What is it like to enter into the cybersecurity workforce fresh out of college? We sat down with associate consultant, Jake Smith, to find out. Smith joined BARR after graduating with a bachelor’s degree in information systems from the University of Mount Union. Here’s what he had to say.
When did you first know you wanted to pursue a career in cybersecurity auditing?
After I took my first cybersecurity class, I knew it was the industry I wanted to go into. But I didn’t actually know until the summer after graduating that I wanted to go into the consulting and auditing niche. Early on, I didn’t have the resources to understand the breadth of the industry—it’s huge, there’s a niche for everyone. I took my time to explore my options and used every resource I had available to me, like talking with my cybersecurity professor who has great experience out in the workplace. Once I got further into it, I loved it and quickly realized it was what I want to be doing for the rest of my career.
What was the biggest challenge you faced transitioning from learning about information systems in a classroom to helping clients navigate complex security and compliance issues?
Being patient with myself has been tough but vital. Understanding the specific tasks of my job, specifically the stuff you do day-to-day that’s not always taught in the classroom. I’ve learned it goes beyond auditing, working in soft skills and company specific processes. I was lucky enough to be involved in social organizations in college that helped me develop some of the soft skills necessary in my daily role. And as for BARR-specific processes, those become natural with time.
What has been the most fulfilling part of your job so far?
The most fulfilling part of my job is having a firm that supports my career growth and development. I want to thrive in my role and BARR is the perfect environment to do that. It’s great having a team that wants to support me, push me, and allow me to achieve those ambitious goals. I also find it fulfilling that we operate as an extension of our clients’ teams. We work with them as a trusted partner and really build relationships there, helping them with specific needs and solving security problems.
What has been the most challenging part of your job?
Every environment that I audit and consult on is different, which means I learn something new every time. I might be working with a client on AWS one day, and then the next one is operating on GCP. It’s the nature of the work. Oftentimes, you have to think on the fly, keep your brain active, and constantly learn. And I enjoy learning something new with every project.
What advice do you have for high school or college students who are considering a career in cybersecurity auditing?
I’m not going to limit it to just auditing—overall, cybersecurity is a quickly growing industry. There seems to be a new specialty that pops up all the time, so some advice I’ll give to students interested in cybersecurity is that there’s a niche for everyone. Explore all the roles out there because if you have that initial spark of interest in cybersecurity, there’s something for you in this industry. Try talking to someone currently in the industry to get their perspective.
To prepare for the job search, establish some differentiators for yourself, like participating in extracurriculars that emphasizes your interest—maybe a cybersecurity club at your university. Maybe look into online courses. Seek out internships. Craft a solid resume.
The biggest takeaway from this article should be to explore, explore, explore. Take time to research the various avenues within the ever-expanding cybersecurity industry. Talk to people, like Smith, who are new to it all, along with seasoned professionals who have watched and grown along with it. Job shadow. Complete an internship.
In fact, BARR Advisory offers internship experiences for those looking to dip their toes into cybersecurity auditing. If you’re interested in learning more about BARR internships, contact us or explore our career opportunities.
Take time to research the various avenues within the ever-expanding cybersecurity industry.