How?
If we divide it in smaller steps, it makes it less threatening and more achievable.
Research
Look up the job titles that interest you in the fields within cybersecurity, and pick one. You can look up Henry Jiang's map to help you in your research. Then look up people online (YouTube, LinkedIn, X...) who work that job. You will collect data on the relevant university programs, certifications, learning platforms, tools, concepts... that these people have listed on their profiles. Also, look up the job offers on the market linked to your desired title and see what they're looking for. You will then have a clear idea of what you need to do to get there.
Planning
You will divide the work that needs to be done in smaller steps and track it. Ex. Learn the basics, go to college if you want, learn on your own, share your knowledge online (blog, YouTube, TikTok... ), get a certification if needed.
Do the work
Complete what's on your list, learn what you have to on your own, go to school for it if you feel the need to, get a certification if you want to, start a blog to share your knowledge, do some hacking, do some bug bounty, learn how to use a SIEM, how to read logs, learn about forensics, how firewalls work... Don't overdo it, look for what you need to get a job and the rest you can study while you work your first job in cybersecurity to further your career.
Resume
You will work on your resume. It's suggested to keep it to one page. Your university might have a department for helping students with their resumes and job interviews, you can reach out to your local job center or research it online. You need to keep only what's relevant to tech/cybersec or can help. Let's say you did customer service for 3 years, you can mention it without listing the specifics. Add your :
diplomas (post-secondary);
certifications;
the learning platforms you used as an autodidact, small descriptions of your projects with a link (ex. blog post about a lab you set up and hacked, a tool you wrote with Python, etc.);
awards (if any);
skills;
past jobs (keep it short and clear for the responsibilities);
interests (keep it related to cybersecurity, ex. CTFs, setting up labs, learning to use new tools, coding, etc.);
languages (you can write and speak in).
Your resume should be adapted to each job offer, to include certain keywords. Some people have suggested using ChatGPT to help adjust their resume to the offer.
List of employers
Now that you are ready to enter the job market. It will be helpful to add a list of potential employers to a spreadsheet to keep track of the process. Copy and paste the job offers into a document and identify them, it'll help you for the interview. You'll need to research companies and look for job offers. What I do is also look at the list of partners of local cybersecurity events and add them to my list. Here's a list of job sites. I suggest applying directly on the company website, usually the offer on a job site is usually linked to the offer on their website. You also need to network. You can attend events, participate in CTFs, join Discord servers, be active on LinkedIn and other social media platforms...
Job interviews
To prepare for an interview, you can search online for "interview questions for JOB TITLE" and go over the job offer. Learn about the company, their values, mission, and what they do. You can then simulate an interview on ChatGPT and then ask about your weaknesses and strengths so that you can work on them. You need to show your resourcefulness, and please, if you do not know the answer to a technical question, don't make things up. You can also take time to think about your answer. You can say that you'll research it, ask someone who might know... Write it down so that you can learn about it in time for your next interviews and if you're called for a second round.
You can read this page by polycyber. You can translate it to English from your web browser on Chrome. It gives advice on how to start your career in cybersecurity. Pentesterlab also has a good article on how to land your first pentest job.
Here's a blog entry on HackTheBox advising you on how to become a cybersecurity analyst, and another with 5 paths you can pick from.
Last updated