Hey folks! Sloan, DEV Moderator and mascot. I'm back with another question submitted by a DEV community member. 🦥
For those unfamiliar with the series, this is another installment of Sloan's Inbox. You all send in your questions, I ask them on your behalf anonymously, and the community leaves comments to offer advice. Whether it's career development, office politics, industry trends, or improving technical skills, we cover all sorts of topics here. If you want to send in a question or talking point to be shared anonymously via Sloan, that'd be great; just scroll down to the bottom of the post for details on how.
Let's see what's up this week...
Today's question is:
I'm early in my career and considering changing focus from web development to cybersecurity. I've been thinking about it because I'd like to get a secure job with a potential pay increase, and it seems to be a good way to differentiate myself from other devs. I'm just worried that I'm not going to enjoy it and that it could be a distraction. Does it sound like a good decision to explore cybersecurity? Likewise, has anybody made any similar moves before from web development to cybersecurity? If so, I'd really love to hear any advice you have.
Share your thoughts and let's help a fellow DEV member out! Remember to keep kind and stay classy. 💚
Want to submit a question for discussion or ask for advice? Visit Sloan's Inbox! You can choose to remain anonymous.
Top comments (4)
It makes sense as you're early in your career. But it will take time. Lot of time. So you probably better narrow the goal down to some specific area of cybersecurity. A good start would be to read something generic like Bug bounty bootcamp, or at least skim through the table of contents and see what resonates the most. As in software development, there a lot of specializations in cybersecurity. Then dive deeper to one of those. You're pretty legitimately "worried that I'm not going to enjoy it and that it could be a distraction", as cybersecurity can be very boring in some aspects. So this area requires decent dedication, probably much more than software development (as it quite fun and comparatively approachible).
But in the end, it's just work. You put hours in, you get the results. As with everything in life.
I think that changing the focus from webdev to cybersecurity is a good choice and, if you don't like/enjoy it, you can always go back to webdev but with a solid foundation about web security that will, for sure, help you build more robust websites and webapps.
My personal experience: I started as a developer and one day I discovered that cybersecurity was my passion, changed focus and no regrets! Development is a very valuable skill in cybersecurity as you understand how things are build and how they work so you can crack them or build better defences.
Remeber, IT is in constant change and nowadays everbody is concerned about security so it is frequent to find job offers that requieres both skills: dev and sec. I think it is a good choice and a good way to differenciate yourself from others!
As developers, we are usually not too involved in networking other than client-server (rest-API) connections and some deployment setups. I think the first step is to learn about Computer Networks.
This free resource may help, I think it's pretty good and comprehensive for starters (I'm learning here too).
Next, you can try CTF (e.g PicoCTF) and follow this roadmap
Don't need to rush, useful skills take time.
study and practice