John Steinbeck, “The Grapes of Wrath”
I am one of the lucky ones. After a few twists and turns along the way, I landed a great job in my chosen discipline (cybersecurity)—the field I spent four years of my life studying. Like many recent college graduates, however, I entered the workforce unwittingly unprepared. What I did not realize then is that a college degree was the barest minimum requirement—it was only a ticket to get me inside a hiring manager’s office. When I graduated Stevenson University with my Bachelor of Science degree in Computer Information Systems, I lacked something that cybersecurity mangers place a great deal of emphasis upon: a certification.
Today’s college students are inundated with articles that promise lucrative careers in IT, cybersecurity, and the tech sector. The seemingly wide-open job market, combined with our generation’s affinity for computers and the Internet, makes a computer science degree seem like a logical choice. Many students however, forget to read the fine print . Like Steinbeck’s Dust Bowl tenant farmers, who arrived in California’s Promised Land only to discover a near-hopeless situation, today’s entry-level graduates are smacked with the reality that most tech jobs require several years of experience and certifications.
For some, the best way to earn valuable experience is through a paid (or unpaid) internship at a tech company. It is true that stellar performance at an internship could ultimately lead to a full-time, salaried position. There is another way, however, for savvy job-seeking professionals to overcome some of their relative inexperience; they can earn certifications in their specialized field. Unlike the knowledge gained via college degree, which atrophies over time, cybersecurity certifications show potential employers that a candidate’s skills are current and, most importantly, relevant to the advertised job position.
Most of today’s cybersecurity certifications are designed to reflect current operational realities in the tech world. In particular, ISACA’s recently released CSX Practitioner certification requires candidates to demonstrate more than mere knowledge of advanced cybersecurity concepts; this new certification tests how candidates apply their knowledge and skills against an actual network. This means that a college graduate—who earns the CSX Practitioner certification—can level the playing field by demonstrating the same level of cybersecurity and network proficiency as a more experienced professional.
At first glance, my advice to entry-level graduates might seem unreasonable. Many graduates are already struggling with record levels of student loan debt; for them, the cost of cybersecurity certifications can be overwhelming. However, some federal and state-level programs in the US and similar programs around the world offer grants that cover the cost of cybersecurity certification trainingand testing. Joining an organization such as ISACA can provide reduced fees for cybersecurity certification and training. An added benefit to joining certification organizations is for young job seekers to network more effectively and to become a part of the cybersecurity discussion. ISACA’s local chapters frequently offer announcements for job openings on their respective websites.
Every day, I watch my company’s tech recruiters send out email after email looking for qualified candidates to place in cybersecurity job openings. The job descriptions all have one thing in common: they require some form of cyber certification and/or experience. For recent college grads, the path to cyber employment is not printed on a handbill, and, it does not necessarily lead to Silicon Valley. Nevertheless, earning a cybersecurity certification could make the road to a rewarding career far shorter and straighter.
Digital Forensics Instructor at TeleCommunication Systems, Inc.
[ISACA Now Blog]