Take a cue from Goldilocks: Go after the industry certification that’s “just right.”
This entails pursuing a credential that helps augment technical skills with security practices. Many choose the SSCP for its balance between the foundational and technical. SSCP allows you to prove a technical understanding without having to seek a more entry-level certification.
Change your perspective to layer security into the work you’re already doing.
Moving from IT to security is a natural evolution. Once you’ve gained the requisite knowledge and put it into practice, it’s just a matter of changing perspective. Whether you work on the networking team or the help desk, your job is to make things work – and make sure they work efficiently.
When jumping into a security role, the mindset has to change from “let’s make this work” to “let’s make sure this is working safely.” With this approach, the transition becomes infinitely easier.
Expect to be constantly challenged and embrace it.
Technology moves fast, but security has to move faster to keep up. And in this field, you will never stop learning. Embrace it! And don’t wait. Convergence is happening. DevSecOps is happening, and many companies are adopting this type of workflow.
In security, your seat on the team no longer matters. You must have an understanding across disciplines to collaborate effectively and come up with solutions.
For more insights from a security professional’s perspective, read the Q&A with (ISC)2 member and employee Chuck Gaughf.