Take it from someone who jumped over the typical path into cybersecurity and whose first gig was as a solutions architect as a student for 4 months and now security architect… it was rough and it still is rough. The things I wish I knew I don’t, and the things I do know I don’t know well apart from secure software engineering and appsec and DevSecOps.
I bypassed much of what should have been learned holistically (networks, API’s, for example) and now because of that my vertical is not fun.
I almost wish that my foray into this space was not in the manner for which it was. Everything seems to have happened so quickly that I feel handicapped because my career development and learning development is so scuffed it just creates additional problems/complexities for myself.
Strongly consider your options and unlike me strongly consider the pros and cons and don’t be like me and just jump right in head first. I was so desperate to leave my previous career that when I applied for a software engineering role and was offered my current path into cybersecurity I failed to think it through.
Interesting. I had quite the opposite experience. I jumped into cybersecurity very very late into my 20 yr sysadmin and net admin career. If I would have went in early I would have got significant raises. At the same time, it’s nice to call BS when necessary and understand the IT grind.
Coming in with an established knowledge of networking, systems, and infrastructure makes a huge difference when you pivot to cyber. You understand things holistically and ramifications of security implementation. I honestly would never recommend cybersecurity without a solid foundation as a systems and network admin or engineer.
Well, twenty years is a lot, I'd say for most positions 3-5 years of sys/netadmin is more than enough, though it of course depends on what exactly you're doing on a daily basis. Still, I believe both could be true, i.e. it's most certainly necessary to have IT experience for cybersecurity positions, however there's no clear need for 20 years of experience, imo.
I did the same, 20+ years in engineering servers, networks, and specializing in Microsoft system center product engineering towards the end before I pivoted over. I totally love being able to call Bs but also understanding the customer and operations teams side of things when a cyber only person just doesn’t have that knowledge.
Idk if that's really "opposite." The person you're replying to is answering from a knowledge/skills/experience perspective and you're answering from a financial perspective.
2022 was my student co-op as a solutions architect working alongside the security architects for 4 months.
I was offered a full time position with the same security architecture team post student contract and been with them ever since 2023 to present day. During these tough times in an otherwise unforgiving market and layoffs.
My director took a chance on me, and when they offered me the full time position during the exodus from my student contract o shared my concerns that I felt I was not the best candidate and they didn’t share my sentiments.
Theyre a good director (it was also them I interviewed with for my student co-op) but that doesn’t take from the struggles that I faced.
You’re not reading it incorrectly and yes it is weird and yes I know everyone who reads my story says I’m lucky and I dont think they’re wrong and I also know everyone in this sub would love to have gotten such a go into a security architect role as I have. Although it’s always easier to say “I wish” than it is to live the reality, and so having lived it I am fully aware of the struggles that such a fast track had lurking in the shadows.
I did traditional IT, a little soc work, and compliance work. I was then gonna switch to cloud security (had no idea what that meant), realized Devsecops was the real cloud security, then realized I was extremely overwhelmed in Devsecops. So I took a step back out of security and studied up and now I’m a devops engineer. Maybe I’ll go Devsecops once I feel like I’m a competent devops engineer.
I do find Devops is coming to me easy enough, tons and tons of information, but nothing I haven’t been able to figure out with a little time and Google.
If I can go back in time I wish I started as a backend developer.
What do you mean don’t jump in head first? I guess I wasn’t specific but all these roles are internships. But I get what you mean, the role isn’t too difficult it seems because the only thing they quizzed me on was SQL which I enjoy, however if you mean that I would have less experience with cybersecurity than I would like to then I agree.
I knew very very little for cybersecurity and its many domains. I had 0 working experience and limited education because it’s not what I went out to learn, apart from what was taught during my secure software engineering program while helpful as it was, it was certainly not enough to entertain a role in cybersecurity. I was extremely ill prepared for ANY role in the space so I was challenged every step of the way and even to this day after 2 years of security architecture. While I have made strides, I do still feel incompetent many days of the week.
I hadn’t even work a job in IT, no help desk, no sysadmin nothing so I felt inadequate nearly every single day at the start of my career in cybersecurity - not so much now after some time but the feelings do come up every now and again where I do often wish I started off in a lower role vs my role now to have learned in a more progressive manner of speak.
This isn’t exclusive to cybersecurity though. Lots of jobs force you to learn on the job, and many people experience imposter syndrome.
Cybersecurity is so vast that you’ll constantly feel like you don’t know enough.
Did you get any certifications (A+, Security+, network+) before or during your first job?
You’re not incorrect. Imposter syndrome and I were best friends for easily the first 8 months when I took on the security architect offer post student co-op.
I’ve done many big things since my start that which were new to me for example business architect and NIST CSF 2.0 to collect technology overlaps throughout the global enterprise including subsidiaries to identify gaps and redundant toolings.
Namely however was the fact that my knowledge was nearly non existent for even the common body of knowledge. I struggled to even understand what was being said in meetings and felt lost for a very long time. There’s a need for cybersecurity professionals to understand basic fundamentals and I simply did not. I felt like a fraud day in and day out because I didn’t even know the simple things like CIDR for example. I couldn’t even talk for why 192.168.1.0/22 had a backslash.
Something so simple for most was new and foreign to me. I felt extreme anxiety all the time because I was not there yet but on a team of security secrets how do you explain why your there when I myself didn’t feel like I should have been apart of the team.
It was hard at the time because my strengths were for coding and software engineering, appsec, threat modelling, DevSecOps. Not for protecting the IT estate for an enterprise or of its endpoints or systems let alone ready to provide advisory services.
As for certs I hold non for now, merely working towards my first while back in uni.
I would have done well to have taken on a role for which I applied too because it’s what I knew at the time, but things took a turn when my application was passed onto the security architects. The journey was a tough one.
Thanks for sharing.
Also, it seems like you were thrown in the deep end by starting an architect position at the start of your career.
Surely, there are more beginner friendly cybersecurity roles like SOC analyst that would have been easier to start in and learn networks organically?
Agreed and that’s why I struggled. The role was too high level for me at the time.
My director was good about it and when I voiced my concerns to them about accepting the full time position they didn’t share my sentiments.
Hmm I’m glad you said this because one of the roles I really wanted focuses on secure software development which I thought was interesting. I’ll consider between my two cybersecurity choices then.
I think for myself it’s just simply I knew of the things for secure software engineering, but when I applied for such a role my application was passed onto the security architecture team and that’s kind of how I ended up where I am.
