The Glamorous Life of a Systems Engineer (SE)
Hello World, especially Newbies!
So, you want to know how to become a Cybersecurity Systems Engineer (SE)? I get this question frequently in the “comments” section after posting my usual monthly columns. Perhaps you like telling your relatives that their passwords are too short. Or maybe you will enjoy being the hero when the hapless CEO clicks on the world’s most obvious phishing link. Or, it’s possible, that you truly want to protect the planet from the constant onslaught of cybercriminals. No matter what your motivation, I have some tips that should help you land a job.
For starters, let me be the first to tell you that we need you! Desperately! Depending upon whose numbers you choose to believe, the metaverse needs at least two million additional cybersecurity professionals over the next few years – that means that the jobs are plentiful and the pay is exceptional. Frankly, I got my current job purely based upon my natural good looks and charming personality. But here are some suggestions for the rest of you folks.
Step 1: Know Everything About Everything
You will need to be a walking Wikipedia of every technology that was ever created.
- Networking Protocols: You should be able to recite these in your sleep.
- Operating Systems: You had better know Windows, Linux, Unix, MacOS, and also a few of the popular scripting languages.
- Cryptography: I hope you took some advanced math classes.
- Firewalls: You will need to know a lot more than you picked up from watching NCIS.
Step 2: Expand Your Education
A four-year technical degree is a good start. (Philosophy degree – meh.) This proves that you are book smart. Real world experience is even better, even if it wasn’t in a formal job setting. Capstone projects, internships, or summer jobs in the industry are all great differentiators. Perhaps you won a Capture the Flag competition, or setup a home lab that rivals the Bat Cave, or maybe you hacked your neighbor’s firewall at 3 a.m. – that’s impressive!
Next, get certified – this is how you can really join the club. Some suggestions:
- Cisco Certified Network Associate (CCNA) – Very basic, but a good place to start, especially if you like Cisco jargon.
- Security+ – Do this online; it demonstrates entry level skills.
- Certified Ethical Hacker (CEH) – This is a more exclusive organization, and it is really cool to be officially known as a hacker.
- Certified Information Systems Security Professional (CISSP) – The gold standard. You must have five years of work experience before attempting this exam, so I’d suggest telling perspective employers that this is a “work in progress.”
Step 3: Master Your “I Know What I’m Talking About” Look
You don’t just need technical chops, you also need to effectively communicate your thoughts, insights, and concerns. Learn to talk the talk. Companies will throw terms at you like “penetration testing,” “SIEM integration,” and “next gen firewalls.” You must be able to nod confidently, and then further elevate the conversation with phrases like “layered defense strategies” or “zero trust architecture.”
Step 4: Survive the Interview
Cybersecurity professionals can have, shall we say, “interesting” personalities. You could easily end up sitting across the desk from an arrogant know-it-all. Be prepared to be grilled. Expect questions like:
- How would you defend against a DDoS attack?
- What’s your approach to incident response?
- How many packets does it take to break a router? (Trick question – don’t answer.)
Keep your answers concise, technical, and throw in some buzzwords. Don’t BS. You’ll be fine. Just don’t hack their Wi-Fi mid-interview to prove a point.
Step 5: Actually Start Working
You got the job! Welcome to the team. Proudly announce your new position on LinkedIn. Now comes the easy part: securing your company’s entire infrastructure from hackers, viruses, phishing scams, ransomware, and employees who still use “password123” as their password. It is a rewarding, exhausting, and paranoia-inducing career, but someone’s gotta do it.
Stay tuned for more nerdy columns about my experiences as an SE.