Discipline: Cybersecurity

How to Get into Cybersecurity in 2023

Posted on by Anna Johnson

TL,DR:

  • Demand for Cybersecurity professionals is high and growing
  • Entry-level positions may not require a formal degree and instead prioritize skills
  • Coming from a technical field with transferable skills sets you up for success, but consider studying for a relevant certification to demonstrate your abilities 
  • For non-technical people, additional learning will likely be required 
  • There are three main paths to acquiring Cybersecurity skills – self-study, university, or a cybersecurity bootcamp 
  • A bootcamp will get you there faster than self-study and for a fraction of the cost of attending a traditional university

More people, organizations, and governments are online than ever before. The internet hit 5.1 billion users in 2023, with an estimated two-thirds of the earth’s entire population getting online. 

But, the digital age comes with a double-edged sword. While internet access unlocks opportunities the world over for those with good intentions, it also increases opportunities for those with bad intentions to exploit digital assets. And, with emerging artificial intelligence tools being used to scale both the frequency and complexity of cyber attacks, demand for those with cybersecurity skills has exploded. The cybersecurity industry is projected to grow 32% from 2021 – 2029 – a staggering increase when compared to the rest of the economy.

No matter where you’re starting from, you can get a job in cybersecurity – and we’ll show you how.

What Is Cybersecurity?

In simple terms, cybersecurity is the practice of securing networks, resources, and systems from cyberattacks. This means anytime you take measures to protect a system or network from cyberattacks, you are practicing cybersecurity.

Despite its superficial simplicity, cybersecurity is a lot more complex than installing antivirus or antispyware software onto your machines. It is a wide, comprehensive field consisting of different disciplines and best practices to preserve the safety, integrity, and reliability of networks and digital systems.

Why Is Cybersecurity Important?

Data breaches expose sensitive information to people with malicious intent – think things like passwords, credit card information, phone numbers, protected health information, personally identifiable information, and sensitive documents (such as copyrights, trade secrets, patents, and so on). 

But, information theft is often not the only goal of a cyberattack — hackers and bad actors also attack infrastructure controls and compromise data integrity. With the power of AI tools, these cyber threats are only projected to increase in both frequency and complexity. 

Therefore, it’s critical – both at the individual and organizational level – to secure the data that so many rely on.

What Cybersecurity Jobs Are Out There?

If you’ve done any research into cybersecurity positions, you’ve likely come across something called the cybersecurity talent gap. This term refers to the lack of skilled cybersecurity professionals available to fill much-needed roles. 

Recent studies estimate that there are over 3.5 million unfilled cybersecurity jobs in 2023 and that 56% of companies struggle to recruit qualified candidates. These are all positions that you could be training to fill!

Further reading: The Ultimate Guide to Cybersecurity Careers

Basic Education Requirements for Cybersecurity Jobs

This is likely the first thing you googled – “Do you need a bachelor’s degree to get a Cybersecurity job?” 

Cybersecurity is a vast field with a variety of different roles available. No matter your background, there is something you can contribute to the cybersecurity discussion. Due to this, there are no true “basic education requirements” that would apply across the board for every single cybersecurity position. In fact, many entry-level cybersecurity jobs do not require a bachelor’s degree in cybersecurity or related fields. For more senior roles, it may be required to hold a degree or specific certification.

But, this is about entry-level – so let’s move on to how your transferable skills can apply to cybersecurity (no degree required). 

Programming Skills Needed In Cybersecurity

While entry-level Cybersecurity roles often do not require a formal degree, you’ll still need relevant skills to prove you can do the job. A major skill set that is required is programming. If you have experience in any of the below common languages, you’re already ahead of the game. 

Further reading: Best Programming Languages for Cybersecurity 

Python

Python is used to test for web application security vulnerabilities, such as SQL injection and cross-site scripting, to scan for malicious code, and to build automated web application firewalls.

Golang

Also known as “Go”, Golang is often used to develop malware.

Javascript

Javascript is a lightweight scripting language used to access cookies on a browser, access and manipulate databases, and carry out cross-site scripting (XSS). 

C

This is a low-level programming language that is useful for reverse-engineering malware and creating antivirus software to counter it. 

C++

The C++ programming language was created as an improvement on C. It was made to support objects and classes and is faster and more flexible than C. It can also help in reverse engineering and identifying network vulnerabilities.

SQL

This is the language used to access and manipulate data in most databases, making it the most popular data management language. Most websites store their data in relational databases and use SQL (Structured Query Language) to access and modify it.

Assembly

Assembly is a low-level language that speaks almost directly to computer hardware. It can be difficult to write and read but is extremely powerful, especially when it comes to reverse-engineering malware.

Powershell

Powershell is a more robust and powerful command-line utility than the traditional Windows command-line tool, CMD. Administrators can use it to automate tasks or get in touch with the nitty-gritty details of the system, such as window APIs and events. Attackers like to use it to gain access to systems.

Ruby

This is a backend scripting language known for its clean syntax and ease of use. It is also popular because it allows you to get more done with less code. It is used on servers and is written in C.

Java

This programming language has remained relevant for a long while because of its versatility, security, and power. It can be used for virtually any programming task, such as pen testing and creating vulnerability testing software. 

PHP

PHP is the most popular server-side language and is still used by a large majority of websites. 

Soft Skills Needed In Cybersecurity

Despite what Hollywood might suggest, you will not be working alone in the back of a van (at least most of the time). You’ll be working on teams with other Cybersecurity professionals, so soft skills are just as important as hard, technical skills. The most important soft skills for a cybersecurity role are:

  1. Management skills: this refers to time, people, and project management.
  2. Problem-solving
  3. Verbal and written communication
  4. Presentation
  5. Independence
  6. Leadership
  7. Logical reasoning
  8. Creativity
  9. Willingness to learn
  10. Integrity

Further reading: 16 Soft Skills You Need to Succeed in Cybersecurity

Recommended Entry-Level Cybersecurity Certifications

Cybersecurity certifications help demonstrate that you can do a job. But you need to focus on getting the right ones for them to be effective. Here are some recommended entry-level cybersecurity certifications to consider:

CompTIA Security+

The CompTIA Security+ certification focuses on foundational cyber skills. This certification rubber-stamps your ability to assess an organization’s security level, monitor and secure cloud, mobile, and IoT environments, and identify and respond to threats.

Attaining this certification can qualify you for roles such as:

  • Systems Administrator
  • Help Desk Manager
  • Security Engineer
  • Cloud Engineer
  • Security Administrator
  • IT Auditor
  • Software Developer

GIAC Security Essentials Certification (GSEC)

The GSEC is ideal for professionals with a background in information systems and/or networking who want to move into cybersecurity. This certificate validates security skills such as active defense, network security, cryptography, incident response and cloud security.

Attaining this certification can qualify you for roles such as:

  • IT Security Manager
  • Computer Forensic Analyst
  • Penetration Tester
  • Security Administrator
  • Software Development Engineer
  • IT Auditor

Systems Security Certified Practitioner (SSCP)

This certificate validates that you have the skills to design, implement, and monitor a secure IT infrastructure. The qualifying exam features questions regarding access controls, risk identification and analysis, security administration, incident response, cryptography, and network, communications, systems, and application security.

Attaining this certification can qualify you for roles such as:

  • Network Security Engineer
  • System Administrator
  • Systems Engineer
  • Security Analyst
  • Database Administrator
  • Security Consultant

Further reading: 9 In-Demand Cybersecurity Certifications

How To Get Into Cybersecurity If You Come From Another Technical Field

Many skills acquired in other technical fields transfer quite well to cybersecurity. Pre-existing knowledge of critical functions such as security ops or information systems can make the transition much smoother. Professionals in financial and risk analysis, security intelligence, and the like are well-positioned to transition into cybersecurity.

While things like certifications are an asset, some of the most relevant skills to have are knowledge of cybersecurity concepts and strong non-technical/soft skills.

Technical Skills

Here’s a fairly comprehensive list of the technical skills you’ll need to transfer into cybersecurity if you come from another technical field.

1. Risk assessment and management

This is possibly the most important skill a cybersecurity specialist can have. It entails identifying possible threats and analyzing and evaluating the risks the organization faces. It ensures that the measures to protect the organization are appropriate to the organization’s risks. 

