[*UPDATE* This is a long detailed post so apologies in advance]
Bit of a significant update on this one folks, having spent the last year upskilling obtaining CompTIA certifications (Network+, Security+, CySA+) I think I have finally made the decision to pursue a career transition from IT Tech Support Helpdesk into the field of Cybersecurity. I put a considerable amount of thought and research into the career changing process. I completed an online career assessment with ETC Consult (
https://careerfit.com) and Cybersecurity was one of the top area's identified as a suitable career choice for me. I was also influenced by a book called '80,000 Hours' which focuses on finding a high-impact fulfilling career. Based on extensive research, they identified Cybersecurity as one of the top career choices (
https://80000hours.org/2023/04/why-...ecurity-to-our-list-of-priority-career-paths/) so I am a little bit inspired by the idea of more meaningful work. I would be lying if I didn't admit that Cybersecurity would also be more financially rewarding, and it is very topical of recent years with massive job demand and growth predicted so it seems like a safe bet in terms of being a future-proof career choice that hopefully wouldn't be too badly disrupted in terms of losing one's job to AI. Admittedly the bulk of Cybersecurity jobs are currently in the private sector, but I'm hopeful that the Public sector will invest more in Cybersecurity recruitment in the coming years.
The next problem I had was coming to the realization that Cybersecurity is an extremely broad field, so it would be very difficult to become a jack-of-all-trades type of generalist. I decided that rather than try to cover everything, I felt I would be better served by choosing a Cybersecurity sub-domain to focus on. I decided to apply and interview for a Cybersecurity EO competition with the Civil Service, there was no particular role specified so it could have been in any sub-domain within Cybersecurity. My interview went well and I finished quite high on the order of merit. Upon completion of Garda clearance checks, it is looking like I'm imminently going to be offered a Cybersecurity role with the Civil Service, focusing on Information Security Auditing and Compliance (specifically ISO 27001). Although it would no doubt be a lot less technical than the tech-support helpdesk career that I have built thus far, I am thinking it might be worth considering as I'd prefer to remain in the Public Sector (or at least semi-state) and from what I can see most Cybersecurity roles in Public Service tends to focus more on GRC (Governance, Risk & Compliance) and the more technical aspects (e.g. penetration tests) are typically outsourced to 3rd party private firms. I have also read that GRC tends to have better work-life balance than many of the other area's of Cybersecurity, there is rarely any evening or weekend work required. This is great because I would no longer have to worry about being on-site to cover Helpdesk, and could work remotely when visiting my disabled father in Northern Ireland. I think it would therefore be reasonable logical to try to specialize and focus on GRC as my niche Cybersecurity sub-domain and this job offer would lend itself nicely.
I know it sounds like I have a solid plan figured out, but there are still a couple of potential hurdles that I am seeking advice and opinions on:
1 - SALARY
One of the major benefits of sticking with the Public Sector, is that I can apply for salary matching to the nearest scale so it would be one of the few routes that would allow me to transition to an entry-level role in Cybersecurity without having to take a significant pay reduction. Assuming this salary matching application was successful, this would be approximately how my salary would compare if I took the new role:
| YEAR | AGE | Current Pay - Local Authority (Grade 5) | Potential New Pay - Civil Service (EO) |
| 2023 | 35 | €50,285 | €50,482 |
| 2024 | 36 | €51,761 | €51,659 |
| 2025 | 37 | €53,248 | €51,659 |
| 2026 | 38 | €53,248 | €51,659 |
| 2027 | 39 | €53,248 | €53,336 (LSI1) |
| 2028 | 40 | €54,981 (LSI1) | €53,336 (LSI1) |
| 2029 | 41 | €54,981 (LSI1) | €53,336 (LSI1) |
| 2030 | 42 | €54,981 (LSI1) | €55,026 (LSI2) |
| 2031 | 43 | €56,721 (LSI2) | |
So on the surface there doesn't appear to be too much in it, I would probably be slightly better off financially in my current role with the Local Authority but I would envisage a lot more potential for promotion within the Civil Service so perhaps I could try for a HEO role before long.
2 - LOCATION
In my current role in the Midlands I drive 20mins each way to/from the office 3 days per week. In the new role I would have to take a 90min bus each way to/from Dublin 3 days per week with the potential option of working 1 of those days from a hot-desk in a secondary office that's a 45min drive away in County Laois. I would envisage that my transport costs would increase significantly, because I'm told that the tax saver commuter tickets are bad value for hybrid workers who don't need to commute 5 days per week. But realistically most of the Cybersecurity roles are going to be based in Dublin, so perhaps I just need to accept that and try to get accustomed to the idea.
3 - HOLIDAY
This one is the most difficult to swallow, in my current role I get 30 days annual leave plus an extra 13 days flexi leave per year. If I take the new role I would drop down to only 23 days annual leave which is a massive reduction, but I believe I would still be entitled to 12 days flexi leave which I'm told has been re-instated in the Civil Service after a freeze during covid. The flexi leave is crucial because I like to visit family in Northern Ireland for one long-weekend each month.
4 - EDUCATION
I am interested in doing a part-time 2-year level 9 MSc in Cybersecurity Management with MTU in Cork next month. The main appeal for me is that it is less technical than a pure Cybersecurity course, and more focused on GRC which is the sub-domain I am thinking to specialize in. I also know that MTU is the home of the 'Cyber Ireland' national Cybersecurity cluster organisation so I think it would be a reputable course. I think the GRC focus of this course would tie in really well with this new job given that I'd be working in Information Security Compliance. But I'm concerned that perhaps it isn't a wise idea to take on a level 9 Masters course at the same time as entering a new career field that requires much longer commuting. A Masters is not essential, and usually only shows up under desirable criteria on job descriptions but at the same time I'd rather do one now when I'm reasonably young and don't have any other commitments in terms of children. I'm also aware I can only afford to do this course whilst there is currently Springboard+ funding, and the funding or the course itself may not always be an option in future.
I would be keen to hear some thoughts and opinions, I think I've got the beginnings of a decent logical career plan but I'm sure there may be some things which I have overlooked or not considered.
www.itjobswatch.co.uk