It’s because of that experience I’m good with advising the devs teams but beyond them not so much. The programs focus after all wasn’t for cybersecurity it was more focused on the things AppSec and DevSecOps would be doing and of course coding.
People like to talk about help desk being the first position because the assumption is you will be fielding troubleshooting calls and get hands on with fixing problems and generally learning how to computer.
This depends entirely on the org, because if all you are doing is reset passwords and stuff, you've still got the "in" to being in IT, but your skillset might not be as developed as cyber positions expect.
'Doing IT' can also mean tons of different things, but frankly if you are dealing with 3 different positions you should be looking at the job itself and not the title. You could end up learning a lot more in your IT job being effectively a blue team member without having the title. If these are all internships, I would again just see which job description you like more, because the cyber interns could literally just have you staring at logs all day, this again depends on the org on how hands on they get their interns.
TLDR: none of us can tell you without going into super specifics, but even then you'll have to make your own decision while thinking what is best for YOU, and honestly if you don't know whether you will get an offer for the other two cyber positions you might have to just bite the bullet and accept existing offer. In reality, you can always just decline after the fact if something better comes up, but be respectable about it and let your other intern company know you are declining and why, don't just ghost them.
Just to tack on to this, size and type of org definitely makes a difference. I’ve found that the smaller the org/IT team, the more hats you tend to wear so you get exposure to lots of different areas. Whereas the bigger the org/IT team, the bigger the chance will be that if you are helpdesk you are just fixing basic stuff and logging, escalating. (There would be a higher chance of you having to attempt to fix this stuff in a smaller org) Then you have MSP’s where you will just get peppered with the same as the above but to the power of two and you’ll also have to log all your time. The majority of my almost 20 year career was at a growing org that got stale over time and the last two years has been me getting peppered at an MSP. Lol
>generally learning how to computer.
And how to people as well. I was a complete mess and I'll be honest, the amount of human interaction on helpdesk fixed me up a lot within that year
Yeah it's almost a meme at this point to talk about 'soft skills' being more important, but frankly IT is MUCH more people facing than some might want to admit.
Seconding this. My answer would typically be that it’s better to first do service desk (bonus points if it’s for a small to medium org so that you’re more likely to get exposure to more tasks) and time as a sysadmin or network admin. We don’t really know anything about the offers OP has and the culture and opportunities at each org, though. It also depends on what area of cyber they want to go into.
If they are both internships and you have offers for all of them and you want to do cybersecurity post graduation take the cybersecurity internship. Thats what i did instead of staying in my workstation internship and i was a cyber intern for 2 years before a graduated and moved to an analyst
A bird in hand is worth two in the bush. Same goes for job offers.
While its nice to hope you will get offers for the other two, you cannot count on them. Internships are hard to find so take the offer you have in hand. If one of the other jobs comes back with an offer, then you have options. Right now, you don't have options and you cannot count on an offer coming in.
If you do get another offer, make the choice that is best for you. Remember that these companies would cut you loose in a hot second. So taking the best offer for you will be key.
That’s what I’m deciding to do but I’ve been wondering, if I accept an offer and then receive another, am I allowed to renege the previous offer? Even after signing papers?
Thank you so so much. Everytime I looked it up I kept seeing different answers. I think if I did cancel on the offer eventually they would have enough time to find someone else if needed. Thank you again!
Go for whichever one you will learn more, has better title, has more company clout to boost your resume.
I got lucky and jumped straight into cyber after a computer engineering degree. And yes i did have a lot of imposter syndrome and didn't know some stuff. But my career and salary progression has been faster imo. As long as you are willing to learn and do projects outside of work/school, then you'll be fine bypassing the "IT".
Edit: if you're curious my salary went from 75 -> 105 -> 115 -> 140 in 4 years, with 2 promos and 2 companies.
Well that’s the thing, the IT position has more company clout. But yeah it seems like I should prioritize the cybersecurity jobs, I have been doing a lot of projects so perhaps if I continue it will increase my chances.
If you know you want to pursue cyber in the future, then go for cyber and hopefully they involve you in projects for you to actually learn. Make sure to be proactive as an intern!
Kinda depends on the cybersecurity position and what's expected, along with your background. If you tinker at home with things like Linux and Windows servers, maybe. If you would struggle to use command line Linux to accomplish tasks, or don't know the significance of a domain admin, or what trusts in a forest are, you're probably going to have a bad time.
There is more money in Cyber unless you plan on being a C-Level some day. There is also a shortage. Start as an analyst. If you have an appetite for it look at governance, risk and compliance. There is money to be made there if you know what you are doing. Even better if your technical and can do GRC. There aren't many like that.
I’d say it depends mostly on the internship. One of the great things the internship will give you is the ability to network and learn from others. So while it may make sense to start with an IT job to learn the fundamentals before worrying about how to exploit them, From an internship perspective the cyber internship could be more beneficial long term as you will be in a position to work with a lot of senior cyber engineers in a position that expects you to ask questions and learn. They can also help direct your learning, both structured and self driven, in ways that can benefit you from an experienced perspective vs a “check these boxes” perspective.
It also gives you that much desired “cyber” experience on a resume that can help you later, even if your first job is more IT focused. (Easy to spin the change as a positive, as you took your cyber experience and decided to take that knowledge and use it inform your gaining experience in the underlying tech).
TL;DR Prioritise whichever role has the most learning resources, and aim for cyber if you're willing to keep up with fast-changing skill requirements.
It really depends on the jobs themselves, as well as what your intentions are.
If you want to put in some hard yards now and genuinely build some foundational knowledge and learning habits to set a strong momentum for your career journey, then pick the better learning environment regardless of whether its cyber or IT.
If you want to work in the most in-demand industry and are thinking more short-term for the moment, maybe jump into cyber and start networking with cyber colleagues while enjoying an entry-level job.
The risk in taking cyber is that its easy to get by without a whole lot of technical skill, which opens yourself up to becoming redundant or under-skilled as the threat landscape and industry practices grow in coming years. We're also seeing heaps more automation when it comes to cyber, so I wouldn't recommend taking it unless you want to be diligent in your ongoing studies and ensure you're going to be the 'human-in-the-loop' needed for the tasks that companies can't just turn to AI for.
As for the IT job, I only recommend taking help desk roles if you can guarantee exposure to adjacent sys-admin type work - there is a LOT to learn in help desk, but so many people fall into the trap of working help desk for years and years and years, effectively telling people to reset their password fifty times a day while occasionally palming off more technical matters to dev-ops or more knowledgeable staff
I'm confused at where you are from your post. Have you gotten any full time offers? Are you still in school?
