Finding a Remote Cyber Security Job: A Step-by-Step Guide
How to Start a Career in Cybersecurity
Finding a Remote Cyber Security Job: A Step-by-Step Guide
If you have decided on a career in cybersecurity, you’re in a good place. Careers in cybersecurity are hot right now, and the demand is projected to grow exponentially in the coming years. If your next goal is finding a remote cybersecurity job, here’s a step-by-step guide to help you along.
What Kind Of Remote Cybersecurity Jobs Should You Pursue?
Cybersecurity is a vast field with dozens of potential jobs and career paths to consider. Almost every type of cybersecurity job can be done remotely, so if your dream is to save the world from cybercrime while traveling the world (or never leaving your basement), you can truly have it all.
Working Remotely: The Importance of Soft Skills
When working remotely, there are some aptitudes you will need to cultivate beyond technical and IT skills. Granted, remote work is not for everyone, but the most successful remote workers share certain undeniable qualities on which employers place a high value.
For example, you will have to be able to work with minimal oversight. You will be expected to meet deadlines and complete tasks as agreed, and you can’t just ignore incoming calls, emails, or texts, no matter how deep in the weeds you are. You must manage your time well, both to maintain your sanity and to be sure you can deliver what you promise.
Since you are not working on-site, you will be held to a higher standard than regular employees, so you should be ready to step up and set an example of how things should be done.
Working remotely also requires excellent communication skills. Since you will report to a team or individual that you may never meet in person, communication is even more critical. Many nuances of conversation are lost when you don’t have visual or physical cues to help you interpret what’s being said.
You will be expected to be able to articulate your thoughts clearly, be available to discuss projects and progress, and work well with a wide range of people, some of whom may not completely grasp technology at the level you do. If you can explain what you do to anybody so that they can truly understand, you will go much further than someone too shy to speak up.
Remote Cybersecurity Jobs: What’s Possible?
Here are some of the remote cybersecurity jobs you might expect to see in 2020 and beyond:
Threat Analyst/Security Engineer. Analyses and identifies threats and vulnerabilities, collects information about current threats and malicious actors, provides intelligence analysis to predict future threats. This position generally works as part of a larger team and reports to the CIO.
Penetration Tester. Sometimes referred to as an “ethical hacker,” a pen-tester spends most of their time trying to breach systems to detect vulnerabilities. It is exceedingly common for a pen-tester to work as a remote freelancer as most of these types of jobs are not long-term projects.
IT Security Analyst. Design, plan, configure, implement, and upgrade security systems and protocols for infrastructure, information systems, and applications. You’ll work with several departments in the organization and are responsible for training staff and overseeing threat response.
Compliance Analyst. This job focuses on assuring a company’s legal and regulatory compliance. Their specialty can be industry-specific or more generalized. In recent years, compliance has become a vital IT function in the enterprise because of updated international data privacy laws like the GDPR.
Cybersecurity Consultant. This position must have insight into both sides of the threat and be able to spot system weaknesses and plan accordingly to ensure adequate protection. A consultant should know about hacking, coding, pen-testing, encryption techniques, operating systems, and threat management.
Incident Responder. An incident responder is the IT equivalent of a first responder, required to mount a rapid response to any security threats, mitigate damage, and relay information to the appropriate people as the situation unfolds.
Almost Any Cybersecurity Job You Can Do On-Site Can Also Be Done Remotely
If you’re interested in a remote cybersecurity position, you may actually have more options than if you wanted to be part of an in-house IT team. Companies today find that hiring remote workers streamlines their budget, reduces their IT costs, and gives them access to top talent that might not be available in their local area. If you are inclined to work remotely, these factors can work to your advantage.
Many cybersecurity professionals find that working remotely is just as rewarding as working on-site, and in many cases, it’s easier to find a job in your niche.
A career in cybersecurity depends on technology like broadband, virtual private networks (VPNs), and cloud-based services, all of which are accessible from pretty much any remote location. If you wanted to be a true cybersecurity digital nomad, you could do your work from virtually anywhere in the world, as long as you have a reliable internet or cellular connection.
Additionally, you’ll no longer have to chase down the “good jobs” in remote cities around the globe. Most cybersecurity positions today favor remote work, and if you’re good at what you do, the jobs will come to you. Now that’s freedom!
Depending on what you intend to specialize in, you could even work for several companies on a contract basis. People who focus on penetration testing, for example, often work this way.
Even better, if you’re working from home, you will be able to do everything from your own computer lab. You can set up your systems exactly the way you like, and you can work on your projects with no distractions.
Lastly, most cybersecurity positions require you to work long, often irregular hours during the workweek. If you’re working from home (or anywhere else), at least you’re not stuck at the office for all of your waking hours. There’s something to be said for being in your own environment.
USE REMOTE JOB BOARDS
Of course when you’re looking for the best remote jobs online, job boards are one of the first places to check. And while you should be keeping an eye on general job sites like Indeed and Glassdoor, when it comes to remote work you can save yourself some time (and possibly find some hidden gems) by checking out remote-specific job boards.
