Red teaming

12 min read

4 of the best entry-level cybersecurity jobs for aspiring hackers

The HTB community and team weigh in on four entry-level jobs for aspiring cybersecurity professionals and ethical hackers.

ltnbob avatar

Jul 11

With millions of unfilled positions worldwide the demand for cybersecurity professionals continues to grow. If you’re a beginner interested in getting a foothold in the industry, where should you start? 

When we polled 11,498 members of the community on LinkedIn about the best entry-level cybersecurity jobs, SOC analyst, system administrator, and IT support roles received the most votes. 

linkedin poll on best entry level cyber jobs

After polling the community, we followed up with Hack The Box (HTB) staff and friends to get their insights on these entry-level cybersecurity jobs for beginners early on in their careers. 

Where should I start? 

It depends on the kind of beginner you are. 

Someone starting with zero IT knowledge will have a different journey from someone who’s completed cybersecurity certifications like HTB CTPS, participated in CTFs, and demonstrated real skills through a platform like HTB. 

A way to identify your starting point is to use the following ESE framework (experience, skills, and end goal) to assess your current skills and experience against your cybersecurity career goals: 

  • Experience: Your current level of experience with IT-related tasks.

    For example, have you built, supported, or administered a network? Do you have any experience working in IT environments?

  • Skills: Your practical skills, certifications, and overall domain knowledge.

    This could range from academic degrees to practical certifications from a trusted upskilling platform like HTB. 

  • End goal: Your short and long-term goals for your career in cybersecurity.

    Let’s say your long-term goal is to become a penetration tester, but you don’t have the required skills and experience. You might set a mid-term goal of working in an entry-level SOC analyst role to build your foundational skills first, and then transition into a penetration testing/offensive role over the long term. 

ese framework for choosing an entry-level cyber job

With that said, let’s look at what many of the experts, content developers, leaders, and friends of HTB have to say about the best entry-level cybersecurity jobs

I’ll also share my own answers to the “where do I start?" question, which I’ve received a lot as an IT and cybersecurity instructor and researcher. 

💡Note: There are many entry points into cybersecurity depending on where you want to go and what your starting point is. The insights below are based on the unique experiences of contributors.

1.  IT support specialist

If you are an absolute beginner, I recommend you work as an IT support specialist for at least six months and apply security to what you do every day. 

Develop a security mindset while you intentionally strengthen your foundations and continually work through challenges on HTB Labs and the HTB Academy (this will certainly accelerate the growth process). 

I personally believe you’ll be better prepared to serve and secure people and organizations if you start in a support role; it helps you develop an intimate understanding of how information technologies support business functions. 

My first job in the IT industry was as an IT Support Specialist and Backup and Disaster Recovery Manager (BDR) for a service provider serving hundreds of business clients with all their IT and cybersecurity needs. 

Some of my responsibilities were: remote IT support, server support, network design and administration, incident response (mostly ransomware), cloud configuration and monitoring, and overall IT security administration. (Perhaps I wore too many hats, as many of us in the industry often do 😊.)

Expanding on the skills beginners learn with support or helpdesk roles, Vladimir Zaha (0ne_nine9), Information Security Analyst and former IT Support Specialist at HTB, shares that “You learn the importance of documentation, the technical troubleshooting mindset, the ability to decompile complex problems into simple singular elements, and how to read and follow instructions.”

Ben Rollin (mrb3n), HTB’s Head of Security, adds that support roles are a great launchpad for different cybersecurity jobs.

Not everyone can get into a junior sysadmin role right away. So another great path could be IT support --> Sysadmin --> Pentester. It is difficult to break into pentesting directly (but it can be done). That’s why I wholeheartedly recommend getting as much general IT experience as you can before making a shift into a technical infosec role

Key skills you’ll learn as an IT support specialist

Basic Computer Operations.

  • Hardware. 

  • Software. 

  • Input devices.

  • Output devices.

  • Operating Systems.

Computer Networking Fundamentals.

  • TCP/IP.

