The Ultimate Guide To Becoming A Cybersecurity Freelancer
Become your boss with your Cybersecurity Skills!
It is not a secret that we are living in rather unprecedented times.
The tough job market + the AI monster seems to be a deadly combination
Tech jobs, seemingly once immune to job losses, have become extremely vulnerable with layoffs happening left and right.
Cybersecurity is also no exception.
While every company needs to secure its business, that does not mean it cannot outsource or strip down its existing cybersecurity function.
Giants like Proofpoint, Splunk,Okta have announced cutting back on their cybersecurity spending .. something that was unthinkable a few years back
At the same time, this new world has opened up the potential for each person to become a one-person business.
Do not wait for your employer to make your job redundant, but look at other means of monetizing your cybersecurity skills.
This is where Cybersecurity freelancing can become a great career choice
It can also be a great cushion if you are affected by layoffs!
In this simple guide, I go over how I would recommend people new to freelancing start on this journey
STEP 1 — Focus On Identifying Your Niche
Do not be generic in freelancing
The title “Cybersecurity Freelancer” means nothing
The riches are in the niches, goes the old saying
Find out what you are good at first
Is it Cloud Security? Penetration Testing? PCI DSS audits ??
Decide on what skills you feel people will be willing to pay you off, as that will guide you in future decisions
Along with this... I would STRONGLY recommend learning the following skills, which a LOT of freelancers neglect to their loss:
Copywriting
Sales and marketing.
Building an audience via content creation on social media
The above skills and your technical cybersecurity knowledge can be an amazing combination!
There is no need to invest in costly training or workshops when most of the stuff is already free on YouTube.
The trick is to get started!
STEP 2 — Establish Your Authority In Your Niche
No one will hire your services if no one knows about you
Gone are the days when creating a website and optimizing it for SEO was enough
Start leveraging the skills you learned earlier and sharing your expertise on LinkedIn or X (Twitter)
I would recommend LinkedIn as it is more focused and less “noisy” than X (Twitter)
Writing LinkedIn Posts or Starting a LinkedIn Newsletter are both great ways to start
You can check out the earlier stuff I wrote about this:
Share valuable content about your expertise that establishes you as an expert in this field
This will build you an audience that you will be able to leverage later on
As a freelancer, you are your own marketing department.
Make sure to put a link on your LinkedIn profile that allows people to contact you if needed
This will also help to narrow in on what services people are interested in and let you pivot if needed
3 — Leverage Existing Freelancing Platforms
Audience building is sloooow work
It does not happen overnight
That does not mean you cannot start freelancing right away, though
Create your profile on platforms like Fiverr and Upwork
Spending 15 minutes daily reaching out to people on Upwork who have posted gigs relevant to your skills
Fiverr is a bit more difficult as you cannot start Cybersecurity freelancing until you are in their Fiverr Pro program, which requires approval
Your goal at this point is not to make money but to get testimonials and reviews
Social proof is a powerful way to attract future customers
Keep these testimonials handy for the future !
4 — Time To Scale Up
After some time, you should have some testimonials + a portfolio of completed projects.
You can honestly continue as-is if you are enjoying yourself
If you feel like you are consistently making enough money to replace your 9 to 5, you need to do the following:
Take a good, hard look at your income and see if you can sustain yourself for the inevitable dry seasons that will happen. ( at least six months' salary should be there! )
Create a way for customers to reach you outside LinkedIn. Invest in a simple website that should 1) show your work + testimonials and 2) Allow customers to contact you. Websites like Carrd give a great, cheap way to create simple but stunning websites.
Revamp your LinkedIn headline, banner, and featured section and optimize them for your Freelancer profile. Put your new skillset front and center! Your LinkedIn profile can honestly become the best funnel for your Freelancing business
That’s it, honestly
We are entering a brave new world where AI is changing how people work, and tech jobs are no longer the haven they used to be
The steps I outlined give you a rough roadmap to get started, but today is the best time if you feel that your skills are good enough.
Good luck on your journey!
Good post, just one thing to point out - individuals can’t do PCI DSS audits. To be a QSA, you must be employed by a QSA company as an employee, not a freelancer.
You can, however, consult in the space - helping companies prep for their annual PCI DSS audits, implementing controls and remediations, or even assisting with a self-assessment if they are eligible.
If someone is looking to go into that niche, it’s highly recommended that they obtain the only PCI SSC certification that is portable - the PCI Professional (PCIP) certification. Along with two industry certifications, the CISSP and CISA.