One of the most challenging problems an entry-level candidate faces is showing experience on a resume. It’s pretty much impossible to show experience if you don’t have any without outright lying. Well, the good news is there are several ways to fill in this gap on your resume.
One of those is with online courses and self-study. We actually spoke about this in a previous blog. Another option is to get involved with your local cyber security community!
You have heard me say, “employers like to see passion” often. And this is true! Passion is how you approach something. Do you have a sparkle in your eye when you talk about it? Are you constantly doing things related to the subject? Are you involved in the community?
And we will stop with the third question since that is the topic of this blog. If you haven’t found a community to get involved in, no worries. In this blog, we will discuss how you can find a group of like-minded individuals, aka get involved in infosec!
Being involved in a cyber security group has many benefits besides listing it on your LinkedIn profile and resume. Communities provide opportunities to learn and network as well. You may even luck up and find a mentor to help guide you.
I have found groups in the infosec space to be inclusive and welcoming to newcomers. Old hands are always happy to answer questions, and you should have plenty. You know, being new to the field and all.
Networking is also a key aspect. I have had several mentees get jobs through networking at infosec networking events. Sometimes it is just hard to get your resume past HR and into the hiring manager's hands. Well, what better way than to send it straight to the person after having a friendly in-person conversation?
I am not saying this will happen with every person you speak with or even at every event you go to. But let’s say you speak with someone who just so happens to be looking for an entry-level person, and they enjoyed the conversation. They may give you their business card and ask you to send them your resume.
No human resources and no resume filtering. Just plain ole networking.
You may be saying, but I don’t like people. I get it. We are a group of introverts. Well, many of us anyway. Sometimes you need to get outside of your comfort zone. Personally, I am an introvert around normal people. But around fellow nerds, I find it easier to start up a conversation. Give it a try yourself.
Let’s get right into the community options.
Meetup is the easiest place, in my opinion, to find groups of like-minded people. COVID has affected this somewhat, with several groups shutting down. But, I expect more meetup groups to begin emerging from the ether to replace those lost.
In bigger cities, your options will be broader, and in smaller towns, there maybe 1 or 2. Either way they are worth checking out.
If there isn’t one, why not create one? Meetup is a place where anyone can start a group. If you are looking, chances are others are doing the same.
This is a group that falls under the notorious CompTIA. Although their name is there, the group is driven by the local community. Honestly, I have no idea how they are involved besides taking money for memberships.
Regardless, I have made some great friends and connections at these events. Most people are easy to speak with and just enjoy hanging around other nerdy souls.
My local chapter in Charleston typically has a guest speaker each month to discuss a topic they have expertise in. About once a quarter, we do a panel of experts to discuss a current topic of interest for the group. At these panels, members have a chance to ask questions and hear the views of several people.
Although our meetings are structured this way, expect your group to be different. As I mentioned, the groups are community-driven, and therefore they decide how to run the show.
There is a membership fee for this group. However, you can typically join a couple of meetings to see if you like it. If you are a student, take advantage of the discount for membership.
ISC2 is another infamous certification body with local chapters all over the world. Much like AITP, these are also community-driven.
The cadence of this group is slightly different than the AITP group but remains just as informative. In my local chapter, we actually have a gentleman doing a monthly series on ethical hacking. And at least once a month, we have a guest speaker.
Like AITP, the members are fantastic. Happy to answer questions and network with anyone there.
ISC2 was the first infosec I ever attended, and I remember being captivated by the speakers. Members were kind enough to introduce themselves and ask me about my journey. These groups will always have a special place in my heart.
Even though AITP and ISC2 are similar, both are not in every city. In fact, during COVID the ISC2 group started up for the first time and AITP stopped holding meetings for a while. If you are looking for an infosec group, keep an eye out for both.
4. Def Con Groups
These were more up my alley in terms of topics discussed. But unfortunately, I don’t live anywhere near a group anymore. But, when I did attend, the speakers out in Tampa always seemed to be focused on hacking stuff.
One talk, in particular, I will remember forever. This guy spoke about his experience with the OSCP certification process. At the time, I hadn’t really heard of the OSCP but, the speaker sparked my curiosity enough to pursue the certification myself. Thank you to that mysterious gentleman! I can’t remember your name, but you were 100% right about everything.
For a list of the groups worldwide, check out the Def Con page for social groups. And for more information about what these groups are, see the Def Con Groups FAQ page.
If you are lucky enough to have this group nearby, check it out!
5. 2600 Groups
Personally, I have never been to one of these groups. But I have seen them in the 2600 magazine, I frequently read.
Not only that, but an old consultant coworker of mine loved to attend the gatherings when he traveled for work. He enjoyed meeting fellow hackers from all over the United States.
Looking at the list of groups, they seem to primarily meet in large cities around the world.
Unlike some of the other groups, and from what I know, these are just informal gatherings. No speakers or agendas. Just people hanging out at a mall, coffee shop, or where ever to chat.
7. Local Conferences
For the seventh and final option, we have conferences. These happen all over the world, big and small. But what remains common to all are volunteer opportunities.
Affectionately called “Cons,” these events are quite the logistical feat with hundreds of moving parts that require a team to pull off. If you navigate to the conference website, you will typically see a section devoted to finding volunteers.
For instance, check out Def Con’s “Get-Involved” page.
You may be asking, what are you volunteering for? Anything really, such as working at the information booth, helping with registration, helping with the CTF, etc.
But don’t worry, you won’t have to work the entire conference. Typically, the work is done in shifts to allow volunteers to sit in on the talks or participate in events.
Volunteering at these conferences provides you an opportunity to mingle with professionals, learn from the talks, and get free access to the conference. Can’t get much better than that.
Now that you are ready to volunteer, what conferences are being held near you? First off, I don’t know where you live, but the Bsides conferences are prevalent worldwide. Check out the map near the middle of their page to see if a con is close to you.
For more conferences, check out the infosec-conference.com page for a continuously updated list of events.
Conferences and networking events are great opportunities for people of all skill levels to get involved. No matter what point you are in your cyber security career, you can benefit from the educational experience and the networking at these events.
If you are one of my entry-level people, I urge you to attend a networking event at least once a month. You never know who you will meet and what that conversation may lead to. Hopefully, a new resource, job or just plain ole good advice.