply into the subject matter. 

However, entry-level job seekers should explore internships and traineeships to gain experience and as much information as possible. At SEC Consult, we offer internships as well as working student positions - both are great opportunities to get a taste of the industry.

Internships also allow you to find out how the company works and what job profiles are available. You probably will be surprised by the diversity!


Gain experience, experience and more experience

Most companies expect that their candidates have gained different sorts of experience. In addition to "real" work experience through internships, part-time or student jobs, outside the professional field IT security challenges such as CTFs ("Capture the Flag" competitions) are a very good opportunity to get an overview of the professional requirements. They also offer a chance to gather more information from professionals and peers.

A great way to gain technical experience is to expand your knowledge and skills through industry certification programs. Offensive Security's OSCP certification is particularly recommended, but it is also the most demanding entry-level certification in penetration testing/IT security.


Familiarize yourself with the industry and its language

The cybersecurity industry can seem like a whole different world to newcomers. Not only the (in the beginning) unfamiliar, science fiction-sounding terminology but there is also a constant stream of news, new trends, techniques and developments.

Reading industry websites is one of the best ways to keep a virtual finger on the pulse. In the German-speaking world, Heise Security is highly recommended; the portal covers all facets of IT security.


"What I appreciate most about my work at SEC Consult is that we have great team cohesion, both in the individual teams but also internationally. When it comes to important issues, not only management decides but also our team leads and employees are strongly involved."

Christine Teichert, Teamlead Human Resources Management, SEC Consult 

Cybersecurity Job Interview Tips

Show your skills

To work in cybersecurity, you should have curiosity, analytical skills, and a willingness to learn new topics quickly. Depending on the field, programming skills may be useful. During a job interview, you should emphasize your skills, but without exaggerating. 

In addition to hard skills, your soft skills are also important. Talented communicators who can translate cyber language into layman's terms are in high demand.

Prepare yourself

You know the part of the interview when the interviewer asks the candidate if he/she has any questions? Our HR specialists at SEC Consult are happy if the questions asked by the candidates show that they have already thought about their possible role with us (e.g. questions about the team spirit, the job, the technology used, ...) So be prepared to ask something that shows that you understand the job profile and are curious about the position you are applying for.


Have the courage to leave gaps and be honest

We appreciate open and authentic communication, honesty, reliability and respect (if you don't show up for an application appointment without excuse, you would score yourself quite an own goal ...), and interest in our company.

For SEC Consult, a CV with gaps is not a criterion to reject applicants. We also welcome career changers. The most important thing is the attitude towards the job and the colleagues.

A job interview is an exceptional situation, and a lot depends on how well you handle it. Our HR colleagues try to support nervous candidates. If you suffer from great nervousness just relax, take a deep breath and simply address the problem.

Interested in working at SEC Consult?

We welcome you to send us your application.

More On The Topic

About the author

Christine Teichert
SEC Consult
Teamlead Human Resources Management

Christine joined SEC Consult in 2017 in the Human Resources department and took over the leadership of the team in fall 2020. One of her main focuses is the recruiting part to support the international growth of the company. 

Hussam Cheaib
SEC Consult
Ethical Hacker/Security Consultant

Hussam studied IT security at Ruhr-Uni Bochum and has been working as a security consultant since 2017, focusing on mobile and web application penetration testing. Since the beginning of 2021, he has been leading the hacker team at the SEC Consult Office in Bochum.