How students can get a career in Australian cyber security

The demand for cyber security professionals is outstripping the supply, but you’ll need more than just a degree to join the profession

Rearview students with hands up teacher in background [students, education, question time]
skynesher / Getty Images

Australia’s cyber security industry has grown considerably in recent years. As the battles waged between the ‘bad guys’ (nation-state actors and cybercriminals) and the ‘good guys’ (our people, businesses and government departments) intensifies, the need for more homegrown cyber security professionals rises.

Universities and important industry bodies are taking notice too: Victoria’s Deakin University recently announced Australia’s first ACS-accredited cyber security qualification, providing further opportunities for education and employment in the sector. Meanwhile, a report from AustCyber indicates around 17,000 more professionals will be needed in the industry by 2026.

Because of this rapid expansion and need to mitigate the risk of reputation damage, huge financial burdens and important infrastructure being taken down, it has become a financial and operational imperative for all industries in Australia to recruit the right cyber professionals to defend themselves, partners, users and other stakeholders.

However, entering a sector that places so much responsibility on the shoulders of those at the coalface can be daunting. Possessing the necessary skills is one thing, but clarifying how those skills have been acquired and nurtured with real-life ‘boiler room’ experience is important for companies looking to hire. And for many budding professionals, that starts with a CV refresh.

Start with a good first impression

While it should be a prerequisite in any industry, many applicants fall short at the first impression stage — while there is plenty of demand for cyber professionals, there is also plenty of talent and keeping the cover letter and CV short, concise and focused on technical ability and work experience goes a long way.

Experience tends to trump education in the industry, and while graduate applicants won’t be expected to have years of experience under their belt, any experience and initiatives undertaken should be highlighted strongly here. This could also include research conducted through personal initiative or self-published research.

While there is a growing appetite for cyber security courses and scholarships, most IT-related degrees still offer a curriculum too broad in scope to provide any in-depth experience in the field of cyber security. For students and recent grads, it’s important to be proactive in pushing for more practical learning modules or doing extracurricular work experience.

Most lecturers and universities will have industry contacts they can connect you with, so students should take advantage of this and get involved where they can. This shows proactivity and passion which will be well received by prospective employers.

Of course, qualifications don’t necessarily require years of study, and not all are based in Australia. The US and UK have a number of succinct qualifications accessible by students in Australia. They can be a great way to stand out from the competition. These courses will incur additional costs which may not be covered by HELP, so if this is an issue, students can learn at home and get involved in research outside their curriculum. It’s the extra mile and passionate attitude that matters most.

Next develop the right experience

Developing the right experience is essential — as Pink Floyd would advise, don’t be another brick in the wall, but rather be part of the wall. Cyber security is at the forefront of any organisation’s digital footprint — exposure to that environment and how it interacts with and informs other organisational departments is incredibly valuable.

This is also how you build up your network. Cyber security — and even the wider IT industry — are still a relatively small and tight-knit community in Australia. You’ll start to see the same faces at industry events, and you can build a network of peers for career progression early on.

But most important is how this experience helps build trust — more than any other industry, cyber security is built upon trust. The role of protecting an organisation and its people requires it in spades, and so organisations tend to go with who they know. Remember, skills can be learned, but trust must be earned.

The industry also needs a great deal of diversity. Australia’s technology industry has long suffered from a lack of diversity and hence the great efforts by organisations such as FITT and Tech Girls are Superheroes to introduce STEM subjects and encourage more women and minority groups into the profession.

In cyber security, diversity means an ecosystem of minds with different skills, background and experience coming together to solve increasingly complex challenges. Celebrate your diversity and diverse experience and make sure your potential employers can see what you can bring to the table.

The cyber security industry represents some of the greatest opportunities for millennials and other younger generations. Get your experience in order and clean up your CV from the offset, never stop learning and taking on new experience, and you can go far in an industry that needs you.

Malcolm Bailie is manager of solutions delivery and projects (APAC) for industrial cyber security and operational technology specialist Nozomi Networks.

Copyright © 2020 IDG Communications, Inc.

The 10 most powerful cybersecurity companies