2. Authentication

This is the process of ascertaining a user’s identity, thereby allowing them access to digital resources.  Cybersecurity professionals create new authentication schemes, audit existing ones for possible data leaks/breaches, and should be comfortable with firewalls and Intrusion Detection Systems (IDS).

3. Linux

This open-source operating system is a favorite of cybersecurity professionals because of its flexibility and transparency. As a result, most cybersecurity tools (such as penetration testing, vulnerability analysis, and ethical hacking) are developed for the Linux operating system. It’ll do you good to learn it before embarking on your cybersecurity career.

4. Information systems

This refers to how information is collected, processed, stored, and distributed both within and without an organization. As a cybersecurity professional, you should understand the routes data takes and what operations are performed on it. This will help in identifying breaches and building protective measures.

5. Digital forensics

This refers to the investigative methods used to find anomalies and malicious activity on the network. 

6. Coding languages

As mentioned above, many cybersecurity jobs require fluidity or at least familiarity with multiple programming languages. If you used any of the most common languages in a previous role, this is a major advantage. 

Tips For Leveraging Your Experience

If you are coming from another technical field and already have had the opportunity to develop some of the technical skills listed above, then you’re miles ahead in the process. Before jumping into the job search, be sure to polish your skills and brush up on current industry topics. Highlight your previous experience in applications, and you’ll significantly increase your chances of landing a cybersecurity job.

How To Get Into Cybersecurity If You Already Work In IT

Professionals with IT backgrounds often are familiar with information systems and networks, making a lot of their skills easily transferable to Cybersecurity. They also tend to have been exposed to fundamentals such as configuring and administering systems, coding, database management, IT procedures, and real-world business operations.

Technical Skills

Depending on the cybersecurity role you have in mind, your technical skills from your previous IT role might not translate perfectly, requiring additional education to be a competitive candidate (more on that later). That being said, some IT roles are such a good fit for cybersecurity that they are called feeder roles. The skills you’ll need are:

  1. Risk assessment and management
  2. Cryptography
  3. Security operations
  4. Information assurance

Tips For Leveraging Your Experience

The IT field is a great stepping stone for a cybersecurity career, but you’ll likely need to do some additional work before you can start firing off applications. To fill in skill gaps, you may want to consider either taking an accelerated course like a Cybersecurity bootcamp to streamline skill acquisition or studying for relevant certifications to demonstrate pre-existing mastery. 

Further reading: How to Stand Out and Get a Job in Information Security

How To Get Into Cybersecurity If You Have No Technical Experience

While it is possible to get into the cybersecurity field without technical experience, your journey will likely be longer than someone with a technical background. Don’t let that discourage you though – there are lots of resources out there to help you get started

Technical Skills 

If you’re coming from a non-technical background, you’ll likely need to go for further education to acquire the skills you need to land your first job. That being said, here are some skill sets to consider focusing on, depending on your ultimate career goals:

1. Penetration testing

This is also called pen testing. This is a way to check a system for vulnerabilities by simulating a cyber attack on it. 

2. Cloud security

The “cloud” is a collection of computers and servers that you can access remotely as opposed to locally. By extension, cloud security is any method by which applications, data, and resources are protected in the cloud.

3. Digital forensics

This means exactly what it sounds like; following digital clues to uncover crimes and crime attempts. Cybersecurity experts use this when there is a data breach to attempt to uncover who did what and when.

Tips For Leveraging Your Experience 

If you’re coming from a non-technical background, there’s no way around it – you’ll have to develop additional skills. Afterward, you can lean into the soft skills you developed in previous experience, but to even begin you’ll need to meet basic qualifications and requirements. 

Let’s discuss how you can develop those skills below.

Developing Cybersecurity Skills: 3 Paths

Self-study

This is generally the path most Cyber hopefuls embark on early in their journey – googling around, taking some free online courses, and generally just being a sponge for information. But, this path is often the hardest. While there are almost limitless free resources available online, determining what to study and sticking with it long enough to acquire solid skills is immensely difficult. But, if you have the iron will required of this path, pursue it!

Advantages of self-study: 

  • Self-paced
  • Inexpensive

Disadvantages of self-study:

  • You need a lot of discipline to stay the course
  • It could take a long time
  • No guidance on course topics 
  • No support if you hit a difficult topic

Traditional Degree

If you’re switching careers, you could go the traditional university route. A cybersecurity degree or a related one (such as computer science) will nicely set you on your path. But, 4 years and thousands of dollars later, you’ll graduate with lots of theory and likely little hands-on experience. 

Advantages of a traditional degree:

  • You’ll get a solid understanding of the basics
  • Accountable for learning
  • Professors available for support 

Disadvantages of a traditional degree: 

  • Often prohibitively expensive 
  • Takes a long time (3-4 years)
  • May not receive hands-on experience 
  • Heavy focus on theory 

Cybersecurity Bootcamp

Attending a bootcamp is a good middle ground between the previous two options – far less expensive than a university degree, and much faster than both self-study and university. 

Cybersecurity bootcamps teach students the skills to break into the industry in weeks, not years. With a curriculum in tune with current trends (ie, artificial intelligence), instructors there to support your learning journey, and career services support post-graduation, a quality bootcamp can turbocharge your path into a new career.

Advantages of a Cybersecurity bootcamp: 

  • Comparatively inexpensive
  • Practical, hands-on skills
  • Flexible learning options
  • Takes weeks, not years 
  • Job search support offered

Disadvantages of a Cybersecurity bootcamp:  

  • Rigorous learning pace
  • Significant time commitment

Get Started Learning Today

No matter where you’re starting from, there is a path for you into Cybersecurity. 

Apply Now to join other Cyber hopefuls in a program that’ll give you the cybersecurity skills you’ll need to land your first job in tech.

Not ready to apply? Try out our Free Cybersecurity Prep Work and test-run the material we teach in the course. Or, read stories about successful career changes on the Flatiron School blog.

Are Cybersecurity Bootcamps Worth It In 2023?

Posted on by Anna Johnson

Key takeaways:

  • Cybersecurity is a growing field, with the potential for 6-figure salaries 
  • Bootcamps teach skills needed to enter the field quickly, but come with a price tag and rigorous learning pace
  • Different bootcamps offer varying degrees of support during and post-completion – picking the right one is key
  • Most bootcamps offer flexible learning options to fit into your schedule
  • Bootcamps are generally considered worthwhile given potential salaries post-graduation
Cyber security students learning 1000x

Before embarking on the path of becoming a cybersecurity analyst or engineer, you must ask yourself, “Is this worth it?” Will the upfront cost be worth the potential payoff?

It’s a hard question and one that requires a lot of research. In this piece, we’ll break down cybersecurity bootcamp costs, the expected return on investment, and potential salaries graduates could expect to help you decide if a bootcamp is right for you.

Demand For Cybersecurity Professionals

As more businesses and organizations establish an online presence, the demand for protection against cyber threats has exploded. And, with emerging artificial intelligence tools being used by bad actors to scale both the frequency and complexity of attacks, demand for those with cybersecurity skills will surely continue to increase.

This is backed up by the numbers as well – the cyber field is projected to grow 32% from 2021 – 2029. The largest concentrations of cybersecurity opportunities are in New York, Dallas, and Washington D.C, with slight variations in the expected salary* for Security Analysts in each location.

For professionals looking for a growing field to develop careers in, Cybersecurity is an attractive option. But, to enter the field, hopefuls need the relevant skillset; bootcamps are a great way to acquire those skills quickly.

1000x teaching cybersecurity

What Is A Cybersecurity Bootcamp?

Cybersecurity bootcamps are accelerated courses that teach students the necessary technical skills (and soft skills) needed to land a Cybersecurity job.

Bootcamps are short and intense – often completed in 12-14 weeks, as opposed to the 4 years required for a traditional university degree. They often are offered in full-time or part-time formats, as well as in-person or online.

Each bootcamp will have a specific concentration, but most aim to prepare students for multiple cybersecurity roles including cybersecurity analyst, compliance analyst, threat intel analyst, penetration tester or ethical hacker, cybersecurity engineer, system security administrator, information systems security manager, and cybersecurity consultant.

What To Consider When Choosing A Bootcamp

Cybersecurity bootcamps are run differently than a typical college course program, and their features vary based on the bootcamp.

