4 ways that ChatGPT can boost your cybersecurity career

ChatGPT can be a gamer changer in helping you up-skill your cybersecurity career

Two topics have dominated the news in 2023 .. One is the rise of AI and the second are the tech layoffs which have impacted nearly every sector

Some of these jobs might not even come back due to AI potentially automating them !

Instead of cursing AI and pretending it doesn't exist why not use it to help you in your cybersecurity career

Most of the articles I see around ChatGPT by Cybersecurity professionals are unfortunately more about weaponizing it or using it to create exploits , code reviews etc. and miss out on its other usage

As someone who coaches a lot of people to help them in their cybersecurity career, I tried experimenting to see how much ChatGPT can help with your cybersecurity career

The results were impressive to say the least !

If used properly ChatGPT can help you with nearly every stage of a job application

Lets see it in action

1- LinkedIn + CV optimization for Cybersecurity jobs

Most of the CVs and profiles I see when people apply for cybersecurity jobs are lacking to say the least

Your LinkedIn Profile or CV is the first thing that creates an impression in front of hiring managers and hence must convey your strengths and skills properly

But lets be honest .. NOBODY likes rewriting CVs so why not take ChatGPT’s help with it.

Let us take a look at this professional summary:

SUMMARY
· Cyber Security Engineer with good experience in Implementation, Administration, Operation and Troubleshooting of enterprise data networks.
· Establish a strong GRC (Governance, Risk and Compliance) practice to ensure adherence to best practice, regulatory requirements and ISO 27001.
· Experience in planning, developing, implementing, monitoring and updating security programs, and advanced technical information security solutions, and sound knowledge and understanding of compliance and standards.
· Facilitate implementations of information security policies, account security policies and standards for logical and physical security.
· Perform Risk Assessment, Gap analysis & create a Risk Mitigation plan.
· Good experience to provide remediation consultation to organizations and system owners, ensuring vulnerabilities are remediated NIST and Cyber Threat Intelligence research.
· Modernise assessment tools by researching emerging technologies and outlining their procurement to increase productivity and effectiveness.

While not bad .. it can become quite boring to read bullet points one after another.

Provide this to ChatGPT and ask it to “Can you optimize this professional summary from my CV for cybersecurity jobs highlighting my achievements and skills”

Lets see the results below

SUMMARY

Seasoned Cybersecurity Engineer with extensive experience in implementing, administrating, and troubleshooting enterprise data networks. Demonstrated proficiency in establishing robust GRC (Governance, Risk, and Compliance) practices, aligning with ISO 27001 and other regulatory requirements.

Notable achievements include:

    Expertise in crafting, implementing, and updating advanced technical information security solutions and programs, backed by comprehensive understanding of industry compliance standards.
    Led information security policy implementations, ensuring both logical and physical security. Skilled in account security policy enforcement.
    Proven track record in conducting in-depth Risk Assessments, Gap Analyses, and creating effective Risk Mitigation plans.
    Successfully provided remediation consultation to various organizations, ensuring vulnerabilities are addressed in accordance with NIST and Cyber Threat Intelligence research.
    Pioneered the modernization of assessment tools, leveraging emerging technologies to enhance productivity and effectiveness.

Excelling in a team-oriented environment, I am well-versed in proactive collaboration and solution-oriented problem-solving to ensure a secure and reliable information system infrastructure.

I hope you can note the difference !

You can use this for your whole CV and LinkedIn .. just make sure the experience it mentions is actually reflective of what you do !

2- Prepping for an Interview

The next step is preparing for an interview which is another area that ChatGPT can shine provided you use it correctly

Instead of getting generic answers for a position .. try to focus the prompt and make it give you more detailed answers

Assuming you have been asked to interview for a cloud security interview position you can ask it to provide you answers in the popular STAR (Situation, Task, Action, Result format) :

I am preparing for a cloud security engineer position.  Provide me the top interview questions and the answers in the STAR format 

Let us take a look at a few of the responses

Question 1: Tell me about a time when you had to handle a security breach in a cloud environment.

S: In my previous role as a Cybersecurity Analyst at XYZ Corporation, we had an incident where one of our cloud-based databases had been breached.

T: My task was to work with my team to quickly isolate the problem, mitigate the damage, and identify how the breach occurred.

A: I initiated our incident response protocol and collaborated with my team to isolate the affected systems, preventing further intrusion. Simultaneously, I began to analyze the breach, identifying it was due to an unpatched vulnerability. After addressing the immediate issue, I initiated an audit of other systems to ensure they didn't have the same vulnerability.