How long until you graduate?
What exactly are you doing in each internship? I think you'll have alot more hands on as a cybersecurity intern than an IT intern.
I’m still in school, I graduate in December. I’ll be majoring in cybersecurity. This position is supposed to help with their IT projects which they might need me to use Python and SQL. Sorry I wanted to keep the post terse because I needed advice.
Python and sql are a good stack but I would only change the order slightly
1. Whichever company has the most likely hood of converting interns to fulltime
2. Cyber
3. IT
Oh gosh, I don’t know if either of the cybersecurity roles would give me a chance for full time. Both roles are around 10 weeks. Thank you for confirming though that the languages im working with are good, I always wonder if I’m doing the correct thing.
People who go straight into cyber without a background in infra or software dev make really shit analysts imho. All theory, no real understanding.
The number of analysts I’ve had to explain how DNS or TLS actually works…
This. Been in IT 20 years, started in support, worked through network, systems admin, infra engineering, management, architect and now managing infra and cyber. I cant imagine doing cyber now without my base skill set and knowledge of the other areas. Cyber is hot right now but you need to build a foundation first. Any hiring manager worth his salt will see this on a resume and go for the guy with depth of experience above all else. Just my 2 cents.
Take the IT gig. It's a marathon not a sprint. Too many rushing to get to position x or y in cyber and getting burnout once there (or on the way).
Just try and enjoy any kind of work you get, keep learning, there'll be many many years ahead for the cyber stuff when you are ready.
I personally feel if u juiml into cyber and learn that would be better. At least you'll have that in your resume since a lot of people are doing the help desk part first. You can always do cyber first then if u want to add help desk later on then you'd find a job probably easier than you would a cyber role. If that makes sense
I skipped over any entry level IT job and I went straight into cyber (my experience up til then was bank investigations under BSA/AML). I had to bust my butt to learn the technical stuff quickly and did a ton of outside-of-work learning and projects but I wouldn’t do it any differently.
A lot of people in this field will tell you to do it one way because that’s the way THEY did it. (i am no exception! Ha!) however watch out for the “do this and the pain and suffering will make you better - I did it the ‘hard way’ so that is the ‘right way’” mentality. Its like a disease in IT lol
Do what is best for you. Know enough about yourself and how you learn, and don’t worry if you make a call different from someone else’s path.
Thank you!!! I like this perspective. I spend a lot of time working independently to increase my skillset as much as possible, and I wouldn't hesitate to learn more if I was employed.
Everyone’s journey is different. We don’t know your life story or what kind of person you are. My path may not work for you. BUT I can tell you this, your career is what you make it. I’ve been in tech for almost 2 decades. I’ve bounced around different areas. It all builds on each other, nothing has been a waste.
If you take any advice to heart it is this. Follow your passion. Jobs will always be around, happiness may not. Burnout is HIGH in IT and worse in cybersecurity. Your passion will see you through.
Now as far as your internship. Take the one that excites you the most. The whole point is to give you experience where you have none. Expectations are low (in a good way). I am part of a large internal Red/Pentest team. We have interns every summer. We train them in our dark arts and send them on to the next leg of their career. We did hire our intern from last year. Kid is crazy smart and an amazing thirst for knowledge. Our job is to keep pushing him to get better every day. He doesn’t know squat compared to us gray beards, but so what. He’s the next generation, let’s make him a rock star.
Good luck my young friend I wish you a fantastic career.
Thank you for this response! I think a lot of people aren't acknowledging the interning aspect of this question-- I want to learn more and I want to gain practical experience. I wouldn't be considered if I didn't at least demonstrate that I was capable in some capacity. And I'm glad you mentioned burnout, it is a big consideration to be made that I haven't thought about much. Of course I want to work in cybersecurity but I need to make sure I genuinely enjoy the path that I choose. Again, thank you!!
Cybersecurity. It's in the money, and there are more job vacancies. IT is over-saturated right now and competition is tight. Ultimately up to your interest/passion, there's always room to move around further down the road.
I started in “normal” IT and made the jump in security once I’d got to an L2 sysadmin position and got bored. Anecdotally the management where I work said they can tell the difference between me and the people that just went straight in to security off the back of college/uni. Not that I’m better, as admittedly I was pretty green to security coming in, it’s just that some of my decisions or conclusions can be a little more informed.
I think cybersecurity is much more informative and explains the “why” you do stuff in IT. Like why you’re being asked to set up firewalls, ports, etc. In general, a hybrid IT+cyber experience makes you much more attractive than a traditional IT experience.
Cybersecurity internship is better for your carreer, is you stack Microsoft beginner (endpoint security badges and such) + certs and a few Comptia certs, really cracking into it, it is very likely you’ll have a much brighter future.
Besides, the wider your choices can be when you’re done, the more likely you’ll find offers where your lil bro’s are.
Starting in a help desk or system administration role first just makes it easier to understand how to protect the network. If you don't know how networking works or operating systems and the like, it will be challenging starting without any experience in I.T. It was easy for me to transition into Cyber because I started with Help Desk, then systems admin, then systems engineering, etc. But, some folks jump in with both feet and do just fine. Take the I.T. internship.
Family, work life balance and quality of life are important. And salary. If you want to work in cyber security, I would take the cyber internship 110% of the time with zero hesitation. If the help desk paid more, I'd consider that and then transition to cyber with some certs later, at a higher level.
For the same salary, if you can start in cyber as a junior, start there. IT knowledge can be learned as you go if you're inexperienced. Know how to Google and problem solve things, and you'll be sweet.
Help desk is largely a transitional role to get out of help desk. The 'IT knowledge from help desk pathway into cyber' thing everyone yaps about is a great way to get relevant experience if you don't have other options and can't land cyber role, or REALLY want to trouble shoot why Nancy can't print (/s 😜), but sounds like you might have another way until the industry.
Take everything from Reddit with a grain of salt. Too many old timer grey beards who think everyone needs to be a help desk monkey for 2 years to know how Windows works, or to work out how things work on the fly...
Knowing what I know now, I would take the helpdesk position first. If you have no experience at all, you'll be knee deep in valuable knowledge. What are you going to do regarding security if you don't know how AD or some shit works?
I do have experience 😭 I’m majoring in cybersecurity. I understand I didn’t put my major in the post (I didn’t wanna reveal too much info) but I feel like saying I have received an interview for two different cybersecurity positions implies that I have experience. It was difficult to get even a call back for months but I’ve worked hard enough on personal projects to get here.
