A friend once gave me some advice regarding career changing. He advised, “It’s hard to change industries. It’s hard to change roles. And it’s very hard to do both at the same time.” I’ve seen that largely hold as true. Plenty of people successfully move into a cybersecurity role, while also changing industries, but few would consider the transition an easy one.
Part of the reason is that recruiters are usually pattern matching, when they review candidate resumes. Your attempt to change industries and roles simultaneously doesn’t match successful patterns they’ve seen in the past. Recruiters are therefore less likely to give you a chance.
Change Roles First
A straightforward way around the conundrum is to make the transitions separately. If you stay in the same industry and change to a cybersecurity role, you offer the value proposition of understanding the industry. For example, if you’re currently a marketing professional at an advertising firm, the path of least resistance would be to pursue cybersecurity opportunities at advertising firms.
In fact, if you network internally you could potentially transition to a cybersecurity role at your current employer. Most every company finds it challenging to recruit cybersecurity professionals. Therefore there’s a value proposition in joining your current employer’s cybersecurity team. You already understand the business, have a bunch of institutional knowledge, and have existing internal relationships.
Of course, you’re responsible for educating and credentializing yourself in order for the value proposition to make sense. Many organizations will be motivated to leverage existing talent to build out their cybersecurity teams.
Change Industries Later
Does this mean you’ll be forever tied to your current industry? Not at all. Once you get a year or two of solid cybersecurity experience—at your current employer or elsewhere in your industry—you’ll be solidly minted as a cybersecurity professional. At that point you can much more easily move between industries to other cybersecurity roles. It may still involve some work. For example, cybersecurity at an advertising firm is a bit different from cybersecurity at an electric automobile manufacturer. But the core principles will be the same.
Once you get a year or two of solid cybersecurity experience—at your current employer or elsewhere in your industry—you’ll be solidly minted as a cybersecurity professional.
As a cybersecurity professional, you are free to move between industries. There is however a benefit to developing industry-specific cybersecurity knowledge, so you likely don’t want to hop around too much.
The one constant is change. But if you’re not able to make all the changes you would like in your career at once, consider piecemeal changes that allow you to leverage your current experience and knowledge. After you land your first cybersecurity role, you’ll see a wealth of opportunities open to you in a number of industries.