Breaking Into Cybersecurity: Essential Tips for Newbies

Welcome to this episode of Razorwire, where my guest, Stefania Chaplin, and I jump into the topic of cybersecurity for newbies.

Starting a new career in any industry can be a baptism of fire, but there are definitely certain things that can help you in cybersecurity. Today, we explore the key skills all good cyber recruits should be aware of as well as what constitutes a good security mindset. We highlight three key takeaways from the podcast that will be valuable for not only new recruits, but all cybersecurity professionals.  

We discuss the importance of effective communication with different audiences and how to gain buy-in from team members when implementing security policies.  

We also cover the changing landscape of work in the cybersecurity field, the importance of resilience and positivity in the face of rejection, and the potential consequences of losing credibility in the industry.  

We talk about the benefits of gaining experience and expertise in different areas of cybersecurity and the broad range of roles available beyond technical positions. Tune in to this episode to gain valuable insights and enhance your skills in the field of cybersecurity. 

I really struggled with it when I started out in my career as a young woman in IT. I was so hesitant and reluctant to make a mistake or to put myself out there because I'm like, but if I put myself out there and then I get it wrong, like my credibility is destroyed. 

Stefania Chaplin 

 

Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listen 

 

In this episode, we covered the following topics: 

 

• Tips for Security Newbies - Discussing tips for those new to the infosec space, including what to watch out for and what you need to know to progress. 

 

• Stefania's Journey into Cybersecurity – Stefania tells us about how she fell into the cybersecurity field and how she knew it was for her. 

 

• Importance of Communication Skills in Cybersecurity – How to improve your communication skills and use them effectively with different teams/levels within the organisation.  

 

• Understanding Psychology - we discuss the importance of understanding psychology in cybersecurity, including personality types, power dynamics, and how to spot who has the power in a room. 

 

• Baby Steps: Advice for those new to cybersecurity, including the benefits of taking baby steps, finding bug bounty programmes and learning from your colleagues. 

 

• How important are certifications? We discuss the pros and cons of certifications vs personal skills, along with identifying your motivations for pursuing certifications, such as for a specific skill or knowledge. 

 

• Dealing with rejection - we share some tips for dealing with rejection in the job search process. 

 

• Using LinkedIn to Find a Job - Sharing experience of using LinkedIn to get jobs and build a network in cybersecurity, emphasising the importance of being professional and engaging with industry leaders. 

 

• Engaging Developers and IT Professionals: - We share some tips for engaging developers and IT professionals in cybersecurity projects. 

 

• Credibility within the industry – Stefania shares her experience of struggling with credibility as a young woman in the industry and the importance of coaching. 

 

• Non-technical aspects of security – finally, we talk about the importance of non-technical aspects of security, including as finance and policy, and recommending that newbies stay non-specialised for the first five years of their career. 

 

 

 

GUEST BIOS 

 

Stefania Chaplin 

Stefania’s (aka @DevStefOps) experience as a Solutions Architect within DevSecOps, Security Awareness and Software Supply Chain Management means she's helped countless organisations understand and implement security throughout their SDLC. As a python developer at heart, Stefania enjoys optimising and improving operational efficiency by scripting and automating processes and creating integrations. She is a member of OWASP DevSlop, hosting their technical shows. When not at a computer, Stefania enjoys surfing, yoga and looking after all her tropical plants.  

 

Resources Mentioned 

 

ISO 27001 auditor cert and CISSP or preferably a CISM 

AWS Solutions Architect Associate cert  

Certificate for Ethical Hacking (CH)  

 

 

Other episodes you'll enjoy 

 

Trust & Culture as Cornerstones of Cybersecurity with Paul Dwyer 

https://www.razorthorn.com/trust-culture-as-cornerstones-of-cyber-security-with-paul-dwyer/ 

 

Women in Cybersecurity 

https://www.razorthorn.com/women-in-cyber-security-razorwire-podcast/ 

 

Connect with your host James Rees 

 

Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cybersecurity professionals who dedicate their careers to making a hacker’s life that much more difficult. 

Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cybersecurity – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights. 

With new episodes every other Wednesday, Razorwire is a podcast for cybersecurity enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers. 

For more information about us or if you have any questions you would like us to discuss email [email protected]. 

If you need consultation, visit www.razorthorn.com, We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion. 

 

Linkedin: Razorthorn Security 

Youtube: Razorthorn Security 

Twitter:  @RazorThornLTD 

Website: www.razorthorn.com 

 

Loved this episode? Leave us a review and rating here

All rights reserved. © Razorthorn Security LTD 2025

This podcast uses the following third-party services for analysis:

OP3 - https://op3.dev/privacy