r/SecurityCareerAdvice u/RefrigeratorIcy8277 21h ago

Feeling Lost About My Cybersecurity Career Path Looking for Advice

Hey everyone,

I’m feeling a bit confused about my career path right now and could really use some advice.

Here’s my background: I completed both a Diploma and a Bachelor's degree in Computer Engineering in India, with an Honors specialization in Cybersecurity. I’m currently pursuing a Master’s degree in Computer Science in Germany, focusing on Software Development.

The challenge is that my cybersecurity honors program was mostly theoretical, with very little hands-on experience. To bridge that gap, I’ve been working through online labs, courses, and practical training platforms such as TCM Security. However, I’m still unsure whether I’m learning the right things or following the best path to enter the cybersecurity field.

I’m also hesitant to apply for internships because I worry that I might be asked to do something I don’t know how to do yet. Since this would be my first professional cybersecurity role, I feel like I need more practical experience before applying.

My questions are:

  • Am I on the right track with what I’m currently learning?
  • What internship titles or entry-level security roles should I be searching for?
  • What cybersecurity projects could I build to gain practical experience before applying for internships?
  • I’m comfortable with Python and have some knowledge of Assembly language. How can I best leverage these skills in cybersecurity?
  • I would also greatly appreciate any recommendations for learning resources, labs, courses, or project ideas that helped you break into the field.

Thank you in advance for your advice and guidance!

2 Upvotes
  • permalink
  • reddit

100% Upvoted

6 comments sorted by

1

u/my_peen_is_clean 20h ago

apply for internships now, not later, that’s literally where you go to not know stuff and then learn it on the job. list your labs, tools and projects on the cv, even small ones. everyone’s faking confidence anyway and still gets ghosted because finding anything these days is pain

1

u/RefrigeratorIcy8277 18h ago

Fair point. I think I've been stuck in the "I need to learn more before I apply" loop for too long.

1

u/AddendumWorking9756 9h ago

Guided rooms get you going but you hit a ceiling where it feels like following a recipe instead of investigating. The jump hiring actually cares about is real artifacts, CyberDefenders has free investigations you can write up, and two solid writeups beat another cert for a transition like yours.

1

u/RefrigeratorIcy8277 1m ago

That’s really helpful, thank you. I’ve been doing mostly guided labs, so I’ll definitely look into CyberDefenders and start documenting my work with writeups. Appreciate the suggestion!

1

u/akornato 4h ago

You're on a solid track, and the fact that you're doing TCM Security labs and self-directed practical training puts you ahead of most people with purely academic backgrounds. Yes, keep going with what you're doing, but stop waiting until you feel "ready" to apply for internships, because that feeling never fully arrives and waiting for it is what keeps people stuck. The hesitation you have about not knowing everything is actually a sign you're taking this seriously, but employers hiring interns expect gaps in knowledge, that's the whole point of an internship. Search for titles like "Security Analyst Intern," "SOC Analyst Intern," "Penetration Testing Intern," or "Information Security Intern," and in Germany specifically, look for "Werkstudent IT Security" roles which are common and very accessible for Master's students. For projects, build a home lab using VirtualBox or VMware, practice setting up vulnerable machines from platforms like VulnHub or Hack The Box, and document everything on GitHub. Your Python skills are genuinely valuable here, so write your own basic port scanners, build simple exploit scripts, or automate log analysis tasks, because showing custom tooling in a portfolio signals real initiative.

Preparing thoroughly before your first cybersecurity interview matters more than having a perfect skill set, and going in with a clear story about your lab work, your projects, and what you're actively learning will carry a lot more weight than you might expect. Your Assembly knowledge is a niche differentiator, especially if you want to move toward malware analysis or reverse engineering, so lean into that angle when talking to interviewers. Be upfront that you're earlier in your practical journey, frame it as ongoing and intentional growth rather than a gap, and show curiosity about how the team operates. Cybersecurity hiring managers in the entry-level space are far more interested in candidates who can demonstrate a learning mindset and problem-solving process than ones who claim to know everything already. Apply now, keep building, and use the interview process itself as part of your education.

1

u/RefrigeratorIcy8277 2m ago

Thank you! I really appreciate you taking the time to write such a detailed response. It gave me a lot more confidence and clarity about how I should approach this moving forward. Thanks again for the encouragement!