  • How switches work. 

  • How routers work.

  • VLANs and Network Segmentation.

  • Practical understanding of how network protocols operate.

Customer Service.

  • Communicating technical concepts in easy-to-understand ways.

  • Troubleshooting. 

  • Investigation abilities (what is the actual issue?). 

  • Operating ticketing systems.

  • Prioritizing problems.

  • Understanding that IT is a business function that enables other departments to keep working (The Business Value of IT).

  • Teamwork.

Windows Operating Systems Power User.

  • Navigating the OS and file system(s).

  • Configuring and troubleshooting networking. 

  • Understanding how users are using Windows to do their jobs.

Active Directory fundamentals.

  • Creating and Managing User Accounts and Security Groups.

  • Joining Windows workstations to Windows Domains.

Linux Operating Systems Power User

  • Navigating the OS and file system(s). 

  • Configuring and troubleshooting networking. 

  • Discovering various ways businesses use Linux to conduct business.

Security Awareness

  • Understanding what common mistakes get made that lead to breaches.

  • Teaching users how to value security and what to watch out for in friendly ways.

Please know that depending on the size of the organization, many of these skills may also be shared by the system or network administrator. Typically larger teams will specialize more whereas smaller teams will have each member performing the tasks of several roles.

💡Related read: The best programming languages for cybersecurity 

2. SOC analyst

Choosing a cybersecurity job: ESE framework

If you want to go straight into security from a non-technical role or from school, without first going into IT, the SOC analyst role is your best bet according to Ryan Gordon, Customer Operations Manager at Hack The Box. “It's what is most widely available for an entry-level person to get hired.”

Working in a SOC is about actively defending the organization. Within the SOC team, an analyst is responsible for keeping an eye on an organization's computer systems 24/7, looking for any suspicious activity, potential threats, or security breaches. 

If something looks fishy, it's the SOC analyst's job to investigate it and determine if it's a real threat or just a false alarm. 

David Forsythe (0xdf), Training Lab Architect at HTB, shares that the “SOC is the most accessible entry-level position, as there are tons of positions out there.”

Even at the most entry-level position, you get hands-on experience triaging alerts, understanding false positives and what causes them, and how to respond. There's a clear path to climb to more and more complex and advanced positions (don't stay in a role that doesn't offer this). 

Related read: What is a SOC analyst? (Career Q&A with Sebastian Hague).

Gary Ruddell, Head of Cyber Threat Intelligence and a former military operator, adds that  “there’s no better way to learn cybersecurity than spending time in the trenches on the front lines. That’s what the SOC is. They will work closely with threat intelligence, engineers, and incident responders to make sure the network stays safe. From there, you can go anywhere.

Key skills you’ll learn as a SOC analyst

How a SOC works and why they exist.

  • Different positions held in a SOC. 

  • Defensive mindsets.

  • General SOC operations. 

  • Knowing the enemy (this is where having the hacker’s mindset can really make a difference).

Networking fundamentals (similar to most positions in IT and cybersecurity.

  • TCP/IP.

  • How switches work.

  • How routers work.

  • How firewalls (hardware, host-based and web application-based) work.

  • Network segmentation and zoning.

  • How IDS/IPS’s work.

  • Analyzing packet captures.

  • Various network monitoring protocols and solutions.

  • Asset management (knowing what technologies need to be protected at any given time. This is harder than it seems).

Logging, event, and data analysis.

  • Log aggregation.

  • Properly implementing and working with a Security Information and Event Management system (SIEM).

  • Data visualization.

  • Endpoint Detection and Response (EDR).

  • Extended Detection and Response (XDR). 

Incident Response.

  • Effectively implementing, continuously updating and using an incident response plan.

  • Windows forensics.

  • Linux forensics.

  • Network forensics.

  • Precisely documenting events that occurred during the incident.

  • Acting with precision and urgency.

3. System administrator

Ippsec, Senior Training Lab Architect at HTB, says that for hands-on roles, the administrator or helpdesk route is ideal because you learn about general IT and get hands-on access to systems. 

