10 Ways To Switch Over To Cybersecurity Career in Singapore

Posted by SGCS Admin, 26-06-2017

10 Ways To Switch Over To Cybersecurity Career in Singapore

In the last couple of years, we have heard and witness many cyber-attacks happening globally and also here in Singapore. The more recent attack would be the WannaCry Ransomware where there are a number of victims and that include shopping malls in Singapore.

As the cyber-attacks has become more sophisticated, are there enough cybersecurity professionals to deal with these attacks?

Singapore Government has been pushing out many initiatives to combat against cyber threats and local tertiary institutions has also introduce many cybersecurity-related courses to increase the pool of cybersecurity professionals here in Singapore.

The market shortage of cybersecurity professionals is on a global scale, not just in Singapore. Demand for cybersecurity professionals has been on the rise to fill in the shortages in many sectors in Singapore.

So, before we go into how you can switch over to cybersecurity career, you may have heard a lot about the cybersecurity industry such as high pay, demanding job, etc. We will address them so that you have a good glimpse of how the cybersecurity career is like.

First and foremost, this article is suitable for professionals who have little or no background in cybersecurity. For entrants who have educational background such as diploma or degree in cybersecurity-related discipline, you shouldn’t have any difficulties in pursuing a cybersecurity career but you can read this article to gain additional knowledge in attaining more relevant certifications and techniques to boost your career.

10 ways to switch over to cybersecurity career

1.    Take on new skill set in cybersecurity

We all need to learn from somewhere and it’s not that difficult if we know the right way to go about it. One easy option is through the course directory under Skills Future portal.

Course directory: https://courses.skillsfuture.sg/

All Singaporeans aged 25 and above will receive an opening credit of S$500 from January 2016. You can use your credit to pay or offset skills related course fees.

Enter in key words such as cyber security and search for all the courses under it. You will see that there’s plenty of cybersecurity related courses to choose from. The courses range from simple know-how cybersecurity lesson to diplomas and even degrees.

For a start depends on how deep you want to go, you may start off with simple basic cyber security short courses to get an understanding of what cybersecurity is all about before plunging into a more technical training.

You can also learn some basic cybersecurity short courses at the link below. These e-learning courses are free of charge and you can equip yourself with basic skills such as Password Security, Data Protection and so on.

e-Learning portal: https://elearning.sgcybersecurity.com/ 

When it comes to learning, there’s no end to it but do equip yourself with certifications and relevant skill sets as these are essential criteria which employers will consider during job application.

2.    Get professional certifications

Most cyber security professionals would have possessed certain skills such as techniques in performing vulnerability assessment, web penetration testing and code review. These skills are usually acquired through on-job-training as it would be difficult to master them in just one course.

Employers will look out for candidates who have acquired these relevant professional certifications as they are recognised internationally and candidates has proven themselves to have good knowledge about the various domains in cybersecurity.

There are various professional certifications/courses that one can take up. You can refer to the list below.

•         Certified Information Systems Auditor (CISA) – (link)

•         Certified Information Systems Security Professional (CISSP) – (link)

•         Certified in Risk and Information System Control (CRISC) – (link)

•         CompTIA Security+ – (link)

•         GIAC Web Application Penetration Tester (GWAPT) – (link)

•         GIAC Penetration Tester (GPEN) – (link)

•         Offensive Security Certified Professional (OSCP) – (link)

•         GIAC Assessing and Auditing Wireless Networks (GAWN) – (link)

•         EC-Council Certified Ethical Hacker (CEH) – (link)

•         CREST Registered Penetration Tester (CRT Pen) – (link)

•         Nanyang Polytechnic – Specialist Diploma in Information Security – (link)

•         Nanyang Polytechnic - Diploma in Cyber Security & Forensics – (link)

•         Temasek Polytechnic - Diploma in Cyber & Digital Security – (link)

•         Ngee Ann Polytechnic - Diploma in Information Security & Forensics – (link)

•         Republic Polytechnic - Diploma in Infocomm Security Management – (link)

Of course, we won’t encourage you to take up every one as you need those that are relevant to your job nature. For example, if you are interested to become an IT Auditor, you can take up certifications such as CISA. But if you are keen to become a Penetration Tester, you can consider CompTIA Security+, CEH, CRT Pen and so on.