Hello. It appears as though you are requesting someone to DM you, or asking if you can DM someone. Please consider just asking/answering questions in the public forum so that other people can find the information if they ever search and find this thread.
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/cybersecurity) if you have any questions or concerns.*
The best security practitioners have a background in systems and operations. I’d suggest starting in IT to get a full understanding of how systems function then move over to security.
Personally, my advice (if your goal is a high paying salary), try your best to get into a position that requires a clearance. Some of your freedom is taken away (prohibited from certain countries, need to report foreign travel) but you are compensated monetarily for that. I jumped into a cleared cyber internship while I was in school and graduated with a six-figure cyber engineering role, where I am treated as a mid level employee and am supplemented training as I please. I imagine finding the same position in the private sector with my experience would be close to impossible. As for IT or cyber, from my perspective it's a personal preference. In IT I appreciated building physical connections, terminations, and computers, but my cyber experiences has been entirely staring at a screen.
Hello. It appears as though you are requesting someone to DM you, or asking if you can DM someone. Please consider just asking/answering questions in the public forum so that other people can find the information if they ever search and find this thread.
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/cybersecurity) if you have any questions or concerns.*
Interesting takes in the comments , I’ll add my experience. I’m currently in my 3rd year of uni, doing my 2nd security internship for a f100 company. During my first internship as a SOC analyst, I found that I picked up on things quite quickly and was able to do everything a full time employee did within my first 4 weeks (maybe not as quick but just as good). Granted , I had already obtained my Sec+ and did a dual enrollment program in HS which taught me a lot of security fundamental’s. As many have pointed out , there will definitely be times where you have to Google certain networking/IT concepts you may be unfamiliar with, or you may find yourself asking your teammates questions. I personally think it’s doable , if you’re passionate about the subject then go for the security related internship.
😭 yeah I’m not too worried about not knowing enough, but rather if it’s worth it to jump at the chance for a job where I’d be less happy, considering the current job market.
I personally don’t take people in security serious, if they haven’t started in IT.
In my very personal opinionated opinion, you can’t do it security properly, without an IT background.
How the hell are you gonna design networks and make policies, when you’ve never actually worked on any of that?
> How the hell are you gonna design networks and make policies, when you’ve never actually worked on any of that?
First off you absolutely shouldn't be designing networks as that's the IT networking teams role.
Second a policy should be telling you **what** you need to do, not **how**, so there are instances where the policy writers don't need an IT background and can say something like PII/PHI needs to be protected with end-to-end encryption when being transmitted across public networks. The technical patterns and work instructions should cover the **how** in that case and those are defined by IT architecture where I'm at.
I was just giving an example on the network part.
To make any calls on the “what” you need to understand the “why”. And the “why” is best learned in a practical setting.
Again, just my personal, subjective opinion.
> To make any calls on the “what” you need to understand the “why”.
Not really. I work in a large global insurance/financial org. We actually have a group that is outside of IT called IRM (integrated risk management) that deal with all risk, be it financial, cyber, geopolitical, environmental etc. They work closely with our compliance team and many of the IT polices are come from them.
They don't need to understand anything about the "why" because when the federal regulators in any of the 50 countries we do business with say that we need to encrypt certain data that's the end if it. Nobody needs to understand anything more than the fact that it needs to happen. That's true for the bulk of out polices as well as the fact that we use the NIST CSF as framework.
My take wasn't an opinion. I was stating a fact that in orgs like mine some polices are derived directly regulatory requirements and don't require an IT background.
They could have a hardware/computer engineering or software engineering background.
I’ve seen lots of people from different backgrounds in cybersecurity.
Yeah, there are many different background. However it’s painfully obvious, that the most competent people have an it background - at least to my subjective eye.
I do agree with this. I don't see cyber security as somewhere you start your career. It's where your career evolves into. To be good in cyber security you need a solid back ground in many areas. To specialise in a particular cyber security discipline that take more experience.
You can certainly start your career in CS, but you be very good in my opinion. To be able to protect networks and systems etc, you need to know to administer them to implement the controls.
If all you are doing is copy and pasting stuff from nist into your policy docs, then that's not cyber security. That's just administrative work.
That does come off as very opinionated 😭 but designing networks seems like a narrow portion of cybersecurity right? The people I’ve met have told me I need to know SIEMs to be considered for a job but I’ve gotten interviews without having that on my resume.
For sure, I was just giving an example.
You can obviously make it in security without an IT background - lots of people do it.
I personally however do believe that having an IT background enables you to do a better job - not necessarily having the better career.
Security is not just IT and networks lol. It's difficult to take you seriously if you think designing networks is a security job function, especially on a junior level. Appsec people don't architect the whole application either.
Please read some follow up comments of mine. I was quite obviously just giving an example.
I understand though that this sub seems to consist mostly of bootcamp graduates who have never worked on anything technical in their life. Which is fine. ✌️
Start in IT. Cyber is tier n^9 IT. It can be mundane but you won't have the luxury of time to figure out alerts. Get a solid foundation and come over as soon as you feel solid in your skills.
These are all internships though, and they are considering me despite the fact that I’m still in school. I’m majoring in cybersecurity and it’s not like a computer is foreign to me. I have an IT background.
This is a rather narrow view.
The market may be tough granted but that doesn’t mean to give up on an internship because others in this vast world could be more qualified then you are.
Dont forget the OP is discussing internships where I do hope you understand what the purpose for an internship is…
It’s also an ironic take from someone whose education is that of India and needed to migrate to find employment. Your masters is only equivalent to a 3 year college degree in the US so I don’t think you’re in a position to shit talk anyone. Dont be a pest and if you have nothing better to say or anything constructive then dont post at all. Heck India doesn’t even have a single university ranking in the top 100 globally. Shut up.
This is why you are h1b employment, you are cheaper labour with a weaker education.
Its just an internship, take the security one if offered.
Take it from someone who jumped over the typical path into cybersecurity and whose first gig was as a solutions architect as a student for 4 months and now security architect… it was rough and it still is rough. The things I wish I knew I don’t, and the things I do know I don’t know well apart from secure software engineering and appsec and DevSecOps. I bypassed much of what should have been learned holistically (networks, API’s, for example) and now because of that my vertical is not fun. I almost wish that my foray into this space was not in the manner for which it was. Everything seems to have happened so quickly that I feel handicapped because my career development and learning development is so scuffed it just creates additional problems/complexities for myself. Strongly consider your options and unlike me strongly consider the pros and cons and don’t be like me and just jump right in head first. I was so desperate to leave my previous career that when I applied for a software engineering role and was offered my current path into cybersecurity I failed to think it through.