Pre-Class Prep Work

Because they’re typically shorter and more rigorous than the typical college experience, your expected level of comfort with Cybersecurity before beginning the bootcamp can vary. Some bootcamps teach as if you have no experience at all, while others might assume a basic understanding of the topic. Others might expect you to complete pre-work before the bootcamp begins. For example, at Flatiron School, students must complete Prep Work before the first day of class to level-set their knowledge with others in their cohort.

This is something to consider when choosing a bootcamp. If you enter a cybersecurity bootcamp unprepared, it’s that much more likely you’ll have a bad experience, and attending will turn out not to be worth it.

When picking a bootcamp, research what’s expected of you beforehand.

austin-1 small

Admission Requirements

While the requirements for attending a bootcamp vary, they’re there for a specific reason – to improve the odds that a student will be successful and make it to the end of the program. In addition to basic requirements such as age, logic and reasoning capabilities, and previous degree (ie, high school), admissions teams are looking for your commitment to learning.

There are a few ways bootcamps ensure that they only admit students passionate about learning: they can require certain prep work, require essays, or ask applicants to pass a cultural or technical exam as part of their admissions process.

Think long and hard about why you want to enter cyberspace. Consider your career and salary goals, too. When you have that vision in your head and keep your eyes on the prize, an admissions team will recognize that passion.

Career Services

Unlike a traditional college information technology or computer science program, many — though not all — bootcamps offer career services to help you land a job after you graduate. 

Career services are an invaluable service that the best bootcamps offer. Many people pay thousands of dollars for a career coach alone — the best cybersecurity programs have that coaching built into their tuition. When you enroll in a bootcamp, you’re looking to start a new career, not just to learn cybersecurity skills. It’s only natural that you would be seeking some guidance finding a job after graduation.

The best career services will help you build your resume, perfect your portfolio, practice interviewing, and learn how to market yourself while staying true to your skills and values. Robust, comprehensive, personalized career services go a long way toward helping you leverage and showcase the skills you worked so hard to learn, and are a critical component of making your bootcamp experience worth it.

If a bootcamp you’re considering doesn’t offer career services, then find a bootcamp that does. 

Program Cost

Tuition can vary and depends on the specific program, but quality cybersecurity bootcamps typically cost between $10k and $20k**. 

Bootcamps that focus more on analytics and less on technical skills tend to be slightly cheaper than more technical bootcamps,  which may prepare you to become a pen tester or network security engineer.

Further reading: How to Pay for a Coding Bootcamp

Skills Taught

The goal of a Cybersecurity bootcamp is to equip students with the fundamental skills needed to break into the industry. In a cybersecurity bootcamp, you will learn a mix of technical skills as well as practical soft skills to apply directly to your future career. They are designed to prepare students to identify, prevent, and resolve corporate data breaches and cybersecurity incidents with a focus on hands-on skills (as opposed to abstract theory).

Languages taught vary by bootcamp, but many teach you some combination of JavaScript, Golang, C/C++, and Python. We suggest reading up about which cybersecurity languages are used for what roles and selecting a bootcamp that teaches the skills aligned with your goals.

Graphic: Cyber languages combined

Format Options

Most cybersecurity bootcamps are offered in a variety of formats – full-time or part-time, in-person or 100% remote. 

Can you commit to a full course load while you change careers, or will you need to continue working? Do you have access to a nearby campus, or would you prefer (or need) to study online? Do you have other time commitments that you need to consider while you further your education? 

These are all important things to consider when choosing a bootcamp – be sure you’re selecting a format you can stick to for the duration of your program.

Advantages of Attending a Cybersecurity Bootcamp

There are a variety of advantages to attending a Cybersecurity bootcamp. Still, it primarily boils down to two simple things – speed and targeted learning that will get you to your goal of a career in cybersecurity faster.

Additional advantages of attending a bootcamp include:

  • You’ll learn the skills employers are looking for now
  • You’ll be held accountable for your work and progress
  • Classes encourage collaboration and working with others
  • Advisors and instructors to lean on when you’re stuck
  • Career services (at the best bootcamps) to execute a smart job search
  • You’ll graduate with a full portfolio to show employers
  • Lots of hands-on experience means you’ll be ready to contribute on day one
  • Many bootcamps focus on “learning how to learn,” so you’ll continue to improve as your career progresses

Disadvantages of Attending a Cybersecurity Bootcamp

But, like everything in life, there are trade-offs. Disadvantages may include:

  • More expensive than teaching yourself
  • Rigorous pace –  if you’re not committed, you’ll fall behind

Further reading: Coding Bootcamps vs. College

So, Are Cybersecurity Bootcamps Worth It?

Whether a Cybersecurity Bootcamp is worth the investment depends on the individual person’s goals. For somebody just looking to dabble in Cyber, no, it likely wouldn’t be. But, if you want to launch a Cybersecurity career in months instead of years, then yes, it’s worth it.

Bootcamps aren’t easy, but you get out of them what you put into them. If you commit yourself to putting in the time and working hard, your experience will be well worth it — you’ll graduate a well-versed, knowledgeable, and industry-ready cybersecurity expert. 

But don’t take our word for it, check out the stories of some of our Cybersecurity graduates who completed their programs and are now thriving in Cybersecurity:

Ready to join them? Apply today to be one step closer to your next career. 

Want to test the waters first, and see if Cybersecurity is right for you? Try out our free Cybersecurity Prep Work to try out the material – no strings attached.

*Salaries cited current as of October 2023

**The 10 Best Online Cyber Security Certifications of 2023

Tony Khawaja-Lopez: MMA Coach to Cybersecurity

Posted on by Anna Johnson

Tony Khawaja-Lopez, a November 2022 Cybersecurity Engineering graduate from Flatiron School, initially began his career in tech before spending several years in martial arts and the service industry. It took an injury to inspire him to come full circle to where he began – tech.

Background

Tony initially graduated with a degree in Computer Science. Post-graduation he was employed in the tech industry for a few years before switching to working as an MMA Coach and Stackbucks Supervisor. But, he says that an injury made him reconsider his current career path. 

“When I got injured, my wife [had just been] accepted to a Ph.D. program in Boston,” he explained. “Ultimately, I [wanted to change careers] for a better lifestyle and a field that was more mentally stimulating.”

While considering his next step, he found that he didn’t have to go far. In fact, he went full circle back to where he began – tech. 

“I have been a techie most of my life and Cybersecurity has always been interesting to me. I had been thinking about the field a lot, and after [my injury] I decided to take the plunge,” he said. “Cybersecurity seemed like work with importance and it was just the coolest thing I could think of.”

Bootcamp Experience

Transitioning into a new field, however, would require an expanded skill set. Eventually, Tony learned of Flatiron School’s Cybersecurity program through referrals from previous graduates. 

“I did some market research and spoke with a few friends who all knew someone who had gone to Flatiron,” he said. “After my own friend signed up, I decided I would too.” 

Tony enrolled in Flatiron School’s Cybersecurity Engineering Flex program, an online, part-time program designed for busy people. The format enables students to continue to work or fulfill other responsibilities while pursuing their education – a delicate balance that Tony admits was difficult to strike at first. 

“I worked throughout the whole program,” he explained. “So, time management and goalkeeping [were challenging].” 

Despite the challenges he faced adjusting to the coursework, Tony reported that he enjoyed the entirety of the program – hard work included. 

“My favorite part of the program was definitely the experience throughout, understanding something that was so foreign to me was an experience I hadn’t really ever achieved through conventional education,” he said. “I really enjoyed working with my Cohort lead, and the time they would take to help us whenever we messaged them.”

Job Search

Tony graduated from Flatiron School on November 9, 2022. By the time he received his certificate of completion, he already had two job offers in hand.

“The job search experience was tough at first, it involves a lot of leg work and finding what works for you,” he recalled. “But, I job-searched throughout the entire program, and managed to land two security-based IT jobs before even graduating.”

When we spoke with him almost a year out from graduation, he had nothing but good things to say about his decision to pivot into Cybersecurity. 

“My life simply wouldn’t be the same without the change. My wife and I are living well because of the career switch, which allows me to work from home while she studies for her Ph.D.”

Check out what Tony’s up to on his website: tonykl.com.