One thing to note is that these courses doesn’t come cheap as the course alone can be in the hundreds or thousands, and the course fees is excluding the cost for certification exam. So if you are really serious about it, study hard and pass at the first attempt.

3.    Get to know people in the cybersecurity industry

Well needless to say, it would be the best if you personally know someone who is already working in the cybersecurity industry. He or she would be able to share their experiences with you.

You can always sign up to join cybersecurity events and seminars in Singapore. There are several key events which you may want to take note, for example RSA Conference, Interpol World and Blackhat Asia. These are prominent events which bring all the security professionals and companies unto one big platform to discuss the security trends and other interesting topics.

Take a look at the calendar of events here: https://www.sgcybersecurity.com/events 

If you are at the events, walk around the various participating booths and talk to them. These security vendors are able to share with you their products and services and who knows, they may be interested to hire you!

One pretty good avenue is through online forum where you get good advice from cybersecurity experts.

Forum: https://www.sgcybersecurity.com/forum 

Through the forum, you can post any questions that you have relating to cybersecurity and even career questions that you have. It’s a good opportunity to get good tips from professionals who are in the field, you will get a good gauge of how is it like working in the cybersecurity industry.

Who know, you could be lucky if so happen that someone in the forum is just looking for a headcount. They can easily refer you into their company, so be sure to have your CV ready by then!

4.    Understanding commonly used industry standards

There are several industry standards that’s being adopted by many companies around the world and understanding them well may prove to help you in your journey into the cybersecurity career.

Standards: https://www.sgcybersecurity.com/Resources/other-benchmark-reference

One of widely used standard would be the COBIT 5 Framework. It’s the leading framework for the governance and management of enterprise IT. Most companies especially the bigger ones make use of COBIT standard to manage their IT governance and for compliance purpose. Read up on it to give yourself an added advantage where you can demonstrate your understanding during an interview.

COBIT: https://cobitonline.isaca.org/ 

Another popular standard is the ISO/IEC 27001. This International Standard has been prepared to provide requirements for establishing, implementing, maintaining and continually improving an information security management system. ISO standard is not something new and has been adopted by many companies around the world for many years.

ISO Standard: https://www.iso.org/isoiec-27001-information-security.html 

The above two standards are widely used hence it will be beneficial for people who have zero knowledge or new entrants who have just graduated in cybersecurity discipline. Schools may not go in depth on such standards and would like to encourage those who are keen to sign up for courses on such standards.

5.    Cyber Security Associates and Technologists Programme

The Singapore Government very own Cyber Security Agency (CSA) has something for fresh ICT Professionals and mid-career professionals who are keen to pursue cybersecurity roles.

The Cyber Security Associates and Technologists (CSAT) Programme is a joint initiative by CSA and Info-communications Media Development Authority of Singapore (IMDA). By collaborating with companies which are CSAT Training Partners, the CSAT Programme trains and up-skills fresh ICT professionals and mid-career professionals for Cyber Security job roles. Trainees will have opportunities to undergo On-the-Job training programmes and participate in local and overseas attachments identified by the CSAT Training Partners. 

CSAT Programme: https://www.csa.gov.sg/programmes/csat

However, there are some eligibility criteria for this CSAT programme so be sure to read up more on the programmes and contact the training partners to find out more. This is one good avenue that you certainly don’t want to miss and the training partners can give you good advice on the next steps.

6.    NICF Cyber Security Professional Conversion Programme (PCP)

Professional Conversion Programmes (PCPs) are career conversion programmes targeted at Professionals, Managers, Executives and Technicians (PMETs), including mid-career switchers, to undergo skills conversion and move into new occupations or sectors that have good prospects and opportunities for progression.

Training provider COMAT provide training in the area of cybersecurity and you can go to the link below to find out more about this PCP.

Cyber Security Professional Conversion Programme (PCP): https://www.comat.com.sg/Highlights/NICFCyberSecurityProfessionalConversionProgramme(PCP).aspx 

There are some criteria and funding support which you need to take note as well.

