One of the main obstacles that prevent people from getting into cybersecurity is the lack of programming skills. The ability to read and write computer code can be a very difficult task, and the lack of coding skills can stop people from even considering a career in any type of IT field. However, the reality is that you don’t need to know how to write code in order to get a job in cybersecurity.
Lauren Boas Hayes, a Senior Consultant at Deloitte who focuses on cyber threat intelligence and analytics, recently wrote in New America that coding skills are not necessary for a lot of cybersecurity jobs.
The majority of people I’ve met in this industry have not been required to write a single line of code as part of the cybersecurity job. Even fewer have connected to a remote device to stop an active attack. Rather, security professionals often possess a combination of knowledge across the following areas: security tools, project management, regulatory framework, process development, and technology architecture.
It’s important to know that the cybersecurity industry is HUGE. There are a lot of different types of jobs within cybersecurity. To be clear, there are jobs that require programming experience. Penetration testers, also know as ethical hackers, need to know how to code their own scripts. But Hayes lists many types of security teams that do not require programming experience.
These types of jobs include:
- Cyber Threat Intelligence
- Incident Response
- Network Defense
- Security Risk Assessment
- Security Audit
- Vulnerability and Patch Management
This isn’t to say that learning to code isn’t a useful skill to learn. Knowing how to write a script in Python or learning how SQL queries work will clearly help you in your cybersecurity career. (That is why we highly recommend Pluralsight as a training option. You can take courses on cybersecurity, programming, database administration, and others for one monthly price.) But your lack of coding skills should not stop you from starting a new career in cybersecurity.
“In many ways, what united security professionals is not a shared hard skill – like coding – but a security mindset that enables them to critically test an organization, process, or toll and to understand how it can be exploited,” writes Hayes. “This is a mindset that can be learned.”