Reflecting On His Journey

Looking back on where he began, Tony is acutely aware of the importance of betting on oneself. 

“[Before attending Flatiron] I had been on the fence, worried that if it didn’t pan out, I’d be in a pinch,” he said. “However, the experience, what I learned, and the opportunities wouldn’t have been possible without attending Flatiron and going for it.”

 As for his advice to current Cybersecurity students, he recommends accepting the fact that you may not get things right the first time and to lean on those around you for help.

“There’s going to be a lot that won’t make sense, and you might have to spend 4 or 5 times the amount of time you thought you would on something to understand it. Reaching out to others in your cohort will get you further than you could alone.”

Ready To Pivot, Just Like Tony Khawaja-Lopez?

Apply Now to join other career changers like Tony Khawaja-Lopez in a program that’ll give you the tech skills you need to land your first job in tech.

Not ready to apply? Try out our Free Cybersecurity Prep Work and test-run the material we teach in the course. Read more stories about successful career changes on the Flatiron School blog.

Qingsong Chen: Biology to Cybersecurity

Posted on by Anna Johnson

Qingsong Chen, an October 2022 Cybersecurity graduate from Flatiron School, began his career working in the biological sciences. But, a short 4 years in, he made the decision to pivot to tech.

He shares his journey of crossing continents and changing careers below.

Background

Qingsong Chen began his career in China, first earning a degree in Medical Laboratory Technology from the Hubei University of Chinese Medicine, then working for four years as a Laboratory Assistant. But, despite his burgeoning profession in the biological sciences, he felt that something had to change. 

“I wasn’t living the lifestyle I wanted and my field of interest was more in IT,” he explained. “After researching the fields of tech I found myself very interested and eager to learn more; working in tech also felt like ‘my type’ of lifestyle.”

He took his time exploring different aspects of tech, trying out coding languages and software to see what he liked most. 

“I pursued self-learning in all areas of tech including Java, front end development, python, and cybersecurity,” he said. “I found out that I was most interested in Cybersecurity. So, I decided to leave the medical field and pursue a career I would enjoy.”

Bootcamp Experience

To expedite his transition into Cybersecurity, Qingsong began looking into bootcamps that would teach him the skills he needed to land his first job in tech. Eventually, he decided to apply to the Flatiron School Cybersecurity program.

“I did a lot of research before choosing Flatiron School,” he recalled. “Ultimately, I made the decision primarily based on the feedback from some graduates and a little bit of instinct. I also hoped to network with other students entering the field.” 

Qingsong enrolled in Flatiron School’s full-time online Cybersecurity Engineering Live program. An accelerated course, it is designed to equip students with the foundational skills needed to break into the Cybersecurity industry. While he recalls initially finding it difficult to adjust to the “entry-level knowledge gap,” he appreciated the labs that equipped him with real-world skills. 

“My favorite part of the program was the hands-on labs,” he said. “Only by getting your hands dirty can you validate and truly understand what you have learned.”

The Job Search

Upon graduation in October 2022, Qingsong entered a tech job market that had recently been shaken by layoffs at big-name companies. But, despite the “hard” job search, Qingsong’s Flatiron School career coach supported him throughout. 

“My career coach helped a lot with my resume and my LinkedIn profile,” he said, “and we communicated regularly to discuss what I could improve in my job search.”

Ultimately, Qingsong accepted a tech-adjacent role at a technology company in Fremont, California. Though not the Cybersecurity role he’d initially set his sights on, he is confident that his current position will set him up for success moving forward.

“Though I was not yet able to land a job in Cybersecurity, I got an offer as a Server Repair Technician in a big company. In only 4 months I’ve become widely recognized as a reliable and capable person,” he said. “I’m hopeful I’ll be able to take the next step in my Cybersecurity career soon.”

Reflecting On His Journey

Looking back on where he began – a continent and a career ago – Qingsong’s takeaway is the importance of leaning into the challenge to get valuable experience. 

“I was able to complete tasks that were a bit over my experience level, as I learned a lot each time I got stuck. There were challenging tasks that took tons of time, but every minute was worth it. I am proud that I was able to hang in there and overcome the problems I’ve encountered.”

As for his advice to other upcoming graduates, he recommends considering a tech-adjacent job as a stepping stone.

“Breaking into the field of Cybersecurity is hard especially if you don’t have related experience,” he explained. “I would advise current students to consider other tech-related jobs to start with and build a way towards Cybersecurity. For example, if you’re offered a Network Engineer role but not a Cybersecurity role, consider taking it to start with.”

Ready For A Change, Just Like Qingsong Chen?

Apply Now to join other career changers like Qingsong Chen in a program that’ll give you the tech skills you need to land your first job in tech.

Not ready to apply? Try out our Free Cybersecurity Prep Work and test-run the material we teach in the course. Read more stories about successful career changes on the Flatiron School blog.

Cybersecurity Awareness Month 2023

Posted on by Anna Johnson

2023 is the 20th anniversary of Cybersecurity Awareness Month. All October long, while Halloween candy fills stores, government agencies and private industry organizations collaborate to ensure every American has the resources to stay safe and secure online.

So, in honor of the Cybersecurity industry keeping individuals, companies, and governments safe on the web (and your yearly reminder that ‘Password’ should never be your actual password), we’re featuring 5 recent Cybersecurity grads and their reasons for pursuing a career in the field.

Usman Sikander: Mechanical Engineer to Cybersecurity Analyst

Usman Sikander

Usman Sikander, a May 2021 Cybersecurity Analytics* graduate from Flatiron School, began his career in mechanical engineering. Eventually, an interest in the digital world of cybersecurity led him to tech.

“I was drawn to the field […] due to its dynamic nature and the ever-growing importance of securing digital assets in our increasingly connected world,” he explained. “The constant evolution of technology presents both opportunities and challenges. I was captivated by the idea of playing a crucial role in safeguarding sensitive information and defending against cyber threats.”

When we spoke with Usman in June 2023, he’d been working as a Cybersecurity Analyst and White Hat Hacker at Warehouse Services, Inc. for just under 2 years. He has only good things to say about his new career.

“Working in cybersecurity has been a fulfilling and exciting experience. The opportunity to protect organizations and individuals from cyber threats, analyze vulnerabilities, and develop robust security strategies is deeply satisfying. The reality of the field certainly lives up to the initial allure and expectations.”

Read his full career change story

Igor Vlasenko: Air Traffic Control to Cybersecurity

Igor Vlasenko

Igor Vlasenko, an August 2022 Cybersecurity Engineering graduate from Flatiron School, grew up in Ukraine and went to university to be an air traffic controller. After moving to the USA as an adult, he decided to pursue Cybersecurity for a technical challenge.

“I didn’t feel challenged. When I asked myself if doing what I was doing every day at work helped me get where I want to be, I did not get a satisfactory answer,” he explained. “That was the primary reason I decided that I had to do something about it.”

As to why he settled on Cybersecurity, Igor cites a “curiosity” about the field. 

“I would read news articles about recent cybersecurity breaches throughout various industries around the world,” he said. “And I often found myself not understanding the specifics of adversary techniques and defense mechanisms. I wanted to understand it better and be able to protect myself and others.”

After graduating, Igor accepted a Senior Information Security Analyst position with Western Union, based in his new hometown of Denver, Colorado.

Read his full career change story.

Maxwell Wolfe: DJ to Cybersecurity

Maxwell Wolfe

Maxwell Wolfe, a May 2021 Cybersecurity graduate, says that he could easily fill the pages of a book to explain the winding career path he’s taken to get where he is today. He held a string of unrelated, hands-on positions until the pandemic left him without an income and casting about for his next move. 

But, in his search for a new career, Maxwell didn’t have to go far. He went back to his early curiosity in “gadgets,” renewing his interest in a tech career he’d long ago discounted as unrealistic. 

“Tech and video games always intrigued me,” he recalled. “But I never thought I was cut out for a career in tech until I stumbled upon some free online resources.” 

His decision to pursue Cybersecurity specifically, however, was driven by a more recent experience.  

“The TV show Mr. Robot was a significant catalyst, inspiring me to dive into tech and, more specifically, ethical hacking. The idea of protecting individuals or non-profit organizations sparked my desire to contribute positively to society and prompted me to embark on this new career path.”