7.    Serve in cyberdefence vocations during national service

This option would be a little special as this is something new and benefit those who are waiting to get enlisted to national service.

The new vocation is setup under SAF and NS cyber-defenders can expect to fulfil three key roles: Monitor critical networks and systems around the clock to detect anomalies and flag potential attacks; respond quickly to contain cyber-incidents and reduce their impact on regular network operations; and analyse data and detect patterns that may allow the SAF to better defend its networks against similar attacks in future.

According to the publication, some cyber-defenders who are doing National Service may also be deployed to support the Cyber Security Agency of Singapore (CSA) at the national level.

Those chosen, who will be assessed case-by-case, will need to have the relevant cyber-skills, experience and academic background. They could include employees from the cyber-security industry or be identified from activities such as local cyber-competitions and camps, and through rigorous selection tests. MINDEF will work with educational institutions to identify students who could serve in cyberdefence vocations when they do their national service.

For those who are still schooling, this is one way you can enter into the cybersecurity career.

Related links:



8.    Hone your IT knowledge day by day

For those who have little or no IT knowledge and keen to pursue in the cybersecurity career, you can start by honing your IT knowledge on a daily basis. You are not alone and there are always many ways to go about it.

If you know anyone from the IT department, get to know him or her and get to know what they do. Well, this is one way you can get to understand what IT is all about and the various applications and systems.

You can go the SANS website where they offer tons of reading material and you can get yourself trained as well.

SANS: https://www.sans.org/ 

There are just too many acronyms used in the world of cybersecurity, isn’t it? Well, it’s always good to know them well so that you won’t feel like an alien when the rest are using these acronyms to converse. There’s a long list of acronyms with its meaning that you can learn from below.

Acronyms to learn: https://www.sgcybersecurity.com/Resources/acronyms-in-cybersecurity

It’s always good to get yourself equipped with the right knowledge on cybersecurity, keep up to date with latest trends and technology.

Whether you are a business owner, cybersecurity professional or general user, you can find a whole suite of useful information from this resource library.

Resource library: https://www.sgcybersecurity.com/Resources/ 

You can test your knowledge with the Cyber Risk Assessment platform where this assessment help individuals to better evaluate the level of understanding towards cyber security.

Cyber Risk Assessment: https://www.sgcybersecurity.com/cyber-risk-assessment

Again, the key word here is to keep learning. You must find the passion in learning all about cybersecurity and focus on arming yourself with the right skills and knowledge.

9.    Professional development programmes under TechSkills Accelerator (TeSA)

TeSA is an initiative launched by the Singapore Government in Budget 2016, aims to address both issues in skills and infocomm manpower shortage in the ICT sector.

There are various development programmes so it’s under good avenue where you can find cybersecurity related courses where there’s classroom style and online learning.

Take a look at these sites and contact the providers directly:



10. Keep knocking and trying

As the cybersecurity sector is blooming, it shouldn’t be difficult for one to enter into this sector but you need to be equipped with the right skills and knowledge. Often employers may be choosy because of the certain traits that they are looking for in a security professional. So, if they are looking for a penetration tester, they are looking for one who have certain number years of experience in the specific domain and professional certifications.

Keep knocking on the doors of the various options above and try them out. If you possess the right attitude and necessary skills, you are on your way to the cybersecurity career.

You may wish to drop your CV/Resume unto our job portal and visit the job listing page for available cybersecurity jobs. The security companies will contact you personally if they find your profile suitable for the job role.

Cybersecurity Jobs: https://www.sgcybersecurity.com/jobs

Entering into the cybersecurity sector is not the end of the story, it will be challenging yet fulfilling. Protecting company’s asset be it online of offline is important and as a cybersecurity professional, your mission is to implement whatever you have learnt into practice in ensuring a secured environment for all.

Last but not least, we wish all those who are chasing your dreams and passion to becoming a cybersecurity professional all the best. We hope by sharing this article will help you broaden your perspective in getting to your career needs.

Last edited: 26 June 2017