Transition from Developer to Cyber Security

Iron Contributor

Hi Team,

Currently I'm developer, i decide to make a transition to Cyber Security.

Where should I start?

Should I start with Penetration Tester or Security Consultant?

 

Thank you.

2 Replies

Hi @Eng Soon Cheah ,

 

In my opinion both paths are amazing to get into Cybersecurity! I worked in both worlds and I found both amazing.

 

From my experience there are different advantages for each part:

  • Working as a Security Consultant allows you to communicate a lot with different organizations. You hear a lot about different security practices and how people configure their environments (and the most common errors). You will still be able to use your developer background and you will have the chance to dive deep into technical details. Thinking like an attacker is also very beneficial.
  • As a penetration tester you can leverage your developer experience - but now you are looking on the other side. There's still a lot to learn because attacking software works different as writing it - but it's a huge advantage to understand how developers write code (and how it can be exploited). Understanding protocols, systems and common mitigations is also a big part here. And yes, writing reports is a must for every penetration tester.

 

So in the end: what are you passionate about? Would you rather help organizations to defend or would you like to get into offensive security?

 

Whatever it is - blue or red team - don't assume that you can't learn the skills to work in the role of your dreams! If you are passionate enough and put some serious work into your learning, you will shine! :)

 

I hope this helps with your decision,

Miriam

 

Thank you so much @miriamwiesner .