How to Start in Cybersecurity With No Experience

At one point, every professional lacked the knowledge and skills critical to their work today. They started as beginners — and it’s no different in cybersecurity.

Take Gina Cramer ’20 and Cyndie Ramirez ’18, for instance. They built their early careers in teaching before pivoting to cybersecurity. Both are now experienced security analysts with leadership responsibilities within their teams.

So, if you’re wondering how to start in cybersecurity with no experience in the field, here’s what worked for Cramer and Ramirez.

How to Get Into Cybersecurity as a Beginner

Practice: It doesn’t just make perfect. It helps you build relevant experience. If you don’t have a professional background in the industry, you can start creating a portfolio and network with hands-on learning opportunities and industry events.

You might start by enrolling in a degree or certificate program where you can gain foundations in the field.

Ramirez, who earned her degree in information technology at Southern New Hampshire University (SNHU), discovered her interest in cybersecurity toward the end of her program. She enjoyed working with networks in previous classes and wondered how to protect them.

Enter her cybersecurity concentration, which included hands-on assignments related to ethical hacking.

"It actually helped me throughout my career, even till today," Ramirez said. "When I'm investigating... I just think as a hacker. I'm like, 'Okay, well, if I was a hacker, how would I do this?' And that's kind of how I problem-solve and resolve things because of that course."

8 Ways to Build Experience

College courses are a good place to start building foundations, but simply turning in assignments may not be enough, agreed Ramirez and Cramer.

“(The) effort you put into yourself and learning outside of your classes is going to give you that step up when you have to enter the real world,” Cramer said.

Beyond coursework, here are 8 ways you can start gaining relevant experience as a beginner, according to Cramer and Ramirez:

Attend Tech Conferences

There are a variety of conferences where you can attend sessions and socials with industry professionals. While earning her bachelor’s in cybersecurity at SNHU, Cramer attended conferences such as the Women in Cybersecurity Conference (WiCyS). She first started networking with her current employer at one of them.

Compete in National Cyber League (NCL)

More than 10,000 students participate in the National Cyber League (NCL) competitions each year, testing their knowledge in cryptography, network traffic analysis and more. Last year, SNHU’s team placed 4th.

It's a great way to monitor your personal progress from season to season, too, according to Cramer. "I did horrible my first season," she said. "I think I barely got past open source intelligence, but it opened my eyes to the different skill sets within cybersecurity and helped guide me on my learning path outside of classes."

Complete Home Labs

A home lab, Ramirez said, is essentially a project you complete using tools you want to better understand — and there are a lot of free tools out there. Ramirez did a home lab as an SNHU student, which she then replicated to continue practicing after the class was over.

“Download the tools that you believe you need to get, you know, at least a basic understanding on so you (can) practice,” she said. “Because when you get an interview, especially as an entry-level, even saying those things, it shows you're really, really dedicated.”

Earn a Certification

Certifications are pretty important in the cybersecurity field, according to Ramirez. “I have a few,” she said. "Mine are more tailored to the career path I wanted to take.”

You can find general certifications like the CompTIA Security+, and those in niche areas, such as insider threats.

Read more: Best Cybersecurity Certifications for Beginners

Participate in Capture the Flag (CTF) Activities

Like the NCL competitions, Capture the Flag participants face cyber-related challenges they must solve to win “flags.” From penetration testing to ethical hacking, this is a safe environment that allows you to put what you’re learning to the test.

Seek Out a Mentor in the Field

Mentors can be beneficial when you're navigating entry into the field and beyond. Ramirez, who said she is the product of mentoring, recommended using professional platforms to connect with respected industry leaders.

If you’re a student, consider reaching out to alumni from your school to see if they’d be willing to connect with you on LinkedIn and offer advice.

Subscribe to Podcasts and YouTube Channels

Ramirez and Cramer recommend using free resources to help you learn more about the field, too. Cybersecurity podcasts, videos and newsletters allow you to dig into topics of interest and stay in the loop as the field evolves.

Volunteer on Projects

You can lend your time and talents to an organization or open-source project needing a volunteer. Ramirez said there are people with open-source projects that entry-level analysts could contribute to. As you help others, you’ll build real-world experience you can highlight when searching for a job.

Whatever way you choose to gain experience, Ramirez recommends putting it on your resume.

“Some folks don't think about it. They just think of it as, ‘That was just something I did,’” Ramirez said. “Well, it's still something you did to get exposure in the field — so put that on there.”

Can I Get Into Cybersecurity With No Degree?

Not all cybersecurity jobs require you to have a college degree. While most information security analysts have at least a bachelor’s degree, the U.S. Bureau of Labor Statistics (BLS) reported that you may be able to access the field with relevant industry training and certifications.

According to Jonathan Kamyck, a senior associate dean at SNHU, earning a cybersecurity certificate can be especially beneficial for career starters or changers not ready to commit to a degree program. Certificates, which can be completed within six months, can introduce you to the different elements of the cybersecurity field, including:

• Computer networks
• Information systems
• Operating systems

“And then with that foundation, we move into cybersecurity concepts,” said Kamyck, who has experience as an information systems security manager. “Things like fundamental security design principles, what are the different types of risk or threat that affect organizations, as well as just the general concepts for how to protect either technological assets or people in an organization.”

Read more: What Job Can I Get With a Cybersecurity Certificate?

The bonus of starting with a certificate? Should you decide to pursue a degree later — either to advance in your career or further specialize — the credits you earned may transfer into a cybersecurity associate or bachelor’s degree.

Rebecca LeBoeuf Blanchette '18 '22G is a writer at Southern New Hampshire University, where she fulfills her love of learning daily through conversations with professionals across a range of fields. She earned her Bachelor of Arts in Communication with a minor in Professional Writing at SNHU’s campus in Manchester, New Hampshire, and followed her love of storytelling into the online Master of Arts in English and Creative Writing at SNHU. Connect with her on LinkedIn.