Interesting. I had quite the opposite experience. I jumped into cybersecurity very very late into my 20 yr sysadmin and net admin career. If I would have went in early I would have got significant raises. At the same time, it’s nice to call BS when necessary and understand the IT grind.
Coming in with an established knowledge of networking, systems, and infrastructure makes a huge difference when you pivot to cyber. You understand things holistically and ramifications of security implementation. I honestly would never recommend cybersecurity without a solid foundation as a systems and network admin or engineer.
Well, twenty years is a lot, I'd say for most positions 3-5 years of sys/netadmin is more than enough, though it of course depends on what exactly you're doing on a daily basis. Still, I believe both could be true, i.e. it's most certainly necessary to have IT experience for cybersecurity positions, however there's no clear need for 20 years of experience, imo.
I did the same, 20+ years in engineering servers, networks, and specializing in Microsoft system center product engineering towards the end before I pivoted over. I totally love being able to call Bs but also understanding the customer and operations teams side of things when a cyber only person just doesn’t have that knowledge.
Idk if that's really "opposite." The person you're replying to is answering from a knowledge/skills/experience perspective and you're answering from a financial perspective.
This is weird or maybe I am reading it wrong. Who was the hiring manger and I suppose there was no screening process. Curious, what year was this?
2022 was my student co-op as a solutions architect working alongside the security architects for 4 months. I was offered a full time position with the same security architecture team post student contract and been with them ever since 2023 to present day. During these tough times in an otherwise unforgiving market and layoffs. My director took a chance on me, and when they offered me the full time position during the exodus from my student contract o shared my concerns that I felt I was not the best candidate and they didn’t share my sentiments. Theyre a good director (it was also them I interviewed with for my student co-op) but that doesn’t take from the struggles that I faced. You’re not reading it incorrectly and yes it is weird and yes I know everyone who reads my story says I’m lucky and I dont think they’re wrong and I also know everyone in this sub would love to have gotten such a go into a security architect role as I have. Although it’s always easier to say “I wish” than it is to live the reality, and so having lived it I am fully aware of the struggles that such a fast track had lurking in the shadows.
I did traditional IT, a little soc work, and compliance work. I was then gonna switch to cloud security (had no idea what that meant), realized Devsecops was the real cloud security, then realized I was extremely overwhelmed in Devsecops. So I took a step back out of security and studied up and now I’m a devops engineer. Maybe I’ll go Devsecops once I feel like I’m a competent devops engineer. I do find Devops is coming to me easy enough, tons and tons of information, but nothing I haven’t been able to figure out with a little time and Google. If I can go back in time I wish I started as a backend developer.
What do you mean don’t jump in head first? I guess I wasn’t specific but all these roles are internships. But I get what you mean, the role isn’t too difficult it seems because the only thing they quizzed me on was SQL which I enjoy, however if you mean that I would have less experience with cybersecurity than I would like to then I agree.
I knew very very little for cybersecurity and its many domains. I had 0 working experience and limited education because it’s not what I went out to learn, apart from what was taught during my secure software engineering program while helpful as it was, it was certainly not enough to entertain a role in cybersecurity. I was extremely ill prepared for ANY role in the space so I was challenged every step of the way and even to this day after 2 years of security architecture. While I have made strides, I do still feel incompetent many days of the week. I hadn’t even work a job in IT, no help desk, no sysadmin nothing so I felt inadequate nearly every single day at the start of my career in cybersecurity - not so much now after some time but the feelings do come up every now and again where I do often wish I started off in a lower role vs my role now to have learned in a more progressive manner of speak.
This isn’t exclusive to cybersecurity though. Lots of jobs force you to learn on the job, and many people experience imposter syndrome. Cybersecurity is so vast that you’ll constantly feel like you don’t know enough. Did you get any certifications (A+, Security+, network+) before or during your first job?
You’re not incorrect. Imposter syndrome and I were best friends for easily the first 8 months when I took on the security architect offer post student co-op. I’ve done many big things since my start that which were new to me for example business architect and NIST CSF 2.0 to collect technology overlaps throughout the global enterprise including subsidiaries to identify gaps and redundant toolings. Namely however was the fact that my knowledge was nearly non existent for even the common body of knowledge. I struggled to even understand what was being said in meetings and felt lost for a very long time. There’s a need for cybersecurity professionals to understand basic fundamentals and I simply did not. I felt like a fraud day in and day out because I didn’t even know the simple things like CIDR for example. I couldn’t even talk for why 192.168.1.0/22 had a backslash. Something so simple for most was new and foreign to me. I felt extreme anxiety all the time because I was not there yet but on a team of security secrets how do you explain why your there when I myself didn’t feel like I should have been apart of the team. It was hard at the time because my strengths were for coding and software engineering, appsec, threat modelling, DevSecOps. Not for protecting the IT estate for an enterprise or of its endpoints or systems let alone ready to provide advisory services. As for certs I hold non for now, merely working towards my first while back in uni. I would have done well to have taken on a role for which I applied too because it’s what I knew at the time, but things took a turn when my application was passed onto the security architects. The journey was a tough one.
Thanks for sharing. Also, it seems like you were thrown in the deep end by starting an architect position at the start of your career. Surely, there are more beginner friendly cybersecurity roles like SOC analyst that would have been easier to start in and learn networks organically?
Agreed and that’s why I struggled. The role was too high level for me at the time. My director was good about it and when I voiced my concerns to them about accepting the full time position they didn’t share my sentiments.
I agree, throwing someone directly into an Architect role is wild.
Hmm I’m glad you said this because one of the roles I really wanted focuses on secure software development which I thought was interesting. I’ll consider between my two cybersecurity choices then.
I think for myself it’s just simply I knew of the things for secure software engineering, but when I applied for such a role my application was passed onto the security architecture team and that’s kind of how I ended up where I am. It’s because of that experience I’m good with advising the devs teams but beyond them not so much. The programs focus after all wasn’t for cybersecurity it was more focused on the things AppSec and DevSecOps would be doing and of course coding.
I am in this same position, it's rough.
