r/CyberSecurityJobs

Hey everyone, looking for some genuine opinions.

I'm a college student in my third year (3rd from last year). I did an internship at a company that offered me a full-time Odoo ERP Python developer role. They expect a 2-year commitment.

Here's my situation:

• I genuinely liked the internship work after 1.5 months
• I have a strong interest in cybersecurity and have been self-studying it for months
• I'm okay with upskilling in security on the side while working

My concerns:

• Will ERP development have a future with AI coming in?
• Am I closing doors on cybersecurity by taking this?
• Is 2 years of Odoo experience actually valuable?

Would love to hear from people who work in ERP, security, or made a similar career decision. Thanks

I wanna know the view of the recruiters if they would ever hire someone like that because I see a majority of the people in this field have something beside just their job.

Is the market ready to accept something like this?

Moving from one city to another for personal reasons and the job search has been way harder than I expected. I've got a few years in detection engineering, mostly identity threat and SIEM work, and I'm getting basically nothing back. Not even rejections, just silence. Started to wonder if my resume is getting filtered before a human even sees it because my address is out of state. Talked to a recruiter who pretty much confirmed that location filtering is real at the application stage, at least anecdotally. Said a lot of hiring managers skip out-of-state applicants unless the role is explicitly remote, and most of the roles I actually want right now aren't. The market in 2026 is already leaning hard toward cloud security, IAM, and GRC, so, detection engineering roles feel more competitive to begin with, which makes the silence even more frustrating. So now I'm debating whether to just put a local address down to get past the initial screen, but that feels like it could blow up later and I'd rather not start a conversation with a lie. The other option is to lean harder into remote-first roles and build up local connections before, I actually move, like BSides or local security meetups, but that takes time I don't really have. Curious if anyone has navigated this successfully. Did you wait until you were physically in the city before applying, or did you find a way to get traction remotely first? Also open to hearing if anyone has had luck being upfront about relocation timelines in their cover letter rather than trying to work around the filter entirely.

I basically got a job interview for a senior security operations analyst, I am going to be interviewed by 3 people out of India, then 2 people from Boston, then finally the manger who is also in boston.

My interview for my current job as a security operations center analyst was pretty softball questions, like walk them through how to investigate a phishing email and respond to it. is IP address 10.10.10 .10 a private or public ip address? What is a problem many SOCs are facing? Tell me about an exploit and why you like it?

What should I be expecting in a senior interview? I am just gonna ask this question in a very blunt manner, is the first round being three people from India gonna change a lot of the questions I am about to be asked and what I should study for? (this is a job located in Boston btw). I ask because I feel there might be cultural shifts in job questions in what they are exploring/asking, but also would like to know what to expect from a senior vs non-senior interview.

Hello, I am currently 28 with zero experience and want to start my career in IT to pursue cybersecurity once I find my best fit in the industry. After working in call centers for 9 years with time ticking I believe I found my career path based off general research and interests, Personally I feel like I'm starting off very late and need any type of guidance or assistance to help me begin my journey as I look online there are so many paths to take to start cybersecurity. I currently wfh as a scheduling service and have plenty of time to do studying/courses but currently struggling financially check to check and it mentally is deteriorating knowing I can't use any income to help take college/online courses to help me jumpstart my career. I appreciate any support or guidance that can be given during these hard times and I thank you in advance for helping me get my life together finding a way to start what I should have done years ago.

TLDR : I am currently 28 with zero experience and want to start my career in IT, struggling financially need any support or guidance to help me start my journey

I passed the CISSP last week. However, the job market is abysmal right now. Is obtaining a CISSP even having an effect on your job search? Or is this a "shits and giggles" cert now?

Hey everyone, hope you’re all having a great day.

I’m currently a master’s student in Canada and working in a security-related role. I’m at a point where I need to choose between two internal paths, and I’m honestly quite torn. Would really appreciate some perspectives from people in the industry.

Background:

Master’s in information systems (Canada), bachelor in information systems too

~near 4 years prior experience in tech / consulting (some security, like security assessment and shadowing pentesting exposure, but would like to pursuit blue team roles for job)

Goal: stay long-term in North America and eventually move into a solid tech company (ideally something like big tech or strong mid-size tech)

Interested in cybersecurity, preferably more on the technical side (not purely GRC)

Option 1: Data Security (current team, been here ~3 months)

Tools: Splunk (SIEM), CrowdStrike, Microsoft Purview DLP

Work: dashboard, monitoring, data protection, dlpolicy configuration

Pros:

Already ramped up and built trust with the team

Clear technical path

Cons:

Feels a bit “traditional” / not very cutting-edge

Option 2: AI Governance / AI Security (new team)

Work:

Reviewing internal AI use cases from a security/risk perspective

AI governance / risk assessments

Some involvement in client-facing AI products (AI agents, explainability, etc.)

Pros:

Feels more “future-facing” (AI, obviously)

Team is growing and seems to have more visibility

Cons:

Seems more policy/review heavy

Not sure how deep the technical side goes

More like a consulting-style environment

My main consideration:

I’m worried that if I stay in Data Security, I might miss out on the AI wave.

But at the same time, I’m also concerned that going too early into AI governance might leave me without strong technical foundations.