After graduating, he worked as a SOC Analyst at a technology company for over a year. After taking some time off to earn additional certifications and enhance his skills, Maxwell opened Wolfhart IT, an IT service provider and consulting firm, in mid-2023. In early July he shared on LinkedIn that his company had signed its first contract.

Read his full career change story.

Roger Brown: Amazon Career Choice 2021

Roger Brown

Roger Brown, an October 2021 graduate of the Amazon Career Choice Cybersecurity Engineering program, transitioned into tech by way of Amazon’s Career Choice program. He began his career in hospitality, working in the field for several years before transitioning into tech.

“I was drawn to the constantly evolving nature of the tech industry and the opportunity to work with cutting-edge technology.”

In early 2021, he’d been working as an Inbound Problem Solver at Amazon for two years when he learned about the Amazon Career Choice program. The program allows Amazon employees to receive technical training from partner institutions to pursue higher-paying career paths. 

Roger was accepted and enrolled with a cohort of fellow students from Amazon. The program ran for 32 weeks from February through October with the curriculum delivered online via live lectures. Students completed about 15 hours a week of classwork while continuing to work full-time, a logistical challenge for any new student. 

“Balancing the intense coursework with my other responsibilities was challenging,” Roger recalled. “But, my favorite part of the program was the hands-on projects, which allowed me to apply what I had learned and see the results firsthand.”

When we chatted with Roger in early 2023 he reported that he was “working as a Cybersecurity Specialist at a top tech company.”

Read his full career change story.

Travon Bryant: Amazon Career Choice 2022

Travon Bryant title card

Travon Bryant, an October 2022 graduate of the Amazon Career Choice Cybersecurity Engineering program, began his career by earning an Associate of Science degree and spent the next 11 years as a pharmacy technician. But, a decade in, Travon’s priorities had changed, and he decided it was time to pivot. 

“I chose to make the switch because the pharmacy wasn’t paying the bills,” he explained. “I wanted to get a good-paying job to be able to take care of my family.” 

It was while working for Pillpack – a pharmaceutical management service acquired by Amazon in 2018 – that Travon learned about the Amazon Career Choice program. The program allows Amazon employees to receive technical training from partner institutions to pursue higher-paying career paths. While exploring the program, Travon settled on applying for the Amazon Career Choice Cybersecurity Bootcamp taught by Flatiron School. 

“I was always interested in securing networks and the tools that were involved,” he said.  “I needed a change, so when presented with the opportunity [to change careers], I took it.”

Upon graduating in October 2022 with a brand new Cybersecurity skillset, Travon quickly secured his first opportunity. When we spoke with him in June 2023, he had only good things to say about working in his industry. 

“My job search was brief. I had 3 interviews before getting a job at a bank in a rotational program where I rotate every 8 months to a new cybersecurity team. I love my new field, it definitely lives up to my dream. I’m proud I’m in the field at a good company.”

Read his full career change story.

Secure The World With Cybersecurity

Has a career in cybersecurity always fascinated you? Do you often try to convince your family and friends to update their passwords? Then a career in cybersecurity might be the perfect fit for you!

Apply Now to join career changers like those featured above in a program that’ll give you the cybersecurity skills you’ll need to land your first job in tech.

Not ready to apply? Try out our Free Cybersecurity Prep Work and test-run the material we teach in the course. Read more stories about successful career changes on the Flatiron School blog.

*The Cybersecurity Analytics program is no longer available. For prospective students interested in this course of study, visit the Cybersecurity course page to learn more.

How to Become a Cybersecurity Consultant in 2023

Posted on by Dr. Bret Fund

What Is a Cybersecurity Consultant? How Can I Become One?

Company cyber attacks happen, and cybercrime is growing at a rate of 15% year over year. That’s where a cybersecurity consultant comes to the rescue. Also known as security consultants, these experts identify security issues with company systems and implement safety measures to mitigate security concerns.

If you’re interested in what a career as a cybersecurity consultant entails, keep reading. We’ll cover what consultants do, the skills you need, salaries, and how to start a career as one.

What Does an IT Security Consultant Do?

A security consultant aims to protect their client’s networks through situational assessment and suggestions for new security measures. Specifically, consultants specialize in developing protocols, policies, and security plans to help clients protect their assets. 

Security consultants can work in-house (commonly as sales engineers) or within a consulting firm. One thing’s for sure: this role comes with many faces. Daily cybersecurity consulting services include:

  • services include:
  • Conducting security testing and performing necessary procedures
  • Performing threat analysis and system checks
  • Coordinating with the IT department on safety solutions
  • Performing research on cybersecurity measures
  • Distributing technical reports to company personnel

What Skills Do You Need to Be a Cybersecurity Consultant?

Technical Skills

Technical skills are the most essential skill set for becoming a security consultant. Because you’ll assess security measures and develop protections against data breaches, you’ll be expected to:

  • Understand hacking and coding.
  • Have a working knowledge of security threats, including phishing and network attacks.
  • Use programming languages like JavaScript and Python.
  • Have an in-depth understanding of operating systems and how to roll them out.
  • Understand how to encrypt sensitive company material.

Research and Comprehension

You’ll need the ability to research and understand cybersecurity. Your knowledge base will directly correlate with how well you can guide your clients and how well you can examine the security implications of your findings.

Communication

Another essential skill you’ll need as a consultant is communication. You must think critically, deconstruct your conclusions, and present them in a way company personnel will understand. 

When working for a consulting firm, you may work alongside a new security team or build one from the ground up. Working in-house, you’ll need to be able to explain complex cybersecurity product logistics to the sales team. 

Soft skills like communication will always be critical, regardless of the future of cybersecurity. Technical skills are more likely to change and evolve. Regardless of the level of expertise in the crowd, you must prepare to translate and share your findings.

Calm Demeanor

A third useful skill for security consultants is the ability to remain level-headed. A high degree of ambiguity is natural for this job. The answers to security problems aren’t always straightforward, and consultants must adapt to different situations to prevent a cyberattack.

Add the difficulties of explaining product logistics or security assessments to less cyber-savvy individuals, and you can find yourself in a challenging environment. An even-keeled demeanor goes a long way for security consultants.

As a consultant, you’ll be able to help many people through challenging security situations. You’ll also be coaching them through the sense of dread that comes from being hacked. If you like to help others, this role is an excellent fit for you.

Learn more about the soft skills you need with our blog.

What Is a Typical Cybersecurity Consultant Salary?

Because cybersecurity consultants are vital to a company’s success and security preservation, they often enjoy high-paying salaries. As of 2023, a security consultant can expect to earn approximately $122,451 annually

Ultimately, the amount you earn will depend on several factors, including:

  • Employer
  • Education
  • Location (salaries vary by state)
  • Years of experience

Experienced security consultants can find their salaries well into the six-figure range, so once you’ve finished your education, be sure to put the time in, and your efforts will be rewarded. Don’t get discouraged by starting on the lower end. Everyone must work their way up.

Security Consultant Roles

We mentioned earlier that security consultants typically work in-house or as part of a consulting firm. You may ask yourself: “What’s the difference between the two types of consultancies, and how do I know which type of work is for me?” Let’s explore the many sub-categories by taking a closer look.

In-House Work

A common in-house position is a sales engineer. These experts spend their time on one end of the sales spectrum building and working directly with the product (deep implementation), but they don’t interact with customers regularly.

On the opposite end, sales representatives directly communicate with customers, but they tend to have minimal technical knowledge of the product they’re selling. What happens if the customer has a technical question or concern that must be addressed? This situation requires a sales engineer.

1000x engineer

The sales engineer serves as the middle ground within product sales. Their technical knowledge lets them understand security risks better than regular sales employees. Their expertise enables them to offer the customer minor technical adjustments.

These types of consultants also tend to be more experienced in customer service than security engineers, so they communicate directly with customers or sales reps and answer complex questions. While it’s less common to see entry-level consultants working in-house than at a consultancy firm, it’s certainly possible. This consultancy is best for those who enjoy sales and have excellent customer service skills.

Consulting Firm

Consultancy firms help other companies strengthen their security measures by assisting them with setting up their security teams or filling in their gaps with outsourced employees. There’s no one-size-fits-all solution when filling in the gaps of a company’s Security Operation Center (SOC). One company may need a penetration tester, while another may call for two analysts and an engineer.