FlexJobs has over 50 remote jobs categories, with positions ranging from freelance gigs, to part-time work, to full-time jobs, with remote careers varying from entry-level to executive. The best part? FlexJobs screens their jobs before posting, so you don’t have to dig through any less than reputable opportunities. The site currently hosts more than 20,000 work-at-home and digital nomad job postings.
With a simple, straightforward layout, this job board is a catch-all of remote, work from home jobs from customer service, to web design, to programming. Living up to their stated goal of ”finding the most qualified people in the most unexpected place,” the We Work Remotely site connects over 130,000 monthly users with telecommuting opportunities. It’s your ticket to remote employment in no time.
Remote.co hand-curates their list of remote jobs. These listings include customer service positions, design opportunities, developer jobs, recruiter and HR roles, sales jobs, and other remote work (including writers, managers, and marketers). The Remote.co site also has the handy feature of allowing you to search or browse by job type.
PowerToFly is a dream come true for job seekers interested in working remotely. PowerToFly focuses on matching women in tech with remote and work-from-home jobs. If you join the site’s talent database, you’ll then go through a vetting process and get matched for a paid trial (a 2-4 week test period) with a potential employer. The site was started by two tech-savvy moms who were dedicate to making other women’s digital nomad dreams a reality, and PowerToFly continues that mission today.
Kit got three solid interviews for positions off this board during her own job search, so it’s definitely legitimate. It’s especially targeted at web developers, designers, and marketers.
These top five sites just scratch the surface of remote job listing resources.
You can check out more remote job boards on our list here, and a list of general flexible jobs sites (including remote work) here.
But just trolling job sites isn’t enough. There are some other basic, proactive preparations you should make en route to finding that perfect remote opportunity. Here’s a list of five easy steps toward making sure you’re in the best position to land that remote job.
Top Reasons To Choose Cybersecurity As A Career
Choosing a career in cybersecurity is a smart decision. Here are some of the reasons why:
Increased Demand, Evolving Threats
In recent years, there has been an explosion in the numbers and severity of cyber-attacks. The worst of these threats have cost companies in the billions of dollars, but even worse, it has ruined their professional reputations and eroded public trust. As threats continue to evolve and become ever more insidious and destructive, it takes a network of dedicated visionaries to keep our systems safe. Perhaps we should thank you in advance!
New Compliance Laws
Because of the ever-present threat and new legal compliance regulations governing how companies protect their customer’s data, cybersecurity professionals are an essential part of the world’s digital workforce. Companies need the support of dedicated cybersecurity professionals to assure compliance, thus protecting their business continuity.
Range of Potential Jobs
There are dozens of roles you might take on in cybersecurity, and not all of them require an engineering degree or years of coding experience. Some of the jobs you might consider include penetration testing, risk analysis, security analyst, project manager, incident responder, security consultant, and software developer. If you’re the executive type, you can ultimately aim for CIO (chief information officer).
Excellent Salary Potential
Depending on your specialty, education, and experience, a career in cybersecurity could earn you anywhere between $75,000 and $200,000 annually or more. Freelancers and remote workers tend to do very well as consulting fees can be at the higher end of the scale. Plus, you are the architect of your own success – you can work as much or as little as you like and still do pretty well financially.
How to Get a Remote Job in Cybersecurity
Getting a job in cybersecurity isn’t difficult if you have the chops. Working remotely adds an extra layer of complexity because of the additional effort you will have to put in to manage your projects and communicate clearly with your clients.
However, remote work is not for everyone, nor is cybersecurity. You might be attracted to the field because of its current high demand and excellent salary potential, but it’s a good idea to do your homework first, just to make sure you know what you’re getting into.
Here are some of the initial steps you should take to get started:
- Learn more about the field. The best way to learn what’s going on in the world of cybersecurity is to follow thought leaders, influencers, and cybersecurity evangelists on Twitter. Here are just a few you can follow today:
- Jeff Barr (Amazon Web Services) https://twitter.com/jeffbarr
- Lydia Leong (analyst at Gartner) https://twitter.com/cloudpundit
- David Linthicum (Deloitte) https://twitter.com/davidlinthicum?lang=en
- Graham Cluley (podcaster) https://twitter.com/gcluley
- Melissa Elliott (Veracode) https://twitter.com/0xabad1dea
- Katie Moussouris (HackerOne) https://twitter.com/k8em0
- Runa Sandvik (NY Times) https://twitter.com/runasand
- Jeremiah Grossman (Bitdiscovery.com) https://twitter.com/jeremiahg
- Mikko Hypponen (F-Secure) https://twitter.com/mikko
- Paul Asadoorian (Security Weekly) https://twitter.com/securityweekly
- Read a lot, learn from it. There is a lot of great information out there, but since cyber threats are continually evolving, you need to make sure you stay current. If there is one thing that makes a cybersecurity expert more valuable than the next, it’s knowledge. Of course, you need to have the foundations first.