“This hands-on access translates well into pentesting/red teaming because once you exploit a system and get a shell, your general IT experience will take over and the shell won't seem so foreign to you.” 

“I think a great word that sums up exactly why this job is absolutely perfect for a beginner is ‘exposure,’’ shares Sebastian Hague (Sebh24), HTB’s Defensive Content Lead. 

As a system administrator, you are likely to be exposed to numerous differing systems, applications, and networks. The hands-on experience and knowledge you pick up here can seen as the "foundations" that allow for the ongoing pursuit of knowledge within infosec. Without them, the house will simply topple over.

Assuming that someone wants to get into pentesting, Ben Rollin also considers sysadmin experience a powerful advantage before moving into a technical security role such as penetration testing. 

You’ll understand both the offensive/defensive sides of cybersecurity and "why" certain things are done in a network environment. This is a huge help when you’re dealing with different teams within your client companies because you have “walked in their shoes.” 


Sysadmin experience also helps you make more informed decisions when assigning risk to findings and then recommending remediation strategies. You'll have a strong understanding of why certain choices are made within a corporate network, why certain limitations exist, and potential workarounds to advise them better.

Key skills you’ll learn as a system administrator

Windows Server and Endpoint Administration. 

  • Active Directory. 

  • Group Policy administration.

  • DNS. 

  • DHCP. 

  • File server.

  • Automating administrative tasks on Windows endpoints.

  • PowerShell scripting.

  • Maintain user account and system security.

  • Microsoft Exchange (yes many companies do still host exchange servers. on-premise)

  • Hardening.

Linux System Administration. 

  • Bash scripting.

  • User account, group account, and permissions management.

  • Web servers operations and management (Apache, Nginx, and more).

  • Hardening.

Network Administration (many sysadmins are also network admins). 

  • Configuring, troubleshooting and managing routers, switches and wireless APs.

  • Firewall and VPN administration.

Hypervisor Administration. 

  • Windows Hyper-v.

  • VMware ESXi. 

  • Nutanix.

  • Creating and managing Virtual Machines.

  • Migrating, Cloning, and Deploying VMs.

Interacting with leadership and other important miscellaneous tasks.

  • Recommending and Managing hardware upgrades and utilization of new. services to leaders that make purchasing decisions.

  • Developing and writing standard operating procedures.

  • Maintaining a knowledge base. 

Cloud Systems Administration (this can be a completely separate job in some companies). 

  • Understanding how businesses use IaaS, PaaS, and SaaS cloud offerings.

  • Microsoft 365 (also referred to as Office 365).

  • Azure. 

  • Google Cloud. 

  • Amazon Web Services.

  • Alibaba Cloud.

4. Penetration tester (is it actually an entry-level job?) 

Hack The Box was originally built to upskill penetration testers. But is pentesting actually an entry-level role

Traditionally, penetration testing is not considered an entry-level role due to the level of technical skill and experience required to be proficient at it. 

But we are now seeing a new generation of pentesters and cybersecurity professionals coming from Hack The Box directly, which is in many ways breaking the traditional mold and career path into cybersecurity. 

In fact, when HTB asked the cybersecurity community on LinkedIn if securing a pentesting role as a first job was possible, 67% said yes

pentesting entry level

Many of the well-informed minds that shared their perspective throughout this post, however, admittedly did not have resources like Hack The Box when they were beginning their careers, myself included. 

HTB flattens the learning curve substantially and can create unique opportunities as you work through content and connect with members of the community. 

I can personally attest to this as I’ve gotten interviews, opportunities, established friendships, and fruitful career connections as a direct result of learning with Hack The Box.  We can even see that innovative security firms like Synack are seriously considering Hack The Box experience when assessing candidates to join their red team. 

More companies are starting to view Hack The Box as a source of talent and not just a training solution for those already employed. Some even post jobs on Hack The Box’s Talent Search, which allows players to apply for jobs (often based on HTB rank) directly through the job board