How to Start a Successful Career in Cybersecurity

October 26, 2017

The Department of Homeland Security (DHS) recognizes October as National Cybersecurity Awareness Month (NCSAM). Now in its 14th year, this month is designed to engage and educate businesses and consumers through events and initiatives to raise awareness about the importance of cybersecurity, provide them with tools and resources needed to stay safe online, and increase everyone’s cyber resilience. Herjavec Group is proud to be a NCSAM Champion!

In The Cybersecurity Jobs Report: 2017 Edition, Herjavec Group Founder & CEO, Robert Herjavec claims, “There is a zero-percent unemployment rate in cybersecurity.” Though this may be a bold claim, it is true as a result of the rising cybercrime rate. In fact, it is predicted that the global expenditure for cybercrime will rise to $6 trillion annually by 2021. As a result, the global cybersecurity workforce shortage will rise to 3.5 million by the same year. 

With that in mind, we spoke to Gagandeep Grewal, an HR Generalist at Herjavec Group, on what recruiters actively look for when hiring for technical positions in the cybersecurity industry.  


Since the majority of security positions are incredibly focused, especially principal roles where candidates have to be a subject matter expert in a certain technology, HR recruiters often look for candidates with at least a diploma or degree in either IT Security or Cybersecurity for most entry-level positions. For more experienced roles, certifications are what set the candidates apart. “We want candidates with certifications to show their expertise and the experience they’ve gained through years in the field,” Gagandeep Grewal, HR Generalist at Herjavec Group, says. 

However, more companies are also exploring “new collar” jobs in which it’s not necessary to have a traditional computer security education. These positions tend to value the candidate's skills, knowledge, and willingness to learn. For candidates looking to switch careers, these jobs provide a crucial first step in the right direction. 

Core Skills

“Depending on the position, we look for a wide array of skills and experience. There are some positions that require certifications whereas others prioritize field experience. However, I’ve found that there are three core skills necessary to be successful in cybersecurity: having attention to detail, being analytical, and having a constant desire to keep learning,” Gagandeep says. 

Getting Started

A common piece of advice for someone who is interested in getting started in the cybersecurity industry is to begin working as a Tier-I Security Analyst straight out of school, preferably after an undergraduate degree or diploma with some internship experience as well. That being said, entry-level positions also come with lots of hands-on training so less-experienced graduates can still get their hands dirty. 

“Tier-I Analysts get tons of exposure to various technologies and environments so they have a better idea of how they all differ from each other. Once they have this exposure, they should progress into a Tier-2 Security Analyst role so they can build upon their analysis and report-writing skills. This will really give them a strong foundation to later move into a specialized client facing role or service specific role maybe in consulting or professional services,” Gagandeep says. 

Career Progress

The path to developing a specialized skill set in a certain technology, or to a consulting role, often comes as a result of proactive behaviour on the candidate’s path. Tier-II Security Analysts at Herjavec Group, for example, are expected to specialize in a particular technology set and provide their managers and inevitably our clients with recommendations on how to improve their environment based on their learnings. 

“What ends up happening is that our Tier-II Analysts start becoming proactive about getting their certifications or doing stretch projects because they want to move up,” Gagandeep says. 

Of course, there are also non-technical positions available for those looking for a transition into the cybersecurity industry. In fact, there are many positions within Project Management, Entry-Level Sales, Marketing/HR, Finance, and other support departments where a traditional cybersecurity education is not necessary. “For those positions, a passion for cybersecurity is encouraged but it’s really a desire to learn that sets successful candidates apart,” Gagandeep adds. “The cybersecurity industry is constantly evolving so it’s important for every employee — tech or otherwise — to be able to keep up and thrive in a world of change.”

If you are a driven individual, seeking a fast-paced, innovative firm to support your success; this industry is for you. Learn more about Herjavec Group career opportunities in sales, technology, marketing, and operations here.

Get Involved

Herjavec Group is proud to be a NCSAM Champion and we want to know: what steps are you taking to make sure you stay cyber safe?

Join in the discussion by using #cyberaware to engage with us on social media!

About Herjavec Group

Dynamic entrepreneur Robert Herjavec founded Herjavec Group in 2003 to provide cybersecurity products and services to enterprise organizations. We have been recognized as one of the world’s most innovative cybersecurity operations leaders, and excel in complex, multi-technology environments. Our service expertise includes Advisory Services, Technology Architecture & Implementation, Identity Services, Managed Security Services, Threat Management and Incident Response. Herjavec Group has offices and Security Operations Centers across the United States, United Kingdom and Canada.

Stay Informed

Follow us on Twitter

Connect with us on LinkedIn