How do I get out of help desk and into Cybersecurity?

Good afternoon, everyone!

I currently work as an IT Specialist doing help desk functions. My job involves a range of duties including managing user accounts, SharePoint, blackberry administration and COMSEC. I currently have my BS in Information Systems with a concentration in Computer Security. My job pays decent, but unfortunately there's no room for promotion.

One of my main goals is to get into the Cybersecurity field. I've looked on Indeed to see what certifications employers are requesting for a Cybersecurity analyst and I've seen some listed such as the CISSP and C|EH. One description for one job I've found was:

"Good understanding of security controls and components of a Secure Software Development Lifecycle (SSDLC) (e.g., Requirements, Design, Development, and Test in Agile/Scrum/Waterfall). Experience with software security assessment tools and products (e.g. ArcSite, Splunk, ) Knowledge of NIST SP 800-63/64 guidelines and security best practices for Secure Software Development."

I'm not really sure how to gain knowledge of what they're requesting without experience. Those in the Cybersecurity field, did you research job requirements and try to learn this stuff yourself or did you obtain an internship position?

I don't really know how to begin getting into this field without prior experience. If I did obtain my CISSP, I would still feel unqualified to even apply to a position such as the one above.

Any advice is greatly appreciated.

Find more posts tagged with

Comments

scaredoftests

See if you can do some cybersecurity at work. If not, set up a lab at home. download wireshark etc.

Polymorphic28

scaredoftests wrote: »

See if you can do some cybersecurity at work. If not, set up a lab at home. download wireshark etc.

Thanks for the reply! The only thing that comes close to computer security that I do at my job is run log collectors when a machine is infected with malware. I may just have to create my own lab at home and practice with the software like you suggested.

scaredoftests

Well, monitoring logs in one of the things that are done in cyber...

TechGromit

Polymorphic28 wrote: »

"Good understanding of security controls and components of a Secure Software Development Lifecycle (SSDLC) (e.g., Requirements, Design, Development, and Test in Agile/Scrum/Waterfall). Experience with software security assessment tools and products (e.g. ArcSite, Splunk, ) Knowledge of NIST SP 800-63/64 guidelines and security best practices for Secure Software Development."

The job you have listed has nothing to do with Cyber Security, It's a software development job, (Computer Programmer) Often, now throw they in a couple of security words into a job posting, for example knowing how to code in a secure matter helps to protect against overflow attacks.

In IT everyone needs to do there part for security to keep an environment secure, one lone wolf who thinks he's above the rules is all that's needed to defeat even the most rigorous security plan from compromise.

Polymorphic28

TechGromit wrote: »

The job you have listed has nothing to do with Cyber Security, It's a software development job, (Computer Programmer) Often, now throw they in a couple of security words into a job posting, for example knowing how to code in a secure matter helps to protect against overflow attacks.

The job title was “Cybersecurity Analyst” which is confusing.

TechGromit

Polymorphic28 wrote: »

The job title was “Cybersecurity Analyst” which is confusing.

The job description is for a programmer, they can make up any title they want for a position, sometimes it fits the job function perfectly, others it has nothing at all to do with actual work you do. Often I think it has a lot to do with HR only making a limited number of job titles, it's a lot easier to manage 3 or 4 different job titles than it is to manage 20 or 30. Were I work I've see jobs that are "Senior IT Analyst", which is my job title in cyber security, I've seen programmers, database admins, server admins all share this job title.

cyberguypr

I don't think this is a programmer role at all. They mention Splunk and ArcSight which a programmer has zero business with. Sounds more like a code security review or web apps security role.

dmoore44

Well, the traditional way is to branch out in to sys or net admin... There generally aren't too many opportunities to go straight from helpdesk in to a cyber role...

Another possibility would be working for a MSSP as a triage analyst... It's essentially the cyber world's equivalent to helpdesk.

ITSec14

I moved into security from a sysadmin position. I think what makes the transition from help desk to security difficult/unlikely is that you typically don't have much exposure to the infrastructure side of things. Not saying it's impossible to get into security from your current position, but not having that experience with infrastructure could hurt you later on.

jamesleecoleman

Do what you can to do more infosec work. You don't have to be in network security in order to do infosec work.
I do infosec work just about every week. I wish it was everyday but I had to create the work for me to get the experience. I had to come up with reasons to do what I do in order to get the experience.

beads

It would definitely help if you could narrow down what it is you would like to perform work in security. That is to ask are you interested in securing routers and switches, malware, SDLC, auditing, forensics or a dozen other tasks in "security". We see these I want to work in security questions every week but all but always so vaguely defined that no one can actually answer the question.

We need to know what it is you want to do in security other than a bigger paycheck.

- b/eads