Comment by cushychicken
1 day ago
If you’re already a skilled programmer, I actually think cybersecurity is a pretty straightforward field to get in to.
The tradeoff is that you have to not mind:
1) relocating to the greater Washington DC metro area, and
2) getting a US security clearance,
Though this website really makes it seem like cybersecurity is all about the world of web apps and commercial tech companies, I would actually posit that the US DOD / Intelligence community is the largest customer of cybersecurity research in the US. (It’s dispersed through a big web of contracting firms, but the end client of most of these firms is one of a handful of agencies or military intelligence divisions.)
I say this as someone who works in the field: if you can code, and you can get cleared, you can probably find someone in the cybersecurity field who wants to hire you. The field is hungry for experienced talent. The fact that you’ve previously forward developed web apps is not a drawback - if anything, it’s an asset. Knowing how developers think is a great asset that most pentesters and reverse engineering focused people in the field lack.
Your focus in UX, user research, and design is a huge asset. There are tons of dogshit web apps that government agencies use for important national security purposes. Trust me on this.
Edit: expanding on the note about the "big web of contracting firms" - there are a ton of little DARPA / pentest / cyber research companies in the DC metro area that would kill for an experienced programmer with an interest in cybersecurity research. They don't pay nearly as much as FAANG, but there's also substantially less competition for those jobs, and (in NoVA/southern MD, anyway) tons of opportunities to jump ship to different teams with different work and better cultural fit, if you're interested.
If you don't want to move to the Washington DC metro area and alterantive weould be the Hampton Roads area in southeast VA which encompasses Va. Beach, Norfolk, Newport News, Hampton, and Chesapeake. There are multiple military installations, and more DoD and DoD adjacent jobs than you can shake a stick at.
Out of curiosity: Would someone with dual US/EU citizenship with, say, Sweden be able to get such a clearance without giving it up, or is that a dealbreaker?
You have to be a US citizen and not a citizen or permanent resident of any country that is embargoed for the project. The DOD embargoes run by project (at least where my wife works they manage it that way). You also have to file for permission to travel outside the US. It’s usually not an issue but will be denied if you are traveling to a country that is on the embargo list for the project you’re on.
I don't believe it would be a dealbreaker, but I don't know, as I am only a US citizen.
I think the level of scrutiny would be much higher if you were a dual citizen with a nation the US perceives as an adversary - i.e. Russia, China, Iran, North Korea.
It is a dealbreaker, I have dual citizenship and have been unable to get clearance even before I renewed my non US passport. For the USAF or companies doing private work. It's up to some fat fuck somewhere, his value system, his white knight ideology. Probably sitting at a desk deciding whether you can get paid or not. Maybe it is case by case basis depending on what intel they have on you. They will look underneath your socks too.
Meanwhile, most of the popular leaker cases have been US born US citizens. I wonder can they hire H1B's into these roles. I would be curious to find out.
not a deal breaker
What does cybersecurity pay for a novice ( but experienced programmer)? what about experienced personals?
Writing code in cybersecurity contexts is usually market competitive, with either a bump or penalty if you're working in sensitive contexts (Government contractors tend to have a bimodal distribution because they need some people desperately and also abuse people's patriotism to skimp on wages)
I have no idea what novice pay is like.
I'd happily tell you what I make personally as an EE with ~15 years experience if you were to contact me privately, but I don't really feel like posting that on the internet.
I’m a dual citizen and I could get rid of it if I need a clearance, but all the jobs I see require that you have one already