How To Get Your First Cybersecurity Internship
Updated: May 19
A few months ago, I was just a college freshman seeking internship opportunities with no skills or relevant experience. The thought of getting this Cybersecurity Internship had been lingering in my mind for quite a while but I did not know how to go about it especially with my limited skills and experience. Fast forward to today and I'm over 5 months in as a Cybersecurity Analyst Intern loving it. How did I do it?
FIVE MAIN STRATEGIES
Here are 5 strategies that helped me and can help you in bagging that first Cybersecurity Internship:
Understanding the Fundamentals of Cybersecurity
Building your skills
Having a solid resume
Developing your soft skills
Building your network
Simple uh? Let's get deeper into these strategies.
STRATEGY 1: THE FUNDAMENTALS
According to many professionals in the field, Cybersecurity is not an entry-level field. In some ways, I both agree and disagree with that but that's a topic for another day. Bottom line is that a lot of Cybersecurity professionals come from diverse backgrounds including General IT roles, System Administration roles, Network Engineering roles and so many more.
With these previous roles, these individuals already have the foundational IT skills to help them prosper in a Cybersecurity career, and as a matter of fact, I think that traditional route is one of the best ways to go:
General IT(Help desk) >> Sysadmin/Network Engineer >> Security Analyst & beyond
But you and I are not interested in going that long route...
So what are the fundamental skills you need to avoid that long route?
1. Operating Systems:
Operating systems provide the backbone for everything we do on our devices. In order to understand how to secure a device, you need to understand what runs on it. Having a general understanding of Windows, Linux & Mac systems is all you need. You do NOT need to be an expert but you need to understand the basics of how these systems work.
Networking provides the connections that help our devices and operating systems communicate. Without networking the operating systems might as well just be dormant. Networks work with protocols and these protocols could either be what secure the devices or leave them open to vulnerabilities. Knowing those protocols, understanding how they work, how they can be exploited, and how they can be secured is fundamental for your knowledge base.
3. Hardware & Software
This one is really subjective in terms of importance but what we're trying to achieve is a basic understanding of IT and understanding the basics of how the things we're trying to secure work. So grasping a foundational understanding of this would be beneficial down the line.
A good starting point to get this knowledge is through the CompTIA A+ certification exam. For more information about this certification, click here to check out my YouTube video about the exam including all the resources you need to get started.
STRATEGY 2: BUILDING YOUR SKILLS
Now that you have the fundamentals down, it's time to skill up. You have to show your potential employers that you really want this internship. So what are you doing to prepare and get yourself up to speed?
1. Get Certified:
Okay okay okay, I get it, you're in school and homework is crazy and you have a part-time job and you also gotta do this and do that...trust me, I get it. BUT you should really consider getting certified. Certifications help you learn beyond what your college coursework provides and they also add a feather to your cap when you're presenting your resumes to hiring managers, recruiters, or the dreaded ATS system/ HR. Consider beginner certifications like the CompTIA A+, CompTIA Network+ & CompTIA Security+.
Click here for my YouTube playlist on how to get started and how to pass those exams.
2. LAB LAB LAB & LAB AGAIN
In order to build your skills, practical knowledge is required. You learn how to "DO" and not just "know". Get started with websites like Tryhackme, HackTheBox, RangeForce, Overthewire, picoctf, and so on and start gaining practical skills in different cybersecurity respects using CTFs.
3. Personal Projects
Personal projects go beyond just labbing and certifications, they show how you've applied both. For personal projects, you could build your very own homelab, write a keylogger, perform a penetration test on your home network, contribute to open source projects, etc. The list is endless but you decide what works for you. In addition to all of this, be sure to document your progress using a blog, podcast, YouTube channel in order to reference it for yourself or even during an interview.
Click here for my YouTube playlist on how to get started on a homelab
STRATEGY 3: THE RESUME
This is the one piece that brings everything you've done in the previous two steps together. If your resume can not effectively convey all of these efforts you've worked hard on, it's essentially futile. Your resume has to be clear and concise, straight to the point but detailed enough to give a very good impression of you. Resumes are a very detailed subjects and I'll certainly write a separate blog post on how to get your resume right but in the meantime, utilize your college's free resources and workshops for resume help or join Cyberwox Academy's community discord and you can submit a redacted version of your resume which I'll personally critique and give you pointers, as well as other students.
STRATEGY 4: SOFT SKILLS
Working in cybersecurity requires soft skills. Beyond having the technical skills to qualify for a certain internship, you need to have some other skills. You need to get your communication/interviewing skills up. Being in a position where you have to talk to an individual you've never met and answer questions is very intimidating and this is coming from someone who has interviewed a very decent amount of times. Selling yourself in a humble and passionate way to your potential employer is very important. I could go on and on about interviewing but I should make that a blog post for another day.
Apart from communication and interviewing, passion & empathy are very important. Passion keeps you dedicated to learning and solving problems and empathy makes you understand the needs of the industry or an organization and drives you to create solutions to those security problems. There's more but those two are a great start.
STRATEGY 5: UTILIZING YOUR NETWORK
This is one I can't speak too much on because I haven't experienced it first hand in a certain light but I do know people who have gotten internships through their networking skills on LinkedIn or community meetups and so on...it is very possible. On the other hand, your network can do beyond that, your network can be used for guidance in navigating your cybersecurity career, your internship application process, asking questions on things you don't understand, having a support system, collaborating on projects and so much more. Do not undermine the importance/value your network holds.
For even more information on how to get a Cybersecurity Internship, click here to check out my YouTube series on my Cybersecurity Internship
These strategies are bound to work if utilized properly but they're not the only ways to get your internship. Explore other paths and strategies as well. Be persistent because this is not an easy process. It requires consistency, hard work, resilience, and patience but in the end, everything counts. Also, be open to other opportunities outside of Cybersecurity. If a cybersecurity internship is inaccessible, don't close your mind to other general IT internship opportunities. Get your foot in the door and work your way up.
I wish you all the best in your endeavors!