Questions:

For early career, is it better to double down on technical security first?

How “transferable” is AI governance experience if I later want to move into more technical security roles?

Thanks all!

Hello Everyone I applied to American Express with a cybersecurity focused resume but got an offer for Apprentice Enterprise Technology Services.

I am aiming for a cybersecurity role so wanted to know if this position gives any exposure to security related work or if it is mostly IT operations and infrastructure.

I wanted to learn new skill and switch jobs within Cyber Security, but according to my programmer sister, these days, new hires get quickly fired.

I don't really talk to anyone at job so I couldn't ask them. So, I searched chatgpt and according to it within IT, Cyber Security is relatively safe so I wanted to confirm from you guys about your observation in your work place and general observation.

My sister says to just keep learning new skills these days without thinking about switching. I can do that but I really wish to switch as well.

Edit: Right now I'm set working for current company but I am afraid to switch because I can only rely on myself for finances. And I'm asking the question here because I'm way too introverted and don't personally know anyone in my company.

Hey y'all,

I'm looking for a new role because my significant other is moving to ATL for a new role.

I currently work as a Systems Security Analyst(promoted from Systems Security Analyst Associate) at a public healthcare company in Florida and I have 2 years-ish of direct security experience (SOC, GRC, Vulnerability Management, Configuration management, etc.) I have had to basically be a Swiss Army knife of security and I will say I have had a wide range of security skills taught to me and they extend to many different areas. You name it, I've done something related to it minus penetration testing and exploitation.

Certs: CC and SSCP as well as Microsoft Excel Expert and Associate

My college job contained networking and system configuration on a relatively large scale so maybe an additional half of year of security experience from over the course of a year.

Since I don't have a specific specialization i figured that might make it difficult to get a job in certain positions.

Does anyone have any tips or help that I can leverage to get at least an interview?

Hi All. I hope you can help, I got feedback from two junior cyber security roles I did an initial assessment for. They both said I needed to improve my report writing and methodology. Are there any online resources I can use to practice?

Thanks in advance.

I currently work at a NOC for an Internet provider, take calls, troubleshoot routers, etc. I started about a week ago and just got an offer for a security analyst position at NovaCoast. It’s a pay cut and only 30 hours a week and the 12am-11am shift. I was wondering if anyone has advice? is this worth it as a stepping stone? And if anyone else knows anything about Novacoast, seeing as the reviews on it, job wise, aren’t great. For context I am only 7 months into studying cyber security, so an entry level role would be huge, i am also only 19.

Hi,

I was wondering if anyone could help. I have a previous degree in a non IT related subjected, but I am looking at a career change and interested in getting into cyber security.

I doubt that I would be eligible for funding for a second degree due to my previous one although I am currently researching into the open university option to see if that is feasable. I’ve also looked at things like IT career switch but again im not sure if thats a good option given things i’ve read.

I just wondered if anyone had any information on useful things I could do to get into this sector as a complete beginner, wether the open university is a good option or know of any other funded options i could take.

TIA!

Hey everyone,

I’m trying to figure out if this move makes sense for my long-term goal of getting into cybersecurity.

Right now I’m working as an Application Support Engineer making about $78k. The job is stable, but I don’t really enjoy the work or the team, and it doesn’t feel like it’s moving me closer to cybersecurity.

I recently interviewed for a NOC Analyst role through a recruiting company. The pay is around $39–$40/hour, but it’s a 3 days on / 4 days off schedule (12-hour shifts), so it comes out to about 36 hours a week. From what I understand, that’s roughly a slight pay cut overall unless I supplement it.

My background:

- B.S. in Computer Science

- M.S. in Cybersecurity

- Experience with troubleshooting, logs, and tools like Datadog

- Some exposure to scripting (Python) and enterprise systems

I’ve been struggling to break directly into cybersecurity roles, which is why I’m considering this. It seems like NOC could be a good stepping stone (monitoring, incident response, etc.), but I’m unsure if that’s actually how it plays out in the current job market.

My main concerns:

- Taking a slight pay cut

- It being a contract role (less stability)

- Whether NOC experience actually helps transition into cybersecurity (SOC, analyst roles, etc.)

- The schedule (not terrible, but definitely different)

At the same time, I feel like staying where I am isn’t really helping me move forward either.

Would this be a smart move for breaking into cybersecurity, or should I just keep applying for more direct cyber roles?

Appreciate any advice 🙏

Buonasera sono un ragazzo di 20 anni e ho diverse domande.

Vivo in Italia(lo specifico perché i requisiti di assunzione sono particolari).

Vorrei iniziare a lavorare nella cyber ma so che per entrare bisogna prima diciamo fare la “gavetta” passando per IT.

Quindi ho pensato almeno di provare a prende il certificato IT google certification (Ho completato questo corso).

Adesso sto studiando per comptia A+ in modo autonomo per poi comprare i Voucher per gli esami avendo sentito gente dire che è ben visto dai recruiter per iniziare.

La mia domanda è attraverso i corsi riuscirò ad arrivare al tipo di carriera che voglio?

Comptia A+ è buona (anche networking ecc)?

Ringrazio chiunque risponda in anticipo e auguro buona giornata.