Goals for Your Cybersecurity Career Path: Setting New Year's Resolutions

Setting New Year’s resolutions and goals is a great way to start the year off right. In addition to your personal goals for the year, consider adding a few professional goals to enhance your cybersecurity career path.

Cybersecurity professionals should take time to think about what they want their career path to look like over the next year, five years, and even ten years! Cybersecurity job growth will continue to rise at an exponential rate, so you must be prepared for where the industry is going and where you want your career to grow.

In the new year, it’s always a natural time where we stop for a bit and reflect on our goals for the upcoming year. Cybersecurity is a field that changes rapidly, so you must continuously learn and keep up with the latest trends. The need for professional growth in cybersecurity has never been more critical, and setting SMART goals is crucial for success.

The purpose of this article is to give you some ideas for setting your own new year’s resolutions for your cybersecurity career path so you will be successful in achieving them!

Setting SMART Goals for your
Cybersecurity Career Path

Using the SMART goals framework is a great way to write your goals for your cybersecurity career path. Cybersecurity professionals should always aim to set professional growth goals that are Specific, Measurable, Achievable, Relevant, and Time-bound.

Specific: What do you want your career path in cybersecurity to be? What particular skills do you want to learn this year? The more specific you are, the better!

Some examples might be:

• I want to learn how to use Kali Linux
• I want to learn how to conduct a penetration test
• I want to earn my OSCP
• I want to learn how to detect attacks

Measurable: How will you know if you have achieved your goal? Can you track and measure your progress along the way? You should write your goals in a way that you can quickly check the box and say, “Yes, I completed this goal.”

For example, simply stating your goal is to learn how to use Kali Linux is not measurable. There are many different levels of knowledge in using Kali. You might rephrase this as:

• I will work through the documentation on https://www.kali.org/docs/ to feel more confident in my Kali skills.

Writing this goal in a measurable way allows you to determine whether or not you completed it. Did you go through all the docs on Kali.org? Yes or no? Do you feel more confident in your skills? Yes or no?

Achievable: Make sure your goals are possible in the timeframe you desire (more about that below.) Cybersecurity is a vast field with many aspects, and it can be very easy to try to do too much in a short period. Is your goal realistically achievable?
Whatever goals you set, make sure you’re thinking about other obligations, family, work, an upcoming wedding, or other major life events.

Set the bar high for yourself, but not so high that you’ll never achieve your goals. Only you know what you can achieve given your other obligations in life.

Relevant: Your goals should always be relevant to your desired cybersecurity career path. What do you want to achieve? What will help you move forward in your career?

For example, if you’re interested in moving into a cyber defense role, you might set some goals like:

• I will sign up for the Offensive Security SOC-200 course by January 31.
• I will earn the OSDA by August 1.
• In March, I will conduct three informational interviews with people already working in cyber defense.

Time-bound: By when do you want to achieve your goal? Give yourself a hard deadline! Setting a deadline to your goal is where some people might get too aggressive, and suddenly your goal is no longer achievable! Be realistic about your time and then create a plan to get the work done.

Some example SMART goals are:

• I will complete the Penetration Testing with Kali course by October 31
• I will take the OSCP exam by November 30

These are specific, measurable, achievable, relevant, and time-bound. You know precisely what you’re expecting of yourself, and you can “check the box” that you’ve completed your goal on time.

Goals to Accelerate Your
Cybersecurity Career Path

Now that we’ve discussed how to set achievable goals, let’s look at some specific new year’s resolutions and goals related to your particular cybersecurity career path.

Join a cybersecurity professional organization

Cybersecurity organizations provide many benefits for their members, including educational opportunities, job resources, and networking events. Professional organizations can also help keep you up-to-date on your specific industry’s latest news and trends.

Many cybersecurity professional organizations also offer in-person or virtual conferences packed with information, training sessions, and networking opportunities. Cybersecurity professional organizations can give you access to some of the best minds in the field who are sharing their knowledge through keynotes, breakout sessions, panel discussions, webinars, and more.

Cybersecurity organizations provide sponsorships to help local community chapters operate their conferences/meetups. CFP Time is a website that lists security conferences from across the globe.

Notable security conferences include:

• B-Sides
• Women in CyberSecurity (WiCys)
• Black Hat
• DEF CON

Example SMART goals:

• I will join XYZ professional organization by April 1.
• I will attend at least two networking events XYZ organization offers by November 30.

