Transitioning From General IT to Cybersecurity


Updated October 5, 2023

Transitioning to cybersecurity from general IT is a big step. Explore our guide to make sure you're on the right track for success. is an advertising-supported site. Featured or trusted partner programs and all school search, finder, or match results are for schools that compensate us. This compensation does not influence our school rankings, resource guides, or other editorially-independent information published on this site.

Are you ready to discover your college program?

Credit: Elizaveta Starkova / Moment / Getty Images

Cybersecurity has emerged as one of the most in-demand fields in tech. It attracts established information technology (IT) professionals seeking new career challenges. Cybersecurity's diverse job opportunities often draw tech-savvy IT generalists.

A 2023 CompTIA data analysis noted that tech occupation employment is still on the rise. Remote cybersecurity specialist postings are up over 500 positions since December.

Meanwhile, Cybersecurity Ventures predicts there will be 3.5 million cybersecurity job openings globally by 2025.

In their 2022 cybersecurity workforce study, (ISC)2 estimates the global cybersecurity workforce sits at 4.7 million people — the most they've ever recorded.

Tech professionals wondering how to get into cybersecurity from general IT can choose from multiple career paths. This guide reviews common cybersecurity retraining options.

How Do Careers in IT Differ From Careers in Cybersecurity?

Careers in IT and cybersecurity overlap in certain ways. IT professionals routinely perform system configuration and administration, database management, networking, and coding. Cybersecurity specialists also use these foundational skills.

Some consider cybersecurity as a specialized subfield within IT security. However, the focus and objective differ between the two fields. This is true even when considering IT from a security standpoint.

A 2022 (ISC)2 report estimates the cybersecurity work force sits at 4.7 million people.

IT security involves comprehensive plans to cover all forms of data and information an organization generates. This includes both online and offline assets. Cybersecurity focuses on protecting data and information accessible through the internet. This field's goal is to neutralize external (and internal) threats that originate online.

As such, cybersecurity experts need a more targeted and specialized skill set. IT professionals can acquire these skills through a combination of education and experience, as the following sections describe.

Top Online CyberSecurity Programs

Explore programs of your interests with the high-quality standards and flexibility you need to take your career to the next level.

Cybersecurity Education Requirements

Aspiring cybersecurity professionals often pursue degrees. An associate degree is the minimum education requirement for most entry-level positions. For roles with advancement potential, employers generally prefer candidates with at least a bachelor's degree.

To transition from IT to cybersecurity, you may want to consider earning a master's. This is especially true if you already hold a bachelor's degree in computer science or a related subject. Completing a specialized master's degree in cybersecurity can help you stand out to employers.

While most experts agree that an undergraduate or graduate degree will boost your employability, you have other options. Some examples include self-training, security certifications, and cybersecurity bootcamps.

Cybersecurity bootcamps offer intensive, targeted education that focuses on building specific in-demand skills. Some of these skills are difficult to learn. Students with IT backgrounds generally have the foundational knowledge required to succeed at fast-paced technical learning.

If you opt for self-training, experts stress that you should back it up with professional certifications to validate your skills.

Explore the links below to learn more about cybersecurity education requirements. These pages offer information about self-training, bootcamps, and degree programs.

Cybersecurity Experience Requirements

Yet, the cybersecurity job crunch suggests that employers are desperate for skilled professionals. Given the industry landscape, trends seem to favor job-seekers. Some employers may be flexible on experience requirements.

(ISC)2 reports there is a "worldwide gap" of 3.4 million cybersecurity professionals. The field is growing. The millions of cybersecurity workers currently in it are not enough to meet (ISC)2's projected global demand.

That said, it is difficult to land even an entry-level cybersecurity job with no experience. Professionals switching from IT careers to cybersecurity may have an advantage in this regard. Employers are often willing to consider general IT experience as relevant, especially for roles that draw on comparable technical proficiencies.

Certain cybersecurity roles tend to require lower levels of experience. Examples include security auditors, penetration testers, and incident responders.

For more senior roles, candidates need significant cybersecurity experience. Examples of these positions include security engineers, security systems administrators, and cybersecurity managers.

Pay typically rises with experience. Roles with more responsibility also tend to offer higher salaries.

Top Online CyberSecurity Programs

Explore programs of your interests with the high-quality standards and flexibility you need to take your career to the next level.

Required Cybersecurity Certifications

Some employers prefer or require particular security certifications. Even when fully optional, industry-standard certifications can bolster a job-seeker's resume.

If you are wondering how to get into cybersecurity from IT, certification offers an efficient path. This is especially true if you already have a relevant degree and significant experience as an IT generalist. In such cases, enhancing your credentials with cybersecurity skill endorsements may help you stand out to employers.

Numerous professional organizations and leading tech companies offer standardized certification programs. Some allow candidates to take exams leading directly to certification. Others require test-takers to complete a prep course or training module first.

Technology changes fast, and cybersecurity best practices change with it. Thus, many credentials carry recertification requirements. Additional training or professional development may be necessary for recertification.

Once you know the cybersecurity job you want to pursue, identify relevant certifications and seek out reputable providers.

How to Get Into Cybersecurity After Working in IT

Transitioning from IT to cybersecurity should build on existing professional experience. Generalist IT roles establish fundamental skills for cybersecurity professionals. In many cases, making a successful switch is a matter of refining specific skills.

However, job-seekers with no professional tech experience may benefit from landing a "starter job" in IT first.

