Feature
#ELLIE • 5 min read

9 Ways to Gain Experience in Cyber Security

In any role, hands-on experience is a currency that holds immense value to recruiters and employers alike.

We often hear our community say, “I’ve tried to launch a cyber career, but I’m having trouble getting started", or “Recruiters want candidates with experience in cyber security, which I do not have!”. We hear you!

Gaining experience in cyber security can be challenging, but there are several ways to build your skills and knowledge. In this guide, we will talk through some ways you can gain experience in cyber security, helping you stand out from the crowd!

Internships / Work placements

Having a cyber security work placement on your resume demonstrates practical experience and commitment to the field. It’s also a fantastic way to get a real taste of what a cyber security career looks like, helping you gravitate towards your chosen area within cyber.

Work placements expose you to different aspects of cyber security, from incident response to risk management, giving you a broader understanding of the field.

To maximise your experience during a work placement, we always advise asking questions, seeking additional learning opportunities, and aiming to contribute meaningfully to projects. This proactive approach can significantly enhance your learning and professional growth in cyber security!

CTF events

Participating in CTF competitions can provide hands-on experience in solving real-world cyber security challenges. To employers and recruiters, it can also demonstrate teamwork, with many CTFs team-based, fostering collaboration and communication. In addition, successes in CTFs can be excellent examples to discuss in job interviews, demonstrating your practical experience.

Most importantly, joining CTF events connects you with like-minded individuals, mentors, and potential employers in the cyber security field.

Volunteering

Volunteering also shows initiative, pro-activity, and commitment, while enabling you to foster your problem-solving skills with the various challenges you tackle.

With volunteering roles involving cybersecurity-related tasks, you’ll be able to apply theoretical knowledge in real-world scenarios and enhance your technical abilities in different areas of cyber, such as threat analysis, network security, or system administration.

In a recent video from SimplyCyber, Gerald Auger says: “Many organisations (especially small businesses or non-profit organisations) are in dire need of volunteers with cyber security skills. By volunteering your time and services, you can capture this as experience and use what you’ve learned to better yourself professionally and include this on your resume!

Networking

Attending and networking through tech conferences and job fairs allows you to meet like-minded security professionals, strengthen business connections, and most importantly, build confidence. You’ll also be able to meet business leaders and recruiters who can offer career advice, support, and in some cases, opportunities to gain experience.

We also suggest using Meetup, a platform to find and build local communities with shared interests. Meetup can be used to meet professionals actively working in the cyber security industry and those seeking similar opportunities!

Discord

Similarly, Discord is another invaluable tool enabling you to discover and build connections with like-minded individuals. TryHackMe’s Discord Server is a dedicated community, with a channel for recruiters to post cyber security vacancies and opportunities, remote and in-person, with positions popping up worldwide.

With over 200,000 users in our Discord community, there are also many users you can reach out to for advice and support, including those featured in our user success stories!

Set up home labs

Arguably one of the most effective ways is to set up home labs by configuring VMs and practicing through there. We often find this is the first stage our community users go through when creating a room, and is a great way to gain practice as you configure, attack, or defend.

Setting up home labs is handy when you lack experience or qualifications in cyber, as it demonstrates that you can successfully implement independently. A classic example is setting up an Active Directory Lab with multiple computers connected to the network.

Contribute to open-source projects

Contributing to open-source projects can be a valuable and practical way to gain experience in cyber security.

Open-source projects often provide a real-world environment where you can gain hands-on experience. You can work on actual code, understand its structure, and see how security measures are implemented.

Actively contributing to open-source projects also gives you tangible evidence of your skills. It becomes a part of your portfolio, which can be showcased to potential employers or used in job applications. This is particularly important in a field like cyber security, where practical skills are highly valued.

Bug bounties

Bug bounties provide an excellent opportunity to gain practical cyber security experience while offering the potential for financial rewards.

Bug bounty programs allow you to test the security of real-world applications and systems, covering a wide range of technologies, including web applications, mobile apps, networks, and more. Participating in different programs allows you to gain exposure to various technologies and develop a broad skill set.

Successful bug hunters often gain recognition and reputation within the cyber security community. Building a profile with documented successful bug reports can enhance your credibility and open doors to other opportunities, such as job offers or collaborations.

And finally, many bug bounty programs offer financial rewards for valid vulnerability reports. While the primary motivation should be to enhance security, the potential for financial incentives can make bug bounties a rewarding way to gain experience!

Did you know? TryHackMe encourages and rewards responsible security bug discovering and disclosing. While we review every case-by-case report basis, we ask you to follow a few rules to ensure your bug qualifies! Learn more about our bug bounty program.

Continuous learning

Cyber security is a rapidly evolving field, so staying updated with the latest trends, vulnerabilities, and tools is crucial. Follow industry news, read blogs, attend webinars, and join forums to keep learning.

Gaining practical experience can be made fun and addictive with TryHackMe, through short, gamified, real-world labs and learning resources.

Our courses are suited to all - from the complete beginner through to the seasoned hacker - making learning engaging, entertaining, accessible, and affordable. TryHackMe’s real-world training prepares you for work responsibilities in the industry, achieving sought-after skills!

Validate your skills with SAL1

For those looking to prove their expertise and stand out in the cyber security field, the SAL1 (Security Analyst Level 1) Certification provides industry-recognised validation of your threat detection, investigation, and response skills. Designed for hands-on, practical learning, SAL1 ensures you have the core competencies needed to excel in a SOC environment and take the next step in your cyber security career.

authorBen Spring
Jan 25, 2024

Recommended

Get more insights, news, and assorted awesomeness around cyber training.

from-the-military-to-cloud-security-architect-how-steven-upshaw-used-tryhackme-to-reinvent-his-careerBlog • 3 min read

From the Military to Cloud Security Architect : How Steven Upshaw Used TryHackMe to Reinvent His Career

When Steven Upshaw retired from the U.S. military in 2021 after 25 years of service, he wasn’t sure what was next. What he did know was this: he still had the drive to serve, solve problems, and continuously grow.

how-tryhackmes-advanced-endpoint-investigations-learning-path-builds-the-cross-platform-expertise-modern-threats-demandBlog • 4 min read

How the Advanced Endpoint Investigation Learning path builds the cross-platform expertise modern threats demand

The Advanced Endpoint Investigations Path is a hands-on, lab-driven journey built to close the growing skill gap in digital forensics and incident response.

improving-incident-preparedness-with-tryhackmes-new-tabletop-exercises-ttx-productBlog • 4 min read

Improving incident preparedness with TryHackMe’s new tabletop exercises (TTX) product

We’ve launched a free TTX product that allows SOC and IR teams to create custom tabletop exercises within minutes. Organisations can use AI to tailor tabletop scenarios to their environment by providing details on their industry, common attack types, architecture and more.

Join over 640 organisations upskilling their
workforce with TryHackMe

TryHackMe for Business

We use cookies to ensure you get the best user experience. For more information contact us.

Read more