Interview: Naomi Buckwalter and the “Dirt …
Imagine it: you’re a wide-eyed cybersecurity graduate, feeling like you’ve got the world at your feet. You’ve spent hours pouring over books, completing that capstone project, and finally, with degree-in-hand, you’re ready for the “real world” you’ve been working so hard to join.
But you begin to check out job listings for “entry level” positions in your field of choice, and they’re shockingly hard to come by. An “assistant” role that requires three- to four-years of experience? “Does college count?” you’d wonder.
Unpaid internships are an option, but there are student loan bills that are starting to rack up interest.
After a few months of getting stood-up after the few interviews you get, working outside your chosen field becomes more and more of a possibility.
It’s not hard to picture, because so many of us have been there. And while it’s often lamented anecdotally, Cybersecurity Expert Naomi Buckwalter put some actual data behind it. It’s now empirically true: entry-level jobs require years of experience that entry-level candidate have not yet gotten.
After a LinkedIn deep-dive on so-called entry-level cybersecurity jobs, Buckwalter was able to shed light on a growing problem in the industry. By pulling 1,000 job listings from the professional networking site, Buckwalter parsed the descriptions for phrases like “years of experience” and found the dirty truth: there are no “true” entry-level jobs.
“I crunched some of the numbers, and it was eye-opening to me,” Buckwalter said. “You can not get experience without getting a job.”
This is frustrating for someone like Buckwalter, who got her start in cybersecurity and rose through the ranks to her current title of Chief Information Security Officer — the top of the field — while still considered to be very young compared to her colleagues. Her start was as a software developer, who found her passion after taking a course in hacking.
“I had finally found my purpose in life; I fell in love with it,” she said. She continued to focus on learning, and took opportunities as they came, with the help of some open-minded employers who wanted her success as much as she did. “Name it, I’ve done it. I just keep learning.”
Her passion extends to finding opportunities and offering mentorship for newly minted cybersecurity grads and job hopefuls. The solution to the skills gap, Buckwalter says, is in education and thoughtful mentorship.
“Every person is different. I think I would find a mentor to really make it personal, not try to create a course for everyone, but for that person and what they want to do. Then, create a curriculum just for them,” she said. “[Many organizations] are not seeing people for the human that they are, they’re just seeing them as a means to an end. We’re not just workers and automatons — we’re human beings.”
Social media is Buckwalter’s medium-of-choice for getting the message out, for a focus on training to ensure a successful industry… even if that means ruffling a few feathers from time to time. “Let’s just tell the truth … I need people to be cynical and question things,” she said. “I wish more of us would challenge each other as an industry.”
Gaps in the industry are becoming incredibly pervasive — including with emerging technologies like artificial intelligence, Buckwalter said.
“We need to find a better way to get people into cybersecurity. We need to get the talent in and then train them,” she said. “I’m trying to scream into the void: train up the people!”
Follow Naomi Buckwalter on LinkedIn to see her insights of the cybersecurity industry first-hand.
Recent news posts
State, Local, Federal Cybersecurity Executives Confer On 2022 Threats, Attack Landscape
Your Weekly DHS/CISA Threat Assessment (September 14)
Assistant to the Special Agent in Charge at USSS-DHS Leads Keynote Presentation in Philadelphia
CISA Insights: Risk Considerations for Managed Service Provider Customers
Your Weekly DHS/CISA Threat Assessment (September 3)
Attend an Event!
Connect and collaborate with fellow security innovators at our Virtual Cybersecurity Summits.