Attend a new cybersecurity conference

Why not attend a cybersecurity conference that you’ve never participated in before in the new year? Conferences are a great way to continue learning about the industry, meet other professionals, and find new professional opportunities aligned with your cybersecurity career path.

There are the big international cybersecurity conferences and some small, more local conferences. A great way to find some of the smaller conferences is to set up a Google Alert for “cybersecurity conference” and your location (or whatever area you’d like to attend) to stay up-to-date on what’s coming up in the near future.

Example SMART goals:

• In June, I will attend the ABC cybersecurity conference to find new professional opportunities.
• I will attend at least one new cybersecurity conference by December 31.

Take on a cybersecurity project at work

If you’re already working in the cybersecurity field, consider taking on a new project at work that stretches you beyond your current skill level. Maybe you currently work on cyber defense and want to try your hand at penetration testing. Perhaps you are interested in taking on the role of an incident responder for a project. Whatever it is, make sure that the project is challenging and will help improve your skills.

Example SMART goals:

• I will offer to support at least three cybersecurity projects that will stretch my current skillset by December 31.
• I will tell at least three people on my direct leadership team that I am interested in pursuing more projects in incident response by April 1.

Look for a cybersecurity internship

If you don’t already work in the cybersecurity field, consider getting an internship as the start of your cybersecurity career path. Internships provide the time and space for learning on the job as you work with experienced professionals, give you an idea of the kinds of challenges and opportunities available in the cybersecurity field, and are a great way to network and build connections with hiring managers and recruiters.

Example SMART goals:

• I will apply for ten cybersecurity internships by February 1.
• I will set my Linkedin page to “open for work” by January 15.
• I will reach out to three companies a week inquiring about cybersecurity internships until I secure an opportunity.

Volunteer

By volunteering your cybersecurity expertise, you’ll have an opportunity to hone your skills and build your resume. Cybersecurity is everywhere; therefore, there are many opportunities to volunteer. You could volunteer at your local school to teach kids about online safety, provide a workshop at your local library to teach your community about phishing and malware, or find a summer STEM camp to show kids how to set up Kali on a Raspberry Pi! Many non-profits are also in need of your expertise to help protect their organizations.

There are many different ways to volunteer and help those around you while building your cybersecurity career path as a new or seasoned professional. Volunteer today!

Example SMART goals:

• I will contact my public library about offering free workshops by March 15.
• I will contact my child’s school to offer a 1-hour class about online safety by October 15.

Update your LinkedIn Page

Whether you’re a new or seasoned cybersecurity professional, the new year is a great time to update your Linkedin page. Make sure to include your current job title, the company you work for, your skills, and your experiences. Some cybersecurity professionals prefer to keep employment information a bit more private, so you could omit your employer and make your job title/duties a little more general. You may also want to list any cybersecurity-related courses or certifications you have obtained or are currently pursuing.

If you are open to work, make sure to turn this setting on in your Linkedin profile so recruiters can find you more easily.

In addition to updating your profile, look around for companies and experts in the industry that you can follow. Following cybersecurity experts can help you stay up to date with cyber happenings while building connections with those who may help you find your next project or task.

Example SMART goals:

• I will revamp my Linkedin page by February 15.
• I will create my Linkedin page and connect with ten other cybersecurity professionals by June 30.

Join a local cybersecurity meetup

Cybersecurity meetups are an excellent opportunity to learn from your peers and connect with professionals in the field. Meetups can range from beginner-level discussions about staying safe online to more advanced talks on the latest malware threats. You can find cybersecurity meetups in most major cities; do a quick Google search for “cybersecurity meetup” and your location to see what’s available in your area.

If there isn’t one in your area, consider starting your own!

Example SMART goals:

• I will attend one local cybersecurity meetup by April 1.
• I will create a cybersecurity meetup for my local community and hold its first meeting by June 1.

Participate in an online cybersecurity community

Cybersecurity professionals should take advantage of the various online communities and discussion forums to expand their knowledge and stay on top of the latest cyber threats. Online communities are also a great way to network with people worldwide with similar interests.

Example SMART goals:

• I will join the official Offensive Security discord by February 1.
• I will participate in one of the Offensive Security office hours by March 1.