If your endgame is an analyst role, you need an extensive breadth of knowledge, and that takes years to accomplish. A good approach to building your technical skills for this career path would be to start with TCP/IP Guide and prepare yourself to answer the question “what happens when” for any given situation.
For a career in endpoint forensics, pick up a copy of Incident Response and Computer Forensics, the Blue Team Field Manual, and the Red Team Field Manual. In your lab, experiment by compromising a workstation using some of the more basic approaches so you can get a feel for both sides of the fence – attack and defend.
If you come from a networking background, you might be thinking about a career in network security monitoring. Recommended must-reads include Applied Network Security Monitoring and Practical Packet Analysis. You might also check out blogs and resources like PacketTotal and Security Onion.
Whatever direction you lean towards, it’s a highly technical journey that requires a lot of deep learning. You won’t be able to get by just skimming over the hard stuff. If you run across some difficult topics, try to break them down into digestible chunks, translate it into common language. This kind of approach will help you retain and remember information more easily – and it will help you explain what you’re doing to others who might not have the same skills as you.
- Think like a cybercriminal. We know you are inherently good, but if you’re going to catch the bad guys, you are going to have to learn to think like one. Think of yourself as a cyber-profiler. Basically, you need to look at a situation from the standpoint of the criminal, see the network as they see it. Once you have an idea of what’s possible, it’s easier to know what you need to do to defend it. Check out the MITRE ATT&CK community for a real-world, real-time view of what’s going on in the world of threats today. You’ll also find great food for thought in their blogs. In some ways, it might actually be better to start here first before you dive into any other reading, then come back to it when needed.
- Don’t let inexperience deter you. It’s easy to get overwhelmed when you look at the depth of knowledge you’re expected to have for a top cybersecurity gig. However, you are likely one of two kinds of people. In the first scenario, you’ve got a solid IT background, and you’re making a lateral move. You’ve likely got what it takes, so you just need to take some courses, do some reading, and play around in your lab until you have a good grip on it.
But, if you don’t have a lot of technical skills, keep in mind that security roles run a huge gamut. It’s a perfectly valid approach to start in a non-technical position where you can learn and gain expertise over time.
In a roundabout way, we’ve come back to the beginning. So far, we’ve learned that a remote career in cybersecurity is indeed possible. As long as you have at least some technical expertise, you’ve got a great shot at a rewarding and satisfying career.
If you have read through the job descriptions, if you understand the various soft skills required, and you’re willing to put in the time and effort to develop a solid repertoire of threat intelligence, you’re already well on your way.
Whether you are on the technical side or if your talents lie in managing people, choosing cybersecurity is a solid career move.
To sum up the process of finding a remote cybersecurity job, here are the recommended steps to take:
Education. At a minimum, most IT security professionals have a BSc in computer sciences or in information technology. For management roles, a degree is a baseline requirement; upper management may be expected to have, at minimum, a master’s degree. If you have an undergrad degree in another field, consider taking some online courses in programming or IT.
Certifications. Most SecOps positions will require a basic certification, like CISM, Security+, or GIAC. There might be certifications that are specific to the niche you are pursuing, and most can be taken online at your convenience.
Networking isn’t just about computers. To really know what’s going on in the world of SecOps, you need to be out there in that world. This means you’ll need to mix it up with your peers, either through seminars, trade shows, conventions, and online through open-source communities. The more people you liaise with, the better chance you have of getting that referral.
Volunteer. One of the best ways to learn—and be of service—is to volunteer your time to an online cybersecurity group or organization. It will look great on your resume, and you’ll also get to work with like-minded others who can give you insider information about potential job openings or contract gigs.
Practice. When you’re not working, you should be working hard to hone your skills. Your lab should be running several different systems and open-source projects to sharpen your understanding of current threats and ways of approaching them. Interviewers will be interested in what you’re working on, so make sure you have something to talk about!
LinkedIn. Set up a LinkedIn profile that highlights your cybersecurity skills. Follow thought leaders in this niche and join groups to increase your visibility.
Never stop learning. The more knowledge you have about cybersecurity, the more in-demand and marketable you will be. Don’t just focus on one area, branch out a bit, and expand your horizons. That way, if you decide the direction you took isn’t exactly right for you, you’ll have some options.
Highlight your learning activities on your resume. One of the most valuable traits for any employee—but most notably those in cybersecurity—is a passion for learning. Be sure you stress the areas you are studying as well as those you plan to study. Potential employers want to know that your interest in the subject stems from genuine curiosity and a willingness to better yourself.
If you are serious about landing a remote cybersecurity job, you likely already know how challenging and rewarding it will be. It’s a serious commitment of your time and focus, but the rewards will be nothing short of life-changing. Good luck with the journey, and here’s hoping that these tips help you make a decision that’s right for you.
Are you wondering if a career in cybersecurity is right for you?
Here’s a thought: take our quiz and get one step closer to an exciting future.