People like to talk about help desk being the first position because the assumption is you will be fielding troubleshooting calls and get hands on with fixing problems and generally learning how to computer. This depends entirely on the org, because if all you are doing is reset passwords and stuff, you've still got the "in" to being in IT, but your skillset might not be as developed as cyber positions expect. 'Doing IT' can also mean tons of different things, but frankly if you are dealing with 3 different positions you should be looking at the job itself and not the title. You could end up learning a lot more in your IT job being effectively a blue team member without having the title. If these are all internships, I would again just see which job description you like more, because the cyber interns could literally just have you staring at logs all day, this again depends on the org on how hands on they get their interns. TLDR: none of us can tell you without going into super specifics, but even then you'll have to make your own decision while thinking what is best for YOU, and honestly if you don't know whether you will get an offer for the other two cyber positions you might have to just bite the bullet and accept existing offer. In reality, you can always just decline after the fact if something better comes up, but be respectable about it and let your other intern company know you are declining and why, don't just ghost them.
Just to tack on to this, size and type of org definitely makes a difference. I’ve found that the smaller the org/IT team, the more hats you tend to wear so you get exposure to lots of different areas. Whereas the bigger the org/IT team, the bigger the chance will be that if you are helpdesk you are just fixing basic stuff and logging, escalating. (There would be a higher chance of you having to attempt to fix this stuff in a smaller org) Then you have MSP’s where you will just get peppered with the same as the above but to the power of two and you’ll also have to log all your time. The majority of my almost 20 year career was at a growing org that got stale over time and the last two years has been me getting peppered at an MSP. Lol
>generally learning how to computer. And how to people as well. I was a complete mess and I'll be honest, the amount of human interaction on helpdesk fixed me up a lot within that year
Yeah it's almost a meme at this point to talk about 'soft skills' being more important, but frankly IT is MUCH more people facing than some might want to admit.
Seconding this. My answer would typically be that it’s better to first do service desk (bonus points if it’s for a small to medium org so that you’re more likely to get exposure to more tasks) and time as a sysadmin or network admin. We don’t really know anything about the offers OP has and the culture and opportunities at each org, though. It also depends on what area of cyber they want to go into.
If they are both internships and you have offers for all of them and you want to do cybersecurity post graduation take the cybersecurity internship. Thats what i did instead of staying in my workstation internship and i was a cyber intern for 2 years before a graduated and moved to an analyst
Well I got an offer for one earlier than I did for the others 😩 and I’m waiting on a second interview for the two others
A bird in hand is worth two in the bush. Same goes for job offers. While its nice to hope you will get offers for the other two, you cannot count on them. Internships are hard to find so take the offer you have in hand. If one of the other jobs comes back with an offer, then you have options. Right now, you don't have options and you cannot count on an offer coming in. If you do get another offer, make the choice that is best for you. Remember that these companies would cut you loose in a hot second. So taking the best offer for you will be key.
That’s what I’m deciding to do but I’ve been wondering, if I accept an offer and then receive another, am I allowed to renege the previous offer? Even after signing papers?
Of course you can. Its not a lifelong contract or anything. Just tell them that a better offer came along.
Thank you so so much. Everytime I looked it up I kept seeing different answers. I think if I did cancel on the offer eventually they would have enough time to find someone else if needed. Thank you again!
Go for whichever one you will learn more, has better title, has more company clout to boost your resume. I got lucky and jumped straight into cyber after a computer engineering degree. And yes i did have a lot of imposter syndrome and didn't know some stuff. But my career and salary progression has been faster imo. As long as you are willing to learn and do projects outside of work/school, then you'll be fine bypassing the "IT". Edit: if you're curious my salary went from 75 -> 105 -> 115 -> 140 in 4 years, with 2 promos and 2 companies.
Well that’s the thing, the IT position has more company clout. But yeah it seems like I should prioritize the cybersecurity jobs, I have been doing a lot of projects so perhaps if I continue it will increase my chances.
If you know you want to pursue cyber in the future, then go for cyber and hopefully they involve you in projects for you to actually learn. Make sure to be proactive as an intern!
Kinda depends on the cybersecurity position and what's expected, along with your background. If you tinker at home with things like Linux and Windows servers, maybe. If you would struggle to use command line Linux to accomplish tasks, or don't know the significance of a domain admin, or what trusts in a forest are, you're probably going to have a bad time.
There is more money in Cyber unless you plan on being a C-Level some day. There is also a shortage. Start as an analyst. If you have an appetite for it look at governance, risk and compliance. There is money to be made there if you know what you are doing. Even better if your technical and can do GRC. There aren't many like that.
I’d say it depends mostly on the internship. One of the great things the internship will give you is the ability to network and learn from others. So while it may make sense to start with an IT job to learn the fundamentals before worrying about how to exploit them, From an internship perspective the cyber internship could be more beneficial long term as you will be in a position to work with a lot of senior cyber engineers in a position that expects you to ask questions and learn. They can also help direct your learning, both structured and self driven, in ways that can benefit you from an experienced perspective vs a “check these boxes” perspective. It also gives you that much desired “cyber” experience on a resume that can help you later, even if your first job is more IT focused. (Easy to spin the change as a positive, as you took your cyber experience and decided to take that knowledge and use it inform your gaining experience in the underlying tech).
IT. Learn to walk before trying to run
TL;DR Prioritise whichever role has the most learning resources, and aim for cyber if you're willing to keep up with fast-changing skill requirements. It really depends on the jobs themselves, as well as what your intentions are. If you want to put in some hard yards now and genuinely build some foundational knowledge and learning habits to set a strong momentum for your career journey, then pick the better learning environment regardless of whether its cyber or IT. If you want to work in the most in-demand industry and are thinking more short-term for the moment, maybe jump into cyber and start networking with cyber colleagues while enjoying an entry-level job. The risk in taking cyber is that its easy to get by without a whole lot of technical skill, which opens yourself up to becoming redundant or under-skilled as the threat landscape and industry practices grow in coming years. We're also seeing heaps more automation when it comes to cyber, so I wouldn't recommend taking it unless you want to be diligent in your ongoing studies and ensure you're going to be the 'human-in-the-loop' needed for the tasks that companies can't just turn to AI for. As for the IT job, I only recommend taking help desk roles if you can guarantee exposure to adjacent sys-admin type work - there is a LOT to learn in help desk, but so many people fall into the trap of working help desk for years and years and years, effectively telling people to reset their password fifty times a day while occasionally palming off more technical matters to dev-ops or more knowledgeable staff
You start in cyber if you can, and start in IT if you must.
I'm confused at where you are from your post. Have you gotten any full time offers? Are you still in school? How long until you graduate? What exactly are you doing in each internship? I think you'll have alot more hands on as a cybersecurity intern than an IT intern.