Earn a new cybersecurity certification or certificate

Cybersecurity certifications are another great way to build up your resume and show potential employers that you are serious about your career in cybersecurity. As you plan out your cybersecurity career path, think about the training and certifications needed to get you to your goal.

Cybersecurity certifications can range from entry-level to more advanced and sometimes take a year of studying. Cybersecurity certs are also great for staying relevant in the field as technology changes quickly!

Example SMART goals:

• I will take the OSCP exam by November 1.
• I will take the OSWE exam by March 1.

Take online cybersecurity courses to stay ahead of the curve

Once you have set your specific goals, it’s essential to create a plan to achieve them. Cybersecurity professionals should always aim to have a learning plan in place to continue their professional growth. The best way to learn is by doing, so try and find opportunities to apply your new skills.

The OffSec Training Library is a subscription-based learning platform for entry-level and seasoned cybersecurity professionals. Are you looking to start your security journey? Begin with the 100-level fundamental content. A Learn subscription is also ideal for those looking to work through advanced 300-level courses.

Example SMART goals:

• I will sign up for the PEN-200 course offered by Offensive Security by March 1.
• I will complete the PEN-200 course offered by Offensive Security by November.

Read at least one book on cybersecurity each month

Cybersecurity professionals should read various books to learn new perspectives, strategies, and techniques in their field. Reading cybersecurity books will help develop new skills that you can use in your day-to-day work. Cybersecurity professionals can set a goal to read at least one book each month. Some of our recommendations:

• Black Hat Python 2nd Edition
• Attacking Network Protocols
• Kali Linux Revealed
• The Hacker Playbook 3

A great way to tackle this goal is to make a list of the twelve cybersecurity-related books you want to read this year and plan out which books you’ll read each month. Books take longer to publish than blog posts, so they aren’t the best for up-to-date technical details but are good for learning other perspectives on cybersecurity. Not enough time to sit down and read? Try out an audiobook while you’re in the car, out for a walk, or at the grocery store.

Example SMART goals:

• I will go to the library and get a library card by April 1.
• I will read XYZ’s book in January.

Listen to cybersecurity podcasts to learn more about advancing your career

Cybersecurity podcasts are a great way to keep up with what’s happening in your field and learn from experts! Podcasts can also help you learn about different areas of cybersecurity that you may not be familiar with and provide excellent career advice. You can easily download podcasts from Apple Podcasts, Google Podcasts, and Spotify. YouTube is another great place to find good cybersecurity podcasts and other educational content.

Example SMART goals:

• I will listen to the Official Offensive Security Podcast while hiking this year.
• I will try at least three new cybersecurity podcasts by July 1.

Learning a new programming language this year

Many cybersecurity careers do not involve the need to know a programming language, but many jobs do. Software developers who specialize in secure programming are highly sought-after by employers. Cybersecurity professionals can set a goal to learn a new programming language in the new year. Try out a few languages, pick one, and take a deep dive to learn the language as well as secure coding best practices for that particular language.

There are hundreds of different programming languages to choose from, so try a few and find one that piques your interest!

The following are the programming languages we suggest:

• Bash
• Python
• PowerShell
• C++
• If you want to take it to the next level, golang (Go)

Example SMART goals:

• I will read at least one book on secure programming practices in Java by July 1.
• I will complete at least ten Python tutorials by July 1.

Career-Pathing with OffSec Certs

Next Steps

Offensive Security wishes everyone a happy and prosperous new year! These are just a few suggestions on how you can set goals for your career. Cybersecurity is an exciting and growing field, so make sure that you take the time to invest in yourself and your future.

As you’re crafting your new year’s resolutions related to your cybersecurity career path, take a look at some of Offensive Security’s online cybersecurity training courses. The courses are an excellent way to learn new techniques and increase your knowledge in the field, and set yourself apart! Contact us today!

Community

Connect with others who are already OffSec certified, or on their journey in the OffSec community Discord.

You can also keep up to date with us by signing up to be an OffSec Insider, or follow our social media:

---

About the Author

Dr. Heather Monthie is a leader in Cybersecurity and IT education dedicated to developing workforce-ready professionals for the future. With a diverse background in education, leadership, and technology, she has worked with various businesses and educational institutions to develop successful cybersecurity education programs. She has served in various leadership roles within organizations that are committed to cybersecurity and STEM workforce development. She currently serves as the Head of Cybersecurity Training, Education, and Innovation at Offensive Security.