How to build a cyber security contracting career in 2024
Building a successful cybersecurity contracting career will require a blend of the right education, hands-on experience, hard skills, and staying abreast of emerging trends. You’ll also need a growth mindset. And, as you progress, specialisation and ‘soft skills’ will become important too, writes Adrian Smith, a senior director of operations at Randstad Digital.
How to get into cyber security
Ideally, you will start with a background in computer science, IT, or a related field to establish a solid foundation to your career.
Typically, you’ll have been working in the tech sector for a while before you look to specialise in cyber.
There are other options. By way of example, our staffing business is launching a digital apprenticeship programme for employers which aims to address the tech skills gap. It’s an 18-month course and can be funded via the UK Apprenticeship Levy.
Even if our course isn’t for you, be aware -- the learning doesn’t ever really stop if you want to build a successful cybersecurity contracting career.
Why a growth mindset is a must as a contractor
You’ll need to keep up-to-date with the trends, threats, developing technologies and compliance standards. As such, you’ll do well to cultivate a growth mindset.
As a cybersecurity contractor, you are unlikely to be part of an annual appraisal system (as this tends to be reserved for employees).
While that may sound freeing, it means you will have to seek feedback from clients and colleagues proactively, to identify areas for your own improvement, so you can ensure continuous refinement of your cybersecurity skills.
In addition, it’s difficult to overstate the importance of gaining practical experience. At the start of your cybersecurity career this will likely take the shape of internships, volunteer work/work experience, even personal ‘hobby’ projects.
A good cyber security CV looks like this…
With those early hands-on experiences complete, and even actual engagements and assignments under your belt, your focus should then switch to ensuring you are regularly building and updating a portfolio of skills and experience to complement a compelling CV.
A well-rounded CV as a cybersecurity contractor is likely to feature stints you had using freelance-work platforms, at least in the early-to-mid part of your career, to find short-term cybersecurity projects that align with your expertise.
You can then ‘cherry-pick’ these later on when it comes to your CV or future applications, to ensure you are prioritising on your CV and portfolio those past assignments which fit best with the opportunity you’re targeting in the present.
Diversity matters (most to cybersecurity clients right now)
Ultimately though, A-list freelancers in the cybersecurity space will look to work with serious talent firms -- agencies and staffing consultancies like us, particularly those which have dedicated cybersecurity divisions.
The aim is to use your agency to ensure the key boxes are ticked off on your cybersecurity CV. And just a heads-up for 2024 -- clients are right now leaning towards those cybersecurity officers who have gained exposure to diverse projects and various industries. You might also consider exploring opportunities in government contracts.
All of the above won’t work out, though, if you haven’t got the ‘hard’ cyber security skills.
Top cyber contractor security skills for 2024 include…
On the network side of things, you’ll require expertise and understanding of:
· system/network configuration;
routing and switching;
network protocols and packet analysis tools;
firewall and intrusion detection/prevention protocols;
Packet Shaper, Load Balancer and Proxy Server knowledge; and;
Coding experience is useful but not essential.
Coding is not, generally, a requirement for an entry into the tech security field. Where coding becomes important is if you want to branch off into certain areas -- such as code security, malware analysis, offensive security and pen testing.
The key to unlocking pay premiums? It’s a niche
And do indeed keep developing your own niche if money matters. In fact, our recommendation to really succeed in the cyber security space as a freelancer is that you will want to specialise; essentially identifying your own specialism within cybersecurity.
Before you carve out your niche though, you need to stand back from the nitty-gritty and decide where you want your computer security career to lead you in the next five or ten years. So, are you going to delve into email security, network security, security administration, web security, security software development, to name just a few key areas?
What soft skills do cyber security contractors need?
Now you’ve got the ‘hard’ skills sorted, be aware that ‘soft skills’ become more important as you become more senior.
So, develop strong communication; critical-thinking, teamwork, and problem-solving skills. Of that list right now, I’d say communication is probably the most important to organisations requiring independent cybersecurity consultants.
This is because to succeed at cyber security, you’ll need to convey complex cybersecurity concepts to non-technical stakeholders. You’ll also need to hone your relationship management skills to communicate with clients effectively, understand their needs, manage their expectations, and deliver tailored solutions.
Don’t expect LinkedIn to do the heavy lifting for you
Not explicitly mentioned, but related to the above list of ‘soft skills’ you’ll need as a cybersecurity contractor is networking.
In fact, an enviable career in cybersecurity, like any other, will demand a certain amount of networking. It can’t all be done via LinkedIn and online forums. That said, you should develop a strong online presence to showcase your skills, experience, and achievements.
Perhaps to an extent, the potentially itinerant life of a contractor will build a network for you -- but you’ll need to construct your professional network proactively, too -- by attending conferences, and participating in industry events; face-to-face.
When you’re at these events (and even when you’re not), seek mentorship and advice on career progression too. And as touched upon, find yourself a good cyber security recruiter who you trust to look out for your career -- not just use you to fill their next vacancy or contract.
Get your business brain wired up, too
While there’s no question that your digital skills will be in demand, the more senior you become in IT security, the more likely you are to need to demonstrate some business acumen.
Aim to cultivate an understanding of business operations to align cybersecurity solutions with organisational goals and priorities. It’s no accident that Poppy Gustafsson, the chief executive of cyber security group Darktrace, started her career at Deloitte.
Building a thriving cybersecurity career as a contractor demands a combination of education, practical experience, and commitment to staying ahead in an ever-evolving field, and both hard and soft skills.
But it’s worth it. A 2022 report by ISC2, a cyber security organisation, indicates there are 4.7 million cyber security experts in the world but another 3.4million are needed. This is not an area companies can afford to ignore -- and if you’re good, outstanding or even ‘one of a kind’ because you’re uniquely skilled, your day rate will reflect that.
Senior Director of Operations at Randstad Digital
Adrian Smith has worked for Randstad since 2002 when he joined as a consultant. His role lead teams that help shape the technologies talent acquisition and human capital management strategies for some of the world's largest and most successful companies.