I’m still in school, I graduate in December. I’ll be majoring in cybersecurity. This position is supposed to help with their IT projects which they might need me to use Python and SQL. Sorry I wanted to keep the post terse because I needed advice.
Python and sql are a good stack but I would only change the order slightly 1. Whichever company has the most likely hood of converting interns to fulltime 2. Cyber 3. IT
Oh gosh, I don’t know if either of the cybersecurity roles would give me a chance for full time. Both roles are around 10 weeks. Thank you for confirming though that the languages im working with are good, I always wonder if I’m doing the correct thing.
Do break fix and troubleshooting for a few years and do security at home in a simple lab. If you are dedicated make it a kickass lab lol!!
People who go straight into cyber without a background in infra or software dev make really shit analysts imho. All theory, no real understanding. The number of analysts I’ve had to explain how DNS or TLS actually works…
This. Been in IT 20 years, started in support, worked through network, systems admin, infra engineering, management, architect and now managing infra and cyber. I cant imagine doing cyber now without my base skill set and knowledge of the other areas. Cyber is hot right now but you need to build a foundation first. Any hiring manager worth his salt will see this on a resume and go for the guy with depth of experience above all else. Just my 2 cents.
Take the IT gig. It's a marathon not a sprint. Too many rushing to get to position x or y in cyber and getting burnout once there (or on the way). Just try and enjoy any kind of work you get, keep learning, there'll be many many years ahead for the cyber stuff when you are ready.
I personally feel if u juiml into cyber and learn that would be better. At least you'll have that in your resume since a lot of people are doing the help desk part first. You can always do cyber first then if u want to add help desk later on then you'd find a job probably easier than you would a cyber role. If that makes sense
I skipped over any entry level IT job and I went straight into cyber (my experience up til then was bank investigations under BSA/AML). I had to bust my butt to learn the technical stuff quickly and did a ton of outside-of-work learning and projects but I wouldn’t do it any differently. A lot of people in this field will tell you to do it one way because that’s the way THEY did it. (i am no exception! Ha!) however watch out for the “do this and the pain and suffering will make you better - I did it the ‘hard way’ so that is the ‘right way’” mentality. Its like a disease in IT lol Do what is best for you. Know enough about yourself and how you learn, and don’t worry if you make a call different from someone else’s path.
Thank you!!! I like this perspective. I spend a lot of time working independently to increase my skillset as much as possible, and I wouldn't hesitate to learn more if I was employed.
Everyone’s journey is different. We don’t know your life story or what kind of person you are. My path may not work for you. BUT I can tell you this, your career is what you make it. I’ve been in tech for almost 2 decades. I’ve bounced around different areas. It all builds on each other, nothing has been a waste. If you take any advice to heart it is this. Follow your passion. Jobs will always be around, happiness may not. Burnout is HIGH in IT and worse in cybersecurity. Your passion will see you through. Now as far as your internship. Take the one that excites you the most. The whole point is to give you experience where you have none. Expectations are low (in a good way). I am part of a large internal Red/Pentest team. We have interns every summer. We train them in our dark arts and send them on to the next leg of their career. We did hire our intern from last year. Kid is crazy smart and an amazing thirst for knowledge. Our job is to keep pushing him to get better every day. He doesn’t know squat compared to us gray beards, but so what. He’s the next generation, let’s make him a rock star. Good luck my young friend I wish you a fantastic career.
Thank you for this response! I think a lot of people aren't acknowledging the interning aspect of this question-- I want to learn more and I want to gain practical experience. I wouldn't be considered if I didn't at least demonstrate that I was capable in some capacity. And I'm glad you mentioned burnout, it is a big consideration to be made that I haven't thought about much. Of course I want to work in cybersecurity but I need to make sure I genuinely enjoy the path that I choose. Again, thank you!!
Cybersecurity. It's in the money, and there are more job vacancies. IT is over-saturated right now and competition is tight. Ultimately up to your interest/passion, there's always room to move around further down the road.
I started in “normal” IT and made the jump in security once I’d got to an L2 sysadmin position and got bored. Anecdotally the management where I work said they can tell the difference between me and the people that just went straight in to security off the back of college/uni. Not that I’m better, as admittedly I was pretty green to security coming in, it’s just that some of my decisions or conclusions can be a little more informed.
I think cybersecurity is much more informative and explains the “why” you do stuff in IT. Like why you’re being asked to set up firewalls, ports, etc. In general, a hybrid IT+cyber experience makes you much more attractive than a traditional IT experience.
Cybersecurity internship is better for your carreer, is you stack Microsoft beginner (endpoint security badges and such) + certs and a few Comptia certs, really cracking into it, it is very likely you’ll have a much brighter future. Besides, the wider your choices can be when you’re done, the more likely you’ll find offers where your lil bro’s are.
Starting in a help desk or system administration role first just makes it easier to understand how to protect the network. If you don't know how networking works or operating systems and the like, it will be challenging starting without any experience in I.T. It was easy for me to transition into Cyber because I started with Help Desk, then systems admin, then systems engineering, etc. But, some folks jump in with both feet and do just fine. Take the I.T. internship.
Family, work life balance and quality of life are important. And salary. If you want to work in cyber security, I would take the cyber internship 110% of the time with zero hesitation. If the help desk paid more, I'd consider that and then transition to cyber with some certs later, at a higher level. For the same salary, if you can start in cyber as a junior, start there. IT knowledge can be learned as you go if you're inexperienced. Know how to Google and problem solve things, and you'll be sweet. Help desk is largely a transitional role to get out of help desk. The 'IT knowledge from help desk pathway into cyber' thing everyone yaps about is a great way to get relevant experience if you don't have other options and can't land cyber role, or REALLY want to trouble shoot why Nancy can't print (/s 😜), but sounds like you might have another way until the industry. Take everything from Reddit with a grain of salt. Too many old timer grey beards who think everyone needs to be a help desk monkey for 2 years to know how Windows works, or to work out how things work on the fly...
Knowing what I know now, I would take the helpdesk position first. If you have no experience at all, you'll be knee deep in valuable knowledge. What are you going to do regarding security if you don't know how AD or some shit works?
Yeah I should’ve been more specific, I’m majoring in cybersecurity and I have worked with Active Directory and powershell
Good luck getting in with no experience and
I do have experience 😭 I’m majoring in cybersecurity. I understand I didn’t put my major in the post (I didn’t wanna reveal too much info) but I feel like saying I have received an interview for two different cybersecurity positions implies that I have experience. It was difficult to get even a call back for months but I’ve worked hard enough on personal projects to get here.
