We teamed up with Dallas-Fort Worth’s Cecil the CISO to offer our 10 best tips for cybersecurity job seekers.

Check them out, along with Cecil’s personal journey navigating the world of cybersecurity in the midst of a pandemic.


Cecil’s 10 Best “Career Continuity” Tips for Cybersecurity Jobseekers

The pandemic has affected all of us a little differently, but one thing that’s true: suddenly, Business Continuity is sexy!

I used to lead an organization’s disaster recovery (DR) and business continuity (BC) initiatives. At any time, business continuity and disaster recovery are considered critical components of an organization’s business preparedness. But in a lot of cases, they don’t get enough resources to support them properly. Until this pandemic.

The importance of DR and BC becomes much clearer in times like these. In the past few weeks, we’ve seen which organizations were prepared for this and which weren’t. For the most prepared, it took a matter of hours to adjust to the changing IT landscape caused by the pandemic. For the least prepared, things did not go so smoothly.

Some changes in my own life have got me thinking: In theory, we should apply continuity principles to our careers the same way we do our businesses.


I found myself looking for a job at the worst possible time. April 1, 2020, was not the best day to embark on a new adventure. With the coronavirus hanging over our heads and everyone on extended lockdown, it was probably the worst time to make a big career move.

For many years, finding work wasn’t a problem for me. I prioritize keeping up my professional relationships and always make sure to meet new people and stay open to new opportunities. So, usually, I have a few offers to choose from when I decide it’s the right time.

But times are different, now. No one really anticipated the magnitude of COVID’s effect on every aspect of our lives.

As I scroll through my LinkedIn and Twitter feeds, I see more and more cybersecurity professionals are losing their jobs and looking for opportunities. My message inbox is similar – friends, former co-workers, and colleagues looking for work. A few days ago, even hacker extraordinaire Chris Roberts posted on LinkedIn that he is also on his next adventure. We are living through very strange times.

In the first 24 hours of my adventure to the unknown, I was focused on processing what had happened and worrying about what was next. To be honest, I was worried about my wife. She’s always been my advisor throughout my career (dictator would be too much! 😉). She told me a couple of times in the past few months that I needed to chart out my next move – whatever it would look like.

But, I didn’t exactly listen. So, when I parted ways with my company on April 1, I was caught feeling a little under-prepared. And for the first time in a long time, I was actually very worried.

Over the last 15 years, I’ve been very fortunate to have made good friends, made my former bosses very happy, and connected with other cybersecurity companies (frenemies?) as well as a lot of influential people.

So, on my last day, I announced my news on LinkedIn and since then, I’ve never been so busy in my life. Between all the messages and phone calls, I’ve felt very supported. I’m very grateful to have relationships with friends, customers, cybersecurity companies, and recruiters. The best parts are those calls from clients thanking me and validating the work I’ve done for them.

Having something definite lined up before you leave your current role is Plan A, and that’s always the goal. But it’s important to have a Plan B.

That’s where your career continuity plan swings into action.

As I’m working through this transition myself, I’ve thought a lot about what makes “career continuity plans” successful. So, I’ve partnered with Brightwing (a recruiting firm with deep roots in the DFW IT community) to put together some advice for cybersecurity job seekers.

It’s tough to find a job right now. But it is not impossible.

A lot of companies are still in need of cyber skills. Take a look at the usual job boards – Linkedin Jobs and Indeed – as well as jobs posted on specialty recruiting firms’ websites like Brightwing’s – and you’ll see there are still plenty of cybersecurity and data privacy jobs. Not the same volume of jobs as a few months ago and probably more competing candidates – but there are plenty of reasons to get excited at all the opportunity.

So here’s our best advice:

  1. Reach Out to Recruiters and Hiring Managers – Staffing agencies like Brightwing are still helping dozens of companies to fill open positions. Because the best recruiters do all the work of qualifying candidates before submitting them to the employer, your resume will be one of just a few the employer needs to review. Your odds of being interviewed are far better when you’re one of three highly qualified candidates, as opposed to one in a sea of thousands of resumes (which is what you are when you apply on a job board).
  2. Master the techniques for outstanding video interviewing. These tips will help.
  3. Ask the right questions. Here’s an example: It’s common practice in interviews to ask candidates where they see themselves in 5 years. Why not ask hiring managers what their 5-year strategy is? What kind of team will they need to accomplish those goals? What kind of skills will they rely on? Equipped with the long term vision, you can understand and show how you’re the right person not only for now, but also for the future.
  4. Make sure your interview follow-up packs a punch. Thoughtful interview follow-up is critical. As leaders and their teams are forced to adapt to rapid changes, hiring processes may slow down. Make the decision to hire you easier by showing in no uncertain terms that they need what you bring to the table. Draw a connection between a specific problem your interviewer is facing and similar problems you have helped solve in the past.
  5. Continue to network, and consider cultivating your personal brand. Getting yourself out there digitally will stand-in for the usual in-person networking events you might attend. Ask yourself – what information or perspective can I offer that: a) I know more about than most other people, and; b) is helpful to my audience.
  6. Carve out a daily routine for yourself. Looking for a job full time can be deflating. Add in the fact that we’re under quarantine, and your spirits can deteriorate fast. So, choose a time to get up every morning and stick to it. Devote a chunk of your day to networking. Another chunk to the job search itself. And always make sure to do something that feels rewarding to you. Which leads to the next piece of advice…
  7. Reinvent Yourself and Expand your Capabilities – Most organizations today prefer to hire well-rounded security professionals rather than just specialists. There are plenty of free (and paid) online sites for non-technical and technical courses such as:
    • Technical Writing – link here
    • Introduction to Machine Learning – link here
    • Open-Source Threat Intelligence – link here
    • Introduction to Penetration Testing – link here
    • Introduction to Digital Forensics -link here
    • Executive Communications – link here
    • Critical Thinking and Problem Solving – link here
    • Kali Linux Security – Download book here
    • Building your Virtual Security Lab – Video from Charles Weissenborn here
  8. Get Certified! – This is a good time to focus on getting that CISSP or CISM. While at home and seeking new opportunities, why not study for any of the highly sought-after certs? Here are some of the certification programs I highly recommend:
    • CISSP – This is still the premier certification for cybersecurity professionals. Whether you’re entry-level (there’s a minimum experience required) or an aspiring CISO, this is the cert to get. Learn more here.
    • CISM – This certification is geared towards security professionals aspiring to be future leaders, This focuses on GRC and information security program management. Learn more here.
    • CIPP – IAPP offers a variety of data privacy certifications that is geared towards different compliance requirements as well as technical and program-level certifications. Learn more here.
    • GIAC – More than 30 cybersecurity certifications align with SANS training and ensure mastery in critical, specialized InfoSec domains. Learn more here.
  9. Be Creative – Want to get noticed? Consider posting a video or some of your sample work. Check this out.
  10. Be patient. Good things take time.



So, to my fellow cybersecurity job seekers, be patient, expand your skillsets and there will be light at the end of the tunnel.

As for my Plan B? It’s getting very close and while I’m getting there….I’m learning new things and being patient 🙂

Good luck to all of us!



Written by CeciltheCISO in partnership with Brightwing.

contact us:

talk to a brightwing recruiter