How to find and apply for the right cybersecurity role for you
HR Business partner
You have prepared your CV and are ready to start applying for your ideal role in cybersecurity. But how do you stand out in the candidate pool, and where do you start applying?
First and foremost, you should understand what you are looking for in a cybersecurity role. According to the (ISC)2 Cybersecurity Workforce Study, there is currently a shortage of 2.7 million cybersecurity workers, making the cybersecurity labor market very candidate-driven.
The gap in cybersecurity professionals around the world
The current digitalization of industries and services and the increase in cyberthreats mean that cybersecurity is crucial for every organization. So, your first task is to find out what type of company you would like to work for:
\\ Multinational corporations (MNCs), such as known cybersecurity vendors
\\ Cybersecurity start-ups
\\ Niche cybersecurity companies
\\ System integrators
\\ Channel partners and distributors of cybersecurity solutions
\\ Government agencies
\\ Any other company you are interested in – the role of Information Security Manager, for example, is needed everywhere.
To start, I recommend you make a list of the companies which are attractive to you, read about them and check what openings they have. LinkedIn is a good tool to help with this process.
LinkedIn is the magic wand when searching for jobs (and candidates). If you are new to LinkedIn, it is time to fill in your profile with all the information about yourself, such as your experience, education, achievements and start connecting with people.
When searching for candidates, recruiters use filters: open to work, engaged with the company, job titles, locations, companies, industries, years of experience and more. So, the more relevant information you provide, the greater chance you have that recruiters will approach you with interview offers, and you won’t need to reach out to them.
On LinkedIn, you will also be able to follow companies you are interested in and subscribe to their open positions to receive notifications. You can apply for a job via LinkedIn and directly contact the recruiter or hiring manager.
For example, let’s say that you see that at Kaspersky, we have an opening for an Incident Response Specialist position in Malaysia. Once you have applied for the job, search for Kaspersky team members responsible for recruitment in Malaysia (such as a HR Manager/Recruiter/or Head of Incident Response at Kaspersky). If there are no such people on LinkedIn in Malaysia, expand your search to Asia Pacific. And then write a short LinkedIn message that you have applied to the job, explaining why the company and the role excite you.
Although, it’s important to note that LinkedIn only allows you to send a limited amount of ‘in-mails’ to people with whom you are not connected to avoid spam. So it is wise to start building your relationships and connections with people in the cybersecurity industry first. Connect, share some content, and comment on their posts before you apply for the job.
Applying via a company career portal
When applying directly through an organization’s website, remember that some companies use automated screening software to analyse your uploaded CV. This significantly reduces the amount of time hiring managers or recruiters spend on screening applicants, but the software can sometimes miss really good candidates. There are several solutions to minimize this risk:
\\ Avoid using creative CV formatting such as images or unusual section headings
\\ Amend your CV to include keywords from the job description
\\ Write to a real person. Although there are numerous videos on YouTube on how to pass automated screening systems, I still think the easiest and quickest way to get noticed is just to write to the person responsible for hiring
In almost every university, there is an industry engagement or careers office responsible for searching for employment opportunities for students. They create joint programs with cybersecurity vendors, promote different contests and student internship programs (for example, Safeboard or the Secur’IT Cup). They will be able to recommend companies for you and also give you the necessary contacts.
Building relationships is the most effective way to receive job interviews and offers. You can use many platforms to do this, like LinkedIn, Twitter or Facebook groups (such as Women in Cybersecurity) as well as attending conferences or cybersecurity community events and mentorship programs to meet people.
Don’t be shy. As I previously mentioned, cybersecurity is a candidate-driven market, and employers are looking to close positions as soon as possible. If your application is not successful this time, you may be put in a pool of candidates and notified when there are new openings for which you are ideally suited.