Step1: Going with the existing knowledge

If you have automation knowledge just you need to go with the flow, additionally with that knowledge we need to add some specific skills. Sometime we do many activities inside our industry or in plant but we are now aware that these activities are of cybersecurity. For example if we do regular manual backup or regular firmware upgrade or switches , or anti virus signature update or maintenance of broken door or lock.

Step 2: Understanding your strengths

There are many personal qualities that can make you more successful in particular roles. Understand how are your soft skills, hard skills, communication, empathy, technical capability, etc, and play them. If you are good in SIS then you better know your system and can design cybersecurity solution for SIS better.

Step 3: Take care of your network

As your career advances, what you know is less important and who you know becomes more important. It does not matter if you are looking for your next position, selling products or services, or finding providers. Contacts normally will take you farther faster than going solo. A nice way to gain contacts is by participating in professional associations.

Step 4: Get uncomfortable

Giving up opportunities out of comfort is a short term win, long term loss. Avoiding change because you don’t want to move to another country, or your current position is too comfortable may lead to missing opportunities that may not come back. Yes, there are other things in life than your career, but career does matter for other things as well.

Step 5: There is always a job market

You should always have an eye for job openings to check what recruiters are asking for. By doing so you can stay sharp having interviews once in a while, and you can probably move faster if your current position deteriorates. Many changes can lead to a dead end, like your company being acquired, your line manager moving on, or other unexpected events.

Step 6: Learning things that are not technical

Cybersecurity is not only about technical skills, it contains risk assessment, vulnerability management, compliance, Governance etc. Remember cybersecurity is a business so need to learn those chapters which drive this business. Rather than getting many certificates on the same subject, it is better to go for a variety, including out of cybersecurity.

Step 7: Get professional certifications

Most companies don’t have people qualified enough in cybersecurity, even in the IT department, to evaluate if you are qualified, so they use certifications to filter candidates. Get at least a couple of relevant certificates to make sure you make it to the interviews phase. At least start wth cheaper ones and then progress to the more standardized and reputed ones.

Step 8: Value Yourself

Always add some technical skills or soft skills based on your identified gaps and increase your potential value. What gaps you have and what you need to fill. If you don’t know NIST 800–82, just learn that from somewhere, once you learn you will always find opportunities to implement your learnings.