Hopefully, my tips and anecdotes will you to decide to spend time in the security industry and give you some advice to get the most of your time.
To Placement or not To Placement
University is a very traditional method of learning, you learn theory, and you can learn an isolated skill in practical classes. But combining these learned skills & theory with time constraints and other pressures of a corporate environment is something that only occurs in the workplace, meaning there will always be a learning curve when you first start working in the cybersecurity industry.
Doing a placement role will get you through that learning curve before graduating, as well as giving you 12 months experience over other graduates applying to the same roles as you. Placement experience could be the clincher between you and another candidate that didn’t do a placement.
You may have an area of interest in which you want to work, by doing a placement you get a test drive of what could be a future career, giving you a chance to make sure that area is somewhere you want to work in.
Finding & Applying
Now that you’ve decided to do a placement, where do you look to find one? Some of the places I searched when finding placement opportunities are:
- Usual graduate/job search sites (Indeed/Glassdoor/Gradcracker)
- Networking with exibitors & attendeed at conferences
- LinkedIn (if you don’t have a profile, make one now!)
- Speculative applications (applying to a business that’s not explicitly advertising)
Remember that Glassdoor also has reviews of companies by people who’ve worked there, it’s worth checking them out for any listing you’re interested in.
Now you just send in your CV, right?
You could just yeet your CV to any recuitment email you find, but your chances of being successful are very low. Instead, read the job description and person specification and tailor your cover letter and CV to them. For example, if a listing mentions Python, be sure to point out a module you’ve completed in Python, or some other experience you’ve had with the language.
I can’t offer much advice on speculative applications, since I didn’t submit any during my hunt. But it would be beneficial to identify the team/role you’re interested in working with, and what skills you possess that you believe would be relevant. Also, make sure you send your application to the right person, use LinkedIn to identify the recruiter for your region or manager of the team you want to join and email your application to them.
Subject to Change
Remember that not all companies recruit in the same fashion. The steps in the recruitment will vary as will the order in which you’ll undertake them. It’s ok to ask your contact at the company what the process will be, it shows your actively interested not just spamming applications, and will help you to prepare for the rest of the process.
You’ll need to be prepared for:
- Telephone/video interviews (used just to confirm your eligility & find out about you)
- Technical interviews (sometimes an computer based test or problem solving in front of an interviewer)
- Assessment Centres (these may include group assessments, technical tests, and face to face interviews)
Interviews are a 2-way street, you get to ask your prospective employer questions too. Working for a company should benefit both you and the company. If it’s been more than say a fortnight without hearing about the next steps, follow up with your contact and find out what the situation is. If you’re unsuccessful, keep your head up and find a new listing to apply for, but don’t forget to ask for some feedback as to why you were removed.
My recruitment experience with my placement employer was mostly straightforward, except for having to follow up a couple of times before and after my initial interview. This was the only interview I had for this role, as some time later I got an offer. Before getting the offer, I was revising knowledge that was mentioned in the job spec for a possible technical test/interview.
Day 1-n - Your time at work
NERVES
When you first start your going to be nervous, that’s normal and you’ll soon settle in. Take the time to get to know your colleagues on your team and in your office, find out what their role is or ask about what they’re working on. You have a great opportunity to ask questions and learn from these people, so take advantage of them (a little bit).
The Learning Curve
If you have not worked in any cybersecurity role before, naturally there’s going to be a learning curve. Your boss should allow for this, and give you the time to understand and get the hang of what your learning before setting you loose on something live or Service Level Agreement (SLA) bound. As my boss told me in the first month “You’re here to learn as well as do, as long as you’re doing one of those then I’m happy”. I struggled to get the hang of one of the first processes I was learning as it involved using Curl in a way I wasn’t used to. I was given reassurance that this was ok and got some help along the way. Once I had mastered the process, I was able to complete live items successfully.
Get Your Hands Dirty
Don’t be afraid to get involved in things, if you see a project that you’re interested in but haven’t been asked to contribute to, ask the person leading that project or your boss if you can get involved. I was able to contribute to 3 projects: a Capture The Flag (CTF) for training/skills development for the Security Operations Centre (SOC), an event that was organised to encourage local university students to apply for next years placement program, and a company contribution to a cyber skills competition.
Make a Record
The whole time that you’re working, be sure to keep track of what you’ve learned and things you’ve achieved, this will be a valuable resource for you to refer to in future as to what your time in this role can bring to a future graduate role, as well as to avoid a feeling of imposter syndrome during or after your placement. My university required me to keep a weekly log of things I had been doing, and while I initially thought this to be a waste of time, I’m now glad that I did it because otherwise, I’d have likely forgotten a lot of the things I’d done/achieved.
Training Training Training
Many teams will have a budget to be spent on training and development, don’t think that just because you’re a placement student that you’re exempt from this. If there’s a course or a certification that could benefit you, ask your manager about it. Often you’ll be able to use some time at work to study for it, and your employer may even pay for you to take the exam. Why not do it? It’s free knowledge!
A Note on Working from Home
Generally, placements don’t involve working from home, as most employers (along with your college/university) will want & expect you to be in a supported learning environment during your placement. However, if you’re applying for placements around the time the post goes live then you’ll likely be working from home. I spent the final 4 months of my placement working from home after a lockdown was introduced in the UK, so here’s a few tips learnt during my time being productive from home.
Regarding equipment, if there’s things that you need such as a monitor, keyboard, or laptop dock mention it to your IT or HR team. You may be able to either expence the purchase of these items or get equipment issued to you by your employer. I was issued a monitor and a laptop dock from the office when we ‘evacuated’, and these were returned to the office when I left the company.
Get yourself an ‘office’, it doesn’t necessarily need to be a room entirely to yourself, but try to place your computer at a desk or table that you aren’t using for any other purpose. And get yourself a decent desk chair, your back will thank you for it. While your at it, speak to those you live with to remind them that when you’re at your desk your ‘in the office’ and must not be disturbed. In my case, I took over the dining table in my flat.
Make use of comms, what platform is used to communicate in your firm, make use of it for both work-related communication and social chats. Create a ‘water cooler’ voice or text chat where you and others can chat casually when on your breaks or when there’s not much doing.
When the End Comes
Finishing my placement during the Coronavirus situation was not a very high note, and I hope that the end of your placement will be better. Make sure to take time to celebrate your achievement. You’ve earned it!
Before you leave, give your contact details to either your boss or your recruiter along with your expected graduation date. You never know, you might have an opportunity to return and already having a relationship with other employees should give you a step up. Connect with co-workers on LinkedIn as well, even if they move on elsewhere, you’ll be able to find other jobs with their new employer.
TL;DR - Do it
Even if your university doesn’t offer a sandwich option as part of the course, you can easily take a year out to do a placement of your own volition, and I would recommend doing it. In my opinion, a 12-month placement is worth considerably more than 12 months of your time. If you’re able to do one, do it, you won’t regret it.
]]>