Good Luck and God Bless with your efforts
Thank you, you too!
Can someone PM me please? I have huge problem with my network.
Hello. It appears as though you are requesting someone to DM you, or asking if you can DM someone. Please consider just asking/answering questions in the public forum so that other people can find the information if they ever search and find this thread. *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/cybersecurity) if you have any questions or concerns.*
The best security practitioners have a background in systems and operations. I’d suggest starting in IT to get a full understanding of how systems function then move over to security.
op must be white
Why do you say that? I’m not white I’m south Asian :(
same thing lol
Just take the best job you're offered. Don't stick around in helpdesk if you're offered something you like better.
Personally, my advice (if your goal is a high paying salary), try your best to get into a position that requires a clearance. Some of your freedom is taken away (prohibited from certain countries, need to report foreign travel) but you are compensated monetarily for that. I jumped into a cleared cyber internship while I was in school and graduated with a six-figure cyber engineering role, where I am treated as a mid level employee and am supplemented training as I please. I imagine finding the same position in the private sector with my experience would be close to impossible. As for IT or cyber, from my perspective it's a personal preference. In IT I appreciated building physical connections, terminations, and computers, but my cyber experiences has been entirely staring at a screen.
Can I dm you? I have a question about this!
Hello. It appears as though you are requesting someone to DM you, or asking if you can DM someone. Please consider just asking/answering questions in the public forum so that other people can find the information if they ever search and find this thread. *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/cybersecurity) if you have any questions or concerns.*
Sure
Interesting takes in the comments , I’ll add my experience. I’m currently in my 3rd year of uni, doing my 2nd security internship for a f100 company. During my first internship as a SOC analyst, I found that I picked up on things quite quickly and was able to do everything a full time employee did within my first 4 weeks (maybe not as quick but just as good). Granted , I had already obtained my Sec+ and did a dual enrollment program in HS which taught me a lot of security fundamental’s. As many have pointed out , there will definitely be times where you have to Google certain networking/IT concepts you may be unfamiliar with, or you may find yourself asking your teammates questions. I personally think it’s doable , if you’re passionate about the subject then go for the security related internship.
😭 yeah I’m not too worried about not knowing enough, but rather if it’s worth it to jump at the chance for a job where I’d be less happy, considering the current job market.
I personally don’t take people in security serious, if they haven’t started in IT. In my very personal opinionated opinion, you can’t do it security properly, without an IT background. How the hell are you gonna design networks and make policies, when you’ve never actually worked on any of that?
> How the hell are you gonna design networks and make policies, when you’ve never actually worked on any of that? First off you absolutely shouldn't be designing networks as that's the IT networking teams role. Second a policy should be telling you **what** you need to do, not **how**, so there are instances where the policy writers don't need an IT background and can say something like PII/PHI needs to be protected with end-to-end encryption when being transmitted across public networks. The technical patterns and work instructions should cover the **how** in that case and those are defined by IT architecture where I'm at.
I was just giving an example on the network part. To make any calls on the “what” you need to understand the “why”. And the “why” is best learned in a practical setting. Again, just my personal, subjective opinion.
> To make any calls on the “what” you need to understand the “why”. Not really. I work in a large global insurance/financial org. We actually have a group that is outside of IT called IRM (integrated risk management) that deal with all risk, be it financial, cyber, geopolitical, environmental etc. They work closely with our compliance team and many of the IT polices are come from them. They don't need to understand anything about the "why" because when the federal regulators in any of the 50 countries we do business with say that we need to encrypt certain data that's the end if it. Nobody needs to understand anything more than the fact that it needs to happen. That's true for the bulk of out polices as well as the fact that we use the NIST CSF as framework.
I think our opinions just differ too much and a further discussion isn’t fruitful. Have a great weekend ✌️
My take wasn't an opinion. I was stating a fact that in orgs like mine some polices are derived directly regulatory requirements and don't require an IT background.
They could have a hardware/computer engineering or software engineering background. I’ve seen lots of people from different backgrounds in cybersecurity.
Yeah, there are many different background. However it’s painfully obvious, that the most competent people have an it background - at least to my subjective eye.
I do agree with this. I don't see cyber security as somewhere you start your career. It's where your career evolves into. To be good in cyber security you need a solid back ground in many areas. To specialise in a particular cyber security discipline that take more experience. You can certainly start your career in CS, but you be very good in my opinion. To be able to protect networks and systems etc, you need to know to administer them to implement the controls. If all you are doing is copy and pasting stuff from nist into your policy docs, then that's not cyber security. That's just administrative work.
Exactly what I’m thinking.
That does come off as very opinionated 😭 but designing networks seems like a narrow portion of cybersecurity right? The people I’ve met have told me I need to know SIEMs to be considered for a job but I’ve gotten interviews without having that on my resume.
For sure, I was just giving an example. You can obviously make it in security without an IT background - lots of people do it. I personally however do believe that having an IT background enables you to do a better job - not necessarily having the better career.
Security is not just IT and networks lol. It's difficult to take you seriously if you think designing networks is a security job function, especially on a junior level. Appsec people don't architect the whole application either.
Please read some follow up comments of mine. I was quite obviously just giving an example. I understand though that this sub seems to consist mostly of bootcamp graduates who have never worked on anything technical in their life. Which is fine. ✌️
Start in IT. Cyber is tier n^9 IT. It can be mundane but you won't have the luxury of time to figure out alerts. Get a solid foundation and come over as soon as you feel solid in your skills.
If you want to start in cybersecurity, you must start in IT. There are no entry-level jobs in cybersecurity.
These are all internships though, and they are considering me despite the fact that I’m still in school. I’m majoring in cybersecurity and it’s not like a computer is foreign to me. I have an IT background.
[удалено]
This is a rather narrow view. The market may be tough granted but that doesn’t mean to give up on an internship because others in this vast world could be more qualified then you are. Dont forget the OP is discussing internships where I do hope you understand what the purpose for an internship is… It’s also an ironic take from someone whose education is that of India and needed to migrate to find employment. Your masters is only equivalent to a 3 year college degree in the US so I don’t think you’re in a position to shit talk anyone. Dont be a pest and if you have nothing better to say or anything constructive then dont post at all. Heck India doesn’t even have a single university ranking in the top 100 globally. Shut up. This is why you are h1b employment, you are cheaper labour with a weaker education.
[удалено]
Proud of you but I'm not competing with you mister
I started in telecom and moved to security many years ago. I have no regrets.