I’m looking for advice on which field within Cybersecurity to focus on.
I have 3 years of IT experience (Help Desk to Jr. SysAdmin) and I’m currently studying for the Security+ *before* I start applying to anything. Also set this learning pathway for myself: Wireshark > CCNA > CISSP (as ISC2 Associate).
I’m over 40, university educated (in European Languages *NOT* STEM) and have a prior white-collar journalism career (have done Technical Writing and regularly used to speak to C-Suite executives in my job so have a client-facing persona and wardrobe). I’m able to understand difficult concepts/regulations and simplyfy them.
From my preliminary research around Reddit, would someone with my profile be more suited to suit-and-tie Consulting/GRC rather than PenTest/Red-Blue Team activities?
I know that to get your foot in the door, you need MORE than the requirements you see in job listings so I do have a Linux Homelab, spare SOHO network equipment and a few “hacking” games in my Steam Library.
Thanks for reading.
(As a former journalist, it’s interesting to note that the reporters in Mainstream Media reporting on the cybersecurity space have minimal IT/cyber job experience. My writing portfolio is: https://joyantaportfolio.wordpress.com and yes, I know a proper Domain Name looks more professional…)
Your experience in sysadmin is absolutely brilliant and will put you ahead of many applicants. In my
opinion you’d be perfect for blue team defender jobs, Cyber Security Analyst or Endpoint Agent Engineering. If red team sounds more interesting to you then go for it, it might just take more retraining.
There is also the option of cyber security writing, you can find a lot of good gigs online. Writing manuals and white papers for companies.
Hope that helps!