1000x types of consultants

A pen tester, security engineer, SOC analyst, and data scientist are all common cybersecurity titles with different roles, but they can all exist under the umbrella of “security consultant.” While they may have different skills and responsibilities, each position can solve a party’s cybersecurity problems. 

If you like working in a traditional SOC role but want to help others reach cybersecurity solutions, a consultancy firm role may be an ideal fit. If you want in-depth information on the types of cybersecurity consultant careers, check out this guide for more details.

How to Become a Cybersecurity Consultant

If you aim to become a cybersecurity consultant, your best bet would be to get a bachelor’s degree in computer science or IT. Although a degree isn’t required, approximately 65% of professionals hold a bachelor’s degree. Still, there are other ways to acquire the education you need as a consultant.

Certifications

Getting certified is a great way to gain the technical knowledge and skills you need to reassure an employer you’re qualified to get hired as a security consultant. Here are some certificates worth pursuing:

If you want to pursue a program without enrolling in a four-year college, you’ll need one with an in-depth learning curriculum. That’s what you get with our Cybersecurity Engineering program. Through our program, you’ll develop the technical skills suited for several careers, including:

  • Cyber Engineer
  • Security Analyst
  • Penetration Tester

Our programs balance classroom theory, hands-on security threat labs, and practice with security issues. We ensure our students graduate with the skills and confidence to leave our academy job-ready. 

The evolution from general IT to cybersecurity analyst can take three to seven years. Flatiron programs can get you there in just a few months. If you want to dabble in cybersecurity and see if it’s right for you, try our free Cybersecurity Prep.

Get Started With Flatiron School

If you have a passion for learning and a desire to help others, becoming a cybersecurity professional could be a great fit. Flatiron School can help turn your passion into a career.

Ready to get on the path toward a career in Cybersecurity? Apply today.

Curious about other cyber roles? Learn how to become a penetration tester, a compliance analyst, or a cyber threat analyst

AI and Cybersecurity

Posted on by Matthew Redabaugh

This piece on the future of AI and Cybersecurity was created by Matthew Redabaugh, Cybersecurity Instructor at Flatiron School.

There’s a fascinating conversation happening today about AI and the impact it may have as it gets adopted. There’s a wide variety of opinions on the 5 Ws.

  1. Who will be impacted? 
  2. Who might lose their job or have their jobs adapted? 
  3. Will particular industries need more personnel thus the impact of AI will create more jobs? 
  4. What will change in everyday life as the technologies we have been accustomed to change due to AI?
  5. Will that change be subtle or drastic?

These are the kinds of questions that people are asking, especially in the field of cybersecurity. The main question I want to answer today is, “What is the relationship between AI and cybersecurity and how might the industry change with AI advancements?”

In this blog post, we’ll delve into the intricate relationship between AI and cybersecurity, debunk common misconceptions, and explore how AI is reshaping the landscape of digital defense.

What is Artificial Intelligence?

Let’s begin by addressing some common misconceptions about what AI is. 

The primary goal of AI is to give computers the ability to work as a human brain does. While this definition isn’t particularly narrow, AI’s scope is also quite broad. For a computer to be considered AI, it must encompass the ability to reason, learn, perceive, and plan. This is often accomplished through the development and implementation of algorithms that rely on statistics and probability to achieve a desired outcome.

Applications for Artificial Intelligence

Some use cases for AI that are being actively worked with are speech recognition and understanding languages, as well as the AI that is being used for travel assistance (updating maps, using AI to scan roads and create efficient routes.) AI empowers cybersecurity professionals to enhance their security posture through automated responses to attacks, to identify phishing schemes, to detect anomalous activity on networks (previously done manually), by analyzing weak passwords and then requiring users to update them, and more.

Is AI Conscious?

A common misconception about AI is that it is currently conscious or will become so in the near future.

One of the most interesting use cases for AI is Sophia, a humanoid robot introduced in 2016. It is the first robot to have been granted personhood and citizenship status in Saudi Arabia. Sophia can hold simple conversations and express facial expressions. Her code is 70% open source and critics who have reviewed her code have said that she is essentially a chatbot with a face because her conversation is primarily pre-written responses to prompted questions. Her existence has sparked an interesting debate over the possibility of having AGI (artificial general intelligence) in the future.

While Sophia’s sophistication in robotics is undeniable, the notion of her “consciousness” remains contested.

AI vs. ML vs. DL

There are two other terms that are often misconstrued or used interchangeably with AI. These are Machine Learning (ML) and Deep Learning (DL). It depends on use context and who may be using these terms as to what their more specific definition is. I consider them as subsets. ML is a subset of AI and DL is a subset of ML.

What is Machine Learning?

Machine Learning is set apart by its ability to learn and respond differently and uniquely by ingesting large amounts of data using human-built algorithms. This is done through either supervised learning, where the computer is given specific parameters by the developer to compare data inputs. Or unsupervised learning, where the computer is fed data and the algorithms allow for the computer to find relationships on its own. 

Applications for Machine Learning

In our daily lives, Machine Learning shapes experiences on music platforms like Spotify and Soundcloud. These platforms use algorithms to predict the best song choice for a user based on their preferences. Youtube employs a similar video-generating algorithm to select a video after one is finished.

Machine Learning in Cybersecurity

Machine Learning is used a lot in the cybersecurity world. Its tools may be used to ingest large amounts of data from networks and highlight security risks based on that data, like malicious access to sensitive information from hackers. This makes threat hunters’ jobs much more manageable. Instead of having to set security alerts and then respond to those alerts, we can use machine learning tools to monitor our environment. Based on prior attacks and knowledge of an organization’s systems and networks we better understand that an attack might be taking place in real time. As you can imagine, these tools are far from perfect, but they’re definitely a step in the right direction. 

What Is Deep Learning?

Deep learning is again an even more precise subset of Machine Learning. It functions in nearly the same way as ML but is able to self-adjust whereas ML requires human intervention to make adjustments.

Applications For Deep Learning

Some examples that are being used today are computers that can do image and pattern recognition. We’ve also seen this done with computers being able to ingest hours and hours of sound from an individual and then mimic their speech patterns. Self-driving cars would also fall into this category as they actively ingest data about the conditions of the road and other cars and road hazards to correct the car’s driving.

The common large language models like ChatGPT and Google’s Bard are considered deep learning as well.

Deep Learning In Cybersecurity

The ability for DL tools to mimic speech poses a genuine concern for cybersecurity professionals as it will allow for attackers to perform spear phishing attacks that are much more convincing.

Using AI For Good In Cybersecurity

Elevating Cybersecurity Blue Teams

One of the most important tools in the field of cybersecurity is something we call a SIEM. This stands for Security Information and Event Management. Traditionally a SIEM tool would be used by security operations center analysts to give us a clear picture of what is happening on an organization’s computer networks and applications, detect any malicious activity and provide alerts to the analysts so that they can respond accordingly. 

With Machine Learning, these tools have been upgraded so that if a security event occurs, the response is automated instead of the security team having to do this manually. 

These new tools we call SOARs: Security Orchestration, Automation, and Response. To give you an example, if a user in your organization was hacked and their account was being used by someone else, with a SIEM, if it’s working as intended, it may alert the security team that an account is being used maliciously. The analyst would inform the necessary parties and take that account offline or take the network down where that compromised account is being used. 

With a SOAR, whatever response that would be taken by the security analyst to remediate the issue, is now automated. SOARs use the concept known as playbooks, prebuilt and automated remediation steps that initiate when certain conditions are met. This transition not only expedites incident response but also minimizes potential human errors, significantly enhancing an organization’s cybersecurity posture. This still requires human intervention because this technology is still far from perfect.

Combat Phishing Attacks & Spam

AI is being used in the cybersecurity field to help our security personnel identify and classify phishing attacks and spam. It’s also being used to help with malware analysis where we can run the code of a discovered exploit through an AI tool and it may tell us what the outcome of that malware would have on our environment.

Expedite Incident Response

We can use AI to help us with Incident Response, as I mentioned earlier, with the automated remediation efforts that can happen with SOAR tools. AI can also be used to gather data to predict fraudulent activity on our networks which can help the security team address a potential liability before data is stolen or malware is installed on a system.

