How to Start a Career in Cybersecurity: Real-World Advice from an Early-Career Consultant

Starting a career in cybersecurity requires strategic skill selection, disciplined preparation, and a commitment to continuous learning. Early career professionals should focus on in-demand technical skills, prepare rigorously for interviews, pursue certifications aligned with market demand, and consistently close knowledge gaps on the job.  

Key Takeaways for Aspiring Cybersecurity Professionals 

• Be intentional about the skills you pursue by researching what is highly valued and underserved in your field.
• Choose certifications and internships based on long-term skill development and marketability, not just short-term comfort or pay.
• Treat interviews like exams by preparing thoroughly, researching the company, and understanding the role.
• Take ownership of your learning once you’re hired by identifying and closing knowledge gaps.
• Track your accomplishments and continue investing in certifications as your career progresses.
• Consistency and discipline matter more than motivation, especially early in your career. 

Our consultant, Lindsay Grossman, joined Echelon straight out of college from Rutgers University in 2024, where she majored in Information Technology and Informatics. Like many early-career professionals, she entered the cybersecurity industry with curiosity, drive, and plenty of unknowns. From navigating her first internship to earning advanced certifications early in her career, Lindsay’s journey is a reminder that you don’t need to have everything figured out to move forward. From one young professional to another - here’s her story. 

Apply for Roles Even If You Don’t Meet Every Requirement

The year is 2023, and I am a junior in college searching for a summer internship. I work at the Rutgers Office of IT as a Computer Lab Consultant; my responsibilities consist of helping students and faculty with troubleshoot issues with their laptops and the on-site printers. I recently completed a Linux Administration certification after learning about the CLI in my Computer Concepts class. 

I begin applying for internships, and I find a DevSecOps position at a remote technology company. The position involved CLI administration and managing a Kubernetes environment. I knew very little about container orchestration, but I applied anyway. 

It came as a shock to me when I got an email to set up an interview. I knew I was lacking expertise, but I didn’t let that discourage me.

Instead, I created a study guide. It consisted of Linux CLI material, along with any culture-fit questions they could ask me. I came up with scenarios and answers that could fit a range of questions, and I studied them. 

One piece of advice I would give is to always prepare as much as possible for job interviews. An interview can be more important than any exam you’ve ever taken – it’s where all of your hard work and preparation come together, and the more prepared you are, the more confident and effective you’ll be. 

The interview went very well. I felt confident, relaxed, and engaged with my interviewer. This confidence did not come from delusion. I still knew the job might be a reach, but I gave myself the best chance I could to land the position. 

The following morning, I received the offer.  

Take Ownership of Your Technical Skill Development

The internship itself was challenging. The learning curve was incredibly steep. Instead of giving up, though, I took detailed notes in my meetings. Every day after work, I sat at my desk and researched everything until I understood the concepts. 

Early in your career, no one expects you to know everything. But they do expect you to take ownership of your learning. Even now, after more than a year at Echelon, I still do this consistently to make sure I’m always improving. 

By the end of my internship, I would not have called myself an expert in container orchestration, but I had gained a strong technical foundation. More importantly, I learned how to teach myself unfamiliar technologies – one of the most valuable skills in cybersecurity.  

Transitioning into a Full-Time Role  

In the spring of 2024, I graduated from Rutgers and joined Echelon as an Associate Consultant on the Risk Advisory team. 

As a risk advisory consultant at Echelon, I have had the opportunity to lead client calls, expand my understanding of cybersecurity concepts, and adjust to a professional role. While it was intimidating at first, Echelon cultivates a welcoming culture with an emphasis on learning, growing, and always achieving more. It was this culture that inspired me to receive another certification: AWS Certified Cloud Practitioner. 

You should always research in-demand and valuable skills in your industry. I chose AWS because it is one of the largest cloud providers, and experience in cloud technologies is highly sought after. 

Build Discipline Early in Your Cybersecurity Career

This past October, I learned that Echelon had an increasing need for CrowdStrike Falcon expertise. I agreed to pursue the CrowdStrike Certified Falcon Administrator (CCFA) certification, despite having no prior exposure to the Falcon console. 

When researching the exam, I found forums in which experienced Falcon professionals discussed how they failed the exam. The official study guide also recommended six months of console experience. Instead of feeling discouraged, I created a structured plan and dedicated my time to studying. 

During those two months, I often studied late after work and during the weekends. Some days I felt motivated, interested, and excited; other days I was tired and stressed and just wanted to log off. It is important that you make yourself do the work even on days you don’t want to. You can only achieve your goals through consistency. 

I ended up passing the exam two months later. I was so grateful for all the days that I kept on working on it, even when I didn’t want to. 

After completing the CCFA, I decided to study for the CrowdStrike Certified Cloud Specialist (CCCS) exam. My AWS, Kubernetes, and Falcon exposure has supported my studying, lessening the learning curve.  

Looking back, none of these opportunities would have been possible if I hadn’t taken initiative early and consistently invested in my growth.  

The biggest lesson I’ve learned is simple: never deny yourself an opportunity just because you don’t feel ready yet. 

FAQ About Starting a Career in Cybersecurity 
 

• Do I need to know everything before applying for cybersecurity jobs? 

  No. Employers expect early-career professionals to learn quickly, not to be experts.   

• Which certifications are best for beginners? 

  Entry-level professionals often pursue certifications aligned with in-demand technologies such as AWS, CrowdStrike, or foundational security certifications. 

• How important is self-study in cybersecurity? 

  Critical. Cybersecurity evolves rapidly, and professionals must continuously close knowledge gaps.