Moving from a general IT role into cyber security; a challenging thought? Perhaps not.
You may think you might have to go back to University to get a degree in cyber security, or only take an entry-level role, but this isn’t necessarily the case. With the current skills gap in cyber security at an all-time high, employers look to other types of candidate to fill roles.
There are plenty of things you can do to set yourself apart from the crowd, and take that leap from general IT into a cyber security career.
Let’s take a look at how you can set yourself up for success…

Education/Qualifications
You worked hard to get where you are in your IT career, so going back to school might not seem too appealing. Depending on your level of experience and life circumstances, you probably won’t have to. Only 33% of the cyber work force in the UK have a specialist degree in cyber security, whereas 30% have a general Computer Science/IT degree, so you probably won’t need to start saving up to buy books off a new reading list anytime soon. In fact, 27% of cyber security workers come from non-cyber security related backgrounds, so having experience in IT stands you in good stead.
What might be more beneficial is looking at gaining some cyber security certifications. We’ve got an extensive list of the best certifications to hold here. Take a look at what type of certification would suit you at your current skill level. You’re not going to be jumping into the CISSP straight away, but there are plenty of options available, which are less costly and time consuming than going back to university.
It’s also worth looking at short courses, as some institutions offer cyber security boot camps, which could help boost you on your path from general IT into cyber security.
Make sure you start researching which branch of cyber security you’d like to pursue. Here’s a handy tool from the UKCSC about the various career paths available within cyber security. Take a look at the skills you need for your chosen niche. These might be risk assessment and management, cryptography, security operations, information assurance, authentication, Linux, information systems, digital forensics, coding languages, and more. Being able to demonstrate your knowledge in the desired areas will help you bag that cyber security role.
Transferable Skills
Having an IT background means you have plenty of technical and ‘soft’ skills that will translate well into a cyber security role. Some of these may include: an understanding of the industry, network systems and database management, knowledge of commonly used terminology and data privacy, an understanding of cyber security across various tech platforms and devices, coding skills, problem-solving, presentation skills, attention to detail, teamwork, communication, a desire to learn, logical and analytical thinking, interpersonal skills…the list goes on.
You’re probably able to tick more of those boxes than you imagined. What you need to do now is demonstrate these in your current role, and document examples of when you have used these skills. Create as much evidence as possible of how you possess transferable skills, and this will set you apart from other candidates. You don’t want to leave a mid-level or senior IT role for an entry-level cyber security role, so the more you can build a case for yourself, the better. It’s of note that with any change in career, you likely won’t take a sidestep in pay and responsibility, but if you can reduce the drop in level of role, you can minimise the impact on your career and personal life.

Hands-on experience
You’ve got plenty of hands-on experience in IT and tech, so why not just reroute this a little? Use your current role as a spring board, and get in touch with the security and privacy departments at your organisation. If you start to take on some junior-level tasks for them, you’ll gather some great new skills and hands-on cyber security experience. If you catch their eye, it might also be a great internal route into a new cyber security role.
You could also try volunteering, or creating a project at home. This is still good evidence to add to your portfolio.
Research and explore the industry
At this stage, you need to be a sponge. Stay up to date on relevant cyber security news and publications. Attend webinars, listen to podcasts, and try to join the cyber workforce community. Ever been to a hackathon? Now might be the time to start. You should be able to hold an intelligible conversation about the latest security innovations if you’re going to impress your interviewer when going for a cyber security role. If you can do this, you’ll demonstrate your passion for the industry, and boost your profile above those who haven’t bothered to put the work in.
Another useful tool for you to use is CyberSeek – a resource for gaining information on careers in cyber security, how to start or advance your career in cyber security, and regional demand for cyber professionals in your community. Knowledge is power!
Make yourself as attractive a candidate as possible, and the challenging feat of transitioning from general IT to cyber security won’t be such an uphill struggle anymore.
Want some career advice? Looking for a cyber security role? Ready to take the leap? Get in touch with one of our Cyber Security Recruitment Specialists today to see how we can help.