Prevent Zero-Day Attacks

With Machine Learning, cybersecurity professionals have a much better chance of protecting themselves against zero-day attacks. This is when a system or application vulnerability was previously unknown to the application’s developer. With Machine Learning, that vulnerability could be identified before an exploit occurs. In addition, machine learning could identify an intrusion before data is stolen or an exploit is carried out.

AI Uses for Bad Actors

Even with all the positive possibilities of AI and Cybersecurity, there is a dangerous side. The same technologies being used to protect our networks can and are being used to make hacking easier. 

Trick Network Security

If machine learning tools are implemented on a network, proficient hackers may be able to identify this. They can then act accordingly to deceive the machine learning tool into thinking that the hacker is a regular user.

Elaborate Phishing Campaigns

A very scary use case for AI being used by hackers is to create far more convincing phishing campaigns. The major cause of breaches is still mainly a human element. And, phishing is still one of the most common ways that hackers cause data breaches.

At the moment, phishing attacks are generally pretty easy to identify. International hackers may use bad grammar or send from an obviously fake email. They may try to hide links to websites that can easily be determined to be falsified. But with the introduction of AI, all of these mistakes can be fixed. 

ChatGPT can easily pass as a human. It can converse seamlessly with users without spelling, grammatical, and verb tense mistakes. That’s precisely what makes it an excellent tool for phishing scams.

Convincing Impersonations Of Public Figures

Another thing cybersecurity professionals are worried about is AI being used to mimic speech patterns, which would make spear phishing campaigns much more difficult to detect. I can easily imagine a world in which Twitter employees are being bombarded with fake emails from Elon Musk, or fake phone calls because his voice would be so easily recreated by AI. And this could happen with just about any CEO or any personnel from any organization.

The Road Ahead

AI is going to make us more efficient and more productive, as almost all technologies have done throughout history. But, as we navigate the evolving landscape of AI in cybersecurity, it is paramount to remain vigilant against its misuse.

I’ll leave you with this quote from Sal Khan, the CEO and founder of Khan Academy:

“If we act with fear, and say, ‘hey we just need to stop doing this stuff’ what’s really going to happen is the rule followers might pause, might slow down, but the rule breakers, the totalitarian governments, the criminal organizations, they’re only going to accelerate. And that leads to what I am pretty convinced is THE dystopian state, which is the good actors have worse AIs than the bad actors. We must fight for the positive use cases. Perhaps the most powerful use case, and perhaps the most poetic use case, is if AI (artificial intelligence) can be used to enhance HI (human intelligence), human potential, and human purpose.”

Usman Sikander: Mechanical Engineer to Cybersecurity Analyst

Posted on by Anna Johnson

Usman Sikander, a May 2021 Cybersecurity Analytics* graduate from Flatiron School, began his career in mechanical engineering. Eventually, an interest in the digital world of cybersecurity led him to tech. 

He shares his journey from Mechanical Engineer to Cybersecurity Analyst below.

Background

Usman Sikander began his career with a mechanical engineering degree and spent 7 years in the field. He cites an interest in mechanics and the field’s many applications as his reasons for initially selecting the career path. 

“[I was] drawn to mechanical engineering due to a passion for understanding how things work, problem-solving, and a desire to contribute to technological advancements,” he said. “Mechanical engineers have the opportunity to design, analyze, and improve mechanical systems and processes across various industries, ranging from automotive and aerospace to energy and manufacturing.”

But, despite the many reasons he cited for pursuing mechanical engineering, Usman felt pulled to the technology industry and cybersecurity.

“I was drawn to the field […] due to its dynamic nature and the ever-growing importance of securing digital assets in our increasingly connected world,” he explained. “The constant evolution of technology presents both opportunities and challenges. I was captivated by the idea of playing a crucial role in safeguarding sensitive information and defending against cyber threats.” 

His Bootcamp Experience

Having set his eyes on a career in cybersecurity, Usman enrolled in Flatiron School’s full-time Cybersecurity Analytics program. An intensive course, it is designed to equip students with the foundational skills needed to break into the Cybersecurity industry. 

“[I was] drawn to Flatiron School’s reputation for providing comprehensive and practical training in the field of cybersecurity. [My goal was] to gain expertise in areas such as threat detection, vulnerability assessment, incident response, and security operations […] and leverage the program to launch a successful career in cybersecurity and contribute to protecting organizations from cyber threats.”

Initially, Usman found the transition to learning in an accelerated bootcamp format challenging.

“The program’s rigorous curriculum demanded a high level of analytical thinking, problem-solving, and attention to detail, which [was a challenge],” he said. “However, these difficulties ultimately contributed to my growth and development as a cybersecurity professional, equipping me with the necessary skills to navigate and address the dynamic landscape of cybersecurity effectively.”

As he progressed through the program, however, Usman found what he liked most about the experience – the students he learned alongside. 

“One of the most enjoyable aspects of the program was the opportunity to engage with fellow students hailing from diverse geographical backgrounds.” 

Usman also recalls appreciating the interactive nature of the program’s instruction – helping him develop real-world, applicable skills quickly. 

“The program’s exceptional instructors assigned hands-on projects that effectively translated theoretical concepts into practical applications, mirroring real-life scenarios encountered in professional work environments,” he said. “These experiences fostered a deeper understanding of the problems at hand and enhanced the learning process significantly.”

Job Search

Usman graduated from Flatiron School in May 2021. To land an opportunity in the “vast and rapidly evolving” field of Cybersecurity, he worked closely with his Flatiron School Career Coach to implement a “strategic” approach to the job search. 

“We developed a targeted job search strategy tailored to the cybersecurity field. They provided valuable insights, guidance, and resources to enhance my resume, refine my interview skills, and build a professional network,” he explained. “Their expertise in the industry helped me navigate the job market, identify suitable opportunities, and effectively showcase my skills and qualifications.”

Thanks to this intentional approach, Usman landed his first role just weeks after graduation. 

“With [my coach’s] support, I was able to secure my first tech job in the cybersecurity field, allowing me to kick-start my career and fulfill my passion for protecting digital assets and combating cyber threats.”

Working In The Field

When we spoke with Usman in June 2023, he’d been working as a Cybersecurity Analyst and White Hat Hacker at Warehouse Services, Inc. for just under 2 years. He has only good things to say about his new career.

“Working in cybersecurity has been a fulfilling and exciting experience. The opportunity to protect organizations and individuals from cyber threats, analyze vulnerabilities, and develop robust security strategies is deeply satisfying. The reality of the field certainly lives up to the initial allure and expectations.”

But, the reality of working in the field, he added, means that his cybersecurity education will never truly be completed. 

“[Cybersecurity] requires continuous learning and adaptation due to the rapidly evolving nature of cyber threats. It offers a dynamic and ever-evolving landscape that constantly challenges me to stay updated with the latest threats and security measures,” he explained. “Overall, working in cybersecurity is an intellectually stimulating and impactful career path that allows me to make a meaningful contribution in the digital realm.”

Reflecting On His Journey

Looking back on where he began, Usman is proud of the changes he’s made through hard work and dedication. 

“I am most proud of the growth and progress I have achieved in the field of cybersecurity. From acquiring the necessary technical skills to successfully transitioning into a professional role, each milestone has been a testament to my dedication and passion for the field.”

As for his advice to other cybersecurity students, he recommends leaning into the process and seeking out opportunities to learn.

“Fully immerse yourself in the learning experience. Take advantage of all the resources and support available. Engage in networking opportunities, and actively participate in group projects and discussions. Seek out internships or real-world experiences [and embrace a growth mindset. Be resilient in the face of challenges, and never stop exploring and expanding your knowledge and skill set.”

Ready For A Change, Just Like Usman Sikander?

Apply Now to join other career changers like Usman Sikander in a program that’ll give you the tech skills you need to land your first job in tech.

Not ready to apply? Try out our Free Cybersecurity Prep Work and test-run the material we teach in the course. Read more stories about successful career changes on the Flatiron School blog.

*Cybersecurity Analytics program is no longer available. For prospective students interested in this course of study, visit the Cybersecurity course page to learn more.

Travon Bryant: Amazon Career Choice 2022

Posted on by Anna Johnson

Travon Bryant, an October 2022 graduate of the Amazon Career Choice Cybersecurity Engineering program, chose to change careers to improve his financial prospects. 