Tech industry insiders often encourage cybersecurity candidates to identify a focus area, at least to start. You can think of this focus as a short-term, transitional goal to help you land your first cybersecurity job. You can then continue to build and diversify your skills.

Preparing for Your New Career

The paths detailed below cover typical steps for those transitioning from general IT to cybersecurity. These steps explain how to get into cybersecurity both with and without significant professional experience.

    Transitioning from Careers in IT to Cybersecurity with Professional Experience

    Note that these steps assume the candidate has relevant educational experience as well.

  1. Identify specific cybersecurity skills.
    Target a cybersecurity role that matches your interests and is attainable to someone at your education and experience level. Create a list of specific technical skills needed to succeed in that role.
  2. Take personal inventory.
    Audit your skill set. Assess how your current skills stack up against those required of professionals in your targeted role.
  3. Bridge and fill the gaps.
    Create a plan for addressing any shortcomings between your current skills and those you will need as a cybersecurity expert. Then, follow the plan. It may include upgrading your degree, attending a cybersecurity bootcamp, or undertaking self-directed training.
  4. Obtain cybersecurity certifications.
    Validate your upgraded skills by earning a relevant certification (or certifications).

    Transitioning from IT to Cybersecurity with No Professional Experience

  1. Educate yourself.
    Degree-based education builds complete and comprehensive skills. However, a degree takes several years to complete. Consider and research introductory coding bootcamps for a faster option.
  2. Gain professional experience.
    Graduate into an entry-level general IT job. Examples include roles in programming; technical support; and system, web, or network administration.
  3. Target a cybersecurity role.
    Identify a particular cybersecurity job that interests you, and determine which hard skills it demands. Then, chart a forward course using the rest of the steps listed above as your guide.

Top Online CyberSecurity Programs

Explore programs of your interests with the high-quality standards and flexibility you need to take your career to the next level.

Finding Cybersecurity Jobs

Technology education providers typically offer some form of career training or job search support. This includes both diploma- and degree-granting institutions, plus bootcamps. Many institutions partner with companies looking to hire their graduates. If you completed education as part of your retraining plan, draw on these services if available.

You can also network with other students and working cybersecurity specialists, join professional organizations, and apply to internships. Work-study and internship programs sometimes lead to permanent full-time job opportunities. Many professional organizations maintain job boards for their members.

Open-access online job boards are important resources for cybersecurity job-seekers. These four resources tend to feature high volumes of open cybersecurity jobs: This job board concentrates on ethical hacking, penetration testing, threat research, cryptography, and other cybersecurity roles. Job-seekers can contact employers directly without going through third-party services. forms an integral part of the Careers In Group. This extensive job network aggregates listings and categorizes them by specialization. On, job-seekers can find nationwide employment listings for a complete list of tech professions. Cybersecurity is well represented on the specialized site.

NinjaJobs: This community-operated tech employment site was purpose-built by working infosec professionals. Its listings maintain a sole focus on cybersecurity jobs.

Internship and Volunteer Opportunities

Volunteer and internship programs may offer value to established IT professionals looking to enter the cybersecurity field. These opportunities help workers build skills and learn from others in dynamic, real-world settings.

Both public and private organizations offer cybersecurity internships. Examples from recognizable providers include:

If you are in school, check with your education provider as well. Many schools offer internship programs and student placement opportunities.

Should You Transition From IT to Cybersecurity?

Professionals often switch from IT careers to cybersecurity because they want a new and exciting challenge. Industry insiders characterize cybersecurity as a dynamic field with significant task variation. This can appeal to tech professionals seeking high-impact ways to apply their skills.

However, candidates should maintain realistic expectations about cybersecurity. Many professionals describe it as a high-stress field. A 2021 survey found that more than half (51%) of cybersecurity professionals say they lose sleep over work-related worries. Research also reports high rates of burnout among cybersecurity experts.

High stress tolerance may serve your future cybersecurity career. However, if you do not perform well under pressure, you may want to think twice about pursuing cybersecurity. This can be a demanding, high-stakes career.

Additional Resources


A Guide for Women in Cybersecurity

Learn More

Cybersecurity Resources and Organizations for Underrepresented Populations

Learn More

Cybersecurity Scholarships for Military and Veterans

Learn More

Scholarships for LGBTQIA+ Cybersecurity Students

Learn More

Most Diverse Cybersecurity Programs

Learn More

Cybersecurity vs. Computer Science Degree Programs

Learn More

FAQ's About How to Get Into Cybersecurity

How do I get into cybersecurity with no experience?

The field can be challenging for inexperienced candidates. Credentials validating essential skills can help you land an entry-level role to start.

Is it easy to transition from IT to cybersecurity?

For most, it's a smooth transition. Many of the core skills used by IT generalists also apply in cybersecurity roles. Experienced IT professionals often have a relatively direct path to cybersecurity jobs. Some people choose to supplement their existing credentials with cybersecurity certifications.

Are careers in cybersecurity better than careers in IT?

Industry insiders and tech reporters continue to stress strong demand for professionals with advanced cybersecurity skills. However, cybersecurity is generally considered more stressful than IT. The question of which path is "better" depends on your personal preferences.

Do cybersecurity jobs pay as well as IT jobs?

This depends on relative levels of responsibility. For example, a senior IT manager may out-earn an entry-level cybersecurity worker. At equal seniority and experience levels, pay rates are generally comparable. Senior cybersecurity jobs pay very high salaries relative to IT roles.

Recommended Reading

View hand-picked degree programs

Tell us what you’d like to specialize in, and discover which schools offer a degree program that can help you make an impact on the world.