R: We were able to stop the breach quickly, with minimal data loss. Following this incident, I led a company-wide review of our patch management process and implemented automatic updates to prevent such incidents in the future.


Question 2: Can you describe a time when you had to explain a complex security issue to a non-technical team member or stakeholder?

S: At my last job, a major security update needed to be applied to our cloud systems that would require significant downtime during business hours.

T: My responsibility was to explain the necessity of this update to our non-technical stakeholders, emphasizing the potential risks if we did not proceed.

A: I prepared a presentation that broke down the problem into simpler terms. I used analogies and straightforward diagrams to explain the security vulnerability and the potential impact it could have on our business.

R: The stakeholders understood the urgency and the necessity of the security update. They appreciated my clear communication and agreed to the planned downtime, and we successfully applied the update with minimal impact on business operations.

Customize the answers to your specific experience and use them to prepare for an interview.

You can even provide it the job description and use it to further optimize the answers it gives !

3 —Prepping for a Certification

Another great way ChatGPT can help you with provide you with a detailed study plan keeping in mind your unique circumstances and schedule

Assume that you are preparing for the Certificate of Cloud Security Knowledge (CCSK) certification AND have a full time job on your hands

I am preparing for the CCSK certification which is in one month. I have zero knowledge of cloud security and a full time job.  Can you propose a training plan for me. I have around an hour each day to study:

Let us see what type of plan it gives out. The response is too big to put here so truncating it

Source: ChatGPT

Again you can further refine but as someone who has made similar plans for people .. this is great stuff !

4 - Creating a Cybersecurity Career plan

Lastly you can even use it as a type of career coach for your cybersecurity career and ask it for a future career plan.

Try to be as specific as possible when asking for a career path and share what your goals are.

I used this as a sample prompt:

You are a cybersecurity careers adviser. Your task is to help me move from a technical security analyst role to a cybersecurity manager one. My goal is to move to a more senior role where I can manage a team and have more responsibility. I have done the CEH certification. Let me know how I can move to this role and the resources I need to study. Please provide me the links for any resources you provide

This is the complete response it provided

Transitioning from a technical role like a Security Analyst to a managerial role in Cybersecurity can be a rewarding move. It not only offers more responsibility and team management, but also often comes with a higher salary. Here are some steps you can take to help you move into a Cybersecurity Manager role:


1. Obtain Relevant Certifications:

As a current CEH (Certified Ethical Hacker), you have a good technical foundation. To move into a managerial role, you might want to consider certifications that focus more on governance, risk, and strategy. Here are some recommended certifications:

    CISSP (Certified Information Systems Security Professional): This certification is often considered a must-have for security management roles. It covers a broad range of topics such as Security and Risk Management, Asset Security, Security Architecture and Engineering, etc. You can find more information here.

    CISM (Certified Information Security Manager): This is a globally recognized certification focusing on the management and governance of information security. More information can be found here.

    CRISC (Certified in Risk and Information Systems Control): This certification is for professionals whose job includes identifying and managing risks through the development, implementation, and maintenance of information systems controls. You can find more information here.


2. Improve Soft Skills:

In managerial roles, soft skills such as communication, leadership, and strategic thinking are crucial. You'll be leading a team and interacting with other departments regularly, so you need to be able to effectively communicate and align your team's work with business objectives. You can improve these skills through workshops, online courses, and practice in your current role.


3. Gain Exposure to Management Tasks:

If possible, get involved in project management or team leadership tasks in your current role. This will give you valuable experience in managing resources, making strategic decisions, and leading a team.


4. Networking:

Networking can open up opportunities for advancement. Attend industry events, join professional organizations, and connect with peers and superiors both inside and outside your current company.


5. Continuing Education:

Consider furthering your education with a degree or courses in cybersecurity management. Programs like an MBA with a focus on Information Systems or a Master's in Cybersecurity Management could be beneficial. Many institutions offer online programs that can be completed while working.

Remember, this is a journey that requires planning, commitment, and continuous learning. Best of luck on your career advancement!

I even asked it to expand upon certain points like 4. networking and the advice it gave was surprisingly practical

Source:ChatGPT

There you have it . I hope this helps you see ChatGPT in a new light and as something that can do more than just help you in operational security tasks. It can act as a mini-career coach and give you good advice on your career. Wishing you all the best !