He shares his student journey from Pharmacy Tech to Cybersecurity professional below.

Pharmaceutical Background

Travon began his career by earning an Associate of Science degree and spent the next 11 years as a pharmacy technician. But, a decade in, Travon’s priorities had changed, and he decided it was time to pivot. 

“I chose to make the switch because the pharmacy wasn’t paying the bills,” he explained. “I wanted to get a good-paying job to be able to take care of my family.” 

It was while working for Pillpack – a pharmaceutical management service acquired by Amazon in 2018 – that Travon learned about the Amazon Career Choice program. The program allows Amazon employees to receive technical training from partner institutions to pursue higher-paying career paths. While exploring the program, Travon settled on applying for the Amazon Career Choice Cybersecurity Bootcamp taught by Flatiron School. 

“I was always interested in securing networks and the tools that were involved,” he said.  “I needed a change, so when presented with the opportunity [to change careers], I took it.” 

Bootcamp Experience

Travon was accepted into the Amazon Career Choice Cybersecurity program and enrolled with a cohort of fellow students from Amazon. The program ran for 32 weeks from February through October with the curriculum delivered online via live lectures. Students completed about 15 hours a week of classwork while continuing to work full-time, a logistical challenge for any new student. Despite the heavy workload, Travon found his coursework engaging. 

“My favorite part [of the program] was the SIEM part,” he recalled. “It amazed me how the information could give us so much insight, which came in handy, as my current role utilizes Splunk for every case.”

Working In Cybersecurity

Upon graduating in October 2022 with a brand new Cybersecurity skillset, Travon quickly secured his first opportunity. 

“My job search was brief. I had 3 interviews before getting a job at a bank in a rotational program where I rotate every 8 months to a new cybersecurity team.”

When we spoke with him in June 2023, he had only good things to say about working in his industry. 

“I love my new field, it definitely lives up to my dream. I’m proud I’m in the field at a good company.”

As for his advice for other students, Travon recommends holding onto everything you learn while in class. 

“Take lots of notes, you never know what you’ll learn in this bootcamp that your future cybersecurity job will utilize.”

Flatiron School Retraining Programs

Amazon’s Career Choice offers eligible Amazon employees like Travon Bryant the opportunity to pivot careers into higher-paying jobs through retraining. The program was created as a way to attract top talent as well as improve employee engagement and retention. 

Following the initial cohort’s success, Amazon again selected Flatiron School to deliver Career Choice programs in 2023

Contact us to learn how a Flatiron School retraining program can attract and retain top talent at your organization.

Maxwell Wolfe: DJ to Cybersecurity

Posted on by Anna Johnson

Maxwell Wolfe, a May 2021 Cybersecurity graduate, says that he could easily fill the pages of a book to explain the winding career path he’s taken to get where he is today. 

He shares his journey to becoming a Cybersecurity business owner below, and all of the winding turns along the way.

Blue-Collar Background

Maxwell describes his background as “diverse.” A college dropout, he remembers having difficulty in the traditional education system. 

“My best learning occurs through doing and tinkering; I’ve never been one for memorization or traditional testing,” he said. “Grasping complex information requires a hands-on approach for me. In summary, I’m a kinesthetic learner.” 

This educational tendency led him to hold a string of unrelated jobs that all had one thing in common – he was able to work with his hands. 

“My career trajectory has been anything but conventional. I’ve worked in kitchens, bars, construction, and even nightclubs as a DJ and tech support.” 

In early 2020, Maxwell was working in nightclubs in the DC area as tech support and an opening DJ for headliners. But, due to his eclectic collection of hands-on job experiences, the declaration of the pandemic struck a death blow to his occupation. 

“When COVID-19 arrived, social life came to a standstill, and work dried up. I lost everything and was forced to start anew,” he explained. “It was then that I decided to pivot towards something sustainable, never wanting to find myself in such a precarious situation again.”

Pivoting Into Tech

In his search for a new career, Maxwell didn’t have to go far. He went back to his early curiosity in “gadgets,” renewing his interest in a tech career he’d long ago discounted as unrealistic. 

“Tech and video games always intrigued me,” he recalled. “But I never thought I was cut out for a career in tech until I stumbled upon some free online resources.” 

His decision to pursue Cybersecurity specifically, however, was driven by a more recent experience.  

“The TV show Mr. Robot was a significant catalyst, inspiring me to dive into tech and, more specifically, ethical hacking. The idea of protecting individuals or non-profit organizations sparked my desire to contribute positively to society and prompted me to embark on this new career path.”

His Bootcamp Experience

Having settled on a career in Cybersecurity, Maxwell cast about looking for ways to acquire the necessary skills to enter the field – a search that eventually led him to apply to Flatiron School. 

“My decision to join Flatiron School was primarily based on the school’s reputation,” he recalled. “And the fact that its instructors have real-world industry experience.”

Maxwell enrolled in Flatiron School’s full-time Cybersecurity program, an intensive, accelerated course designed to equip students with the foundational skills needed to break into the Cybersecurity industry in just 15 weeks. He began his learning on a rigorous schedule – 8 hours a day, Monday through Friday – a time-commitment that he said took time to adjust to.

“Balancing this program with three other jobs was undoubtedly challenging. However, the toughest part was realizing that in tech, you’re often your own support system. The transition from an outsider to the go-to tech person can be overwhelming at first.”

Despite the oftentimes grueling task of balancing education and work, Maxwell thrived in the communal environment fostered by the course. 

“I appreciated the collaborative environment of the program, where we were encouraged to work in teams, brainstorm, and devise solutions for our projects.”

As for what brought him the most pride from his time at Flatiron School, Maxwell told us about how he used his new skills to help a friend.

“I managed to track down a cyberstalker for one of my friends. This experience was incredibly fulfilling and demonstrated the real-world impact of my new skills.”

Working In The Field

Maxwell Wolfe graduated from Flatiron School in May 2021. Coming from a career of hands-on roles where a handshake landed a position, executing a purely-online search for a white-collar job (while the pandemic slowly petered out) presented some initial difficulties. 

“The job search was challenging, but my coach was instrumental in keeping me motivated,” Maxwell recalled. “She guided me in finding job platforms, writing blogs, and understanding LinkedIn. Even now, she remains a strong pillar of support, cheering me on whenever possible. Thanks, Sarah 🙂.”

Ultimately, his efforts paid off, and he worked as a SOC Analyst at a technology company for over a year. When we spoke with him in July 2023, he’d taken time between contracts to earn additional certifications, enhance his skills, open his own company, and – most importantly of all – recuperate from burnout. 

“The transition [to tech] in less than six months was undoubtedly tough. The initial stages were overwhelming, and I won’t deny that I experienced burnout,” he said. “But things are much better now, and I’ve even launched my own freelance work and registered an LLC. I also joined the HackerOne platform as an ethical hacker, hunting for bug bounties to build my experience across various legal hacker platforms.”

Maxwell opened Wolfhart IT, an IT service provider and consulting firm, in mid-2023. In early July he shared on LinkedIn that his company had signed its first contract.

Reflecting On His Journey

Looking back on the long road he took to Cybersecurity and his time at Flatiron School, Maxwell’s main takeaway is the necessity of adopting a learner’s growth mindset – especially in a rapidly evolving field like tech.

“Learning never ends in the tech industry. To stay relevant, one must commit to being a lifelong learner in this ever-evolving field.”

His advice for current students follows the same vein – encouraging learning while maintaining healthy habits and realistic expectations of exactly how much you can take on. 

“Before committing to a bootcamp, do extensive research. Ensure you balance your work with relaxation to avoid burnout. Don’t try to cram all the information at once.”

Post-Flatiron School, he has some practical career advice as well – keep learning and attaining qualifications!

“Consider following the CompTIA career path, and don’t limit yourself to just the Security+ certification. The A+ and Network+ certifications are also beneficial. Additionally, consider Google’s Security and Support Specialist programs for their certifications.”

Ready For A Change, Just Like Maxwell Wolfe?

Apply Now to join other career changers like Maxwell Wolfe in a program that’ll give you the tech skills you need to land your first job in tech.

Not ready to apply? Try out our Free Cybersecurity Prep Work and test-run the material we teach in the course. Read more stories about successful career changes on the Flatiron School blog.