📅 Published: June 10, 2026
If you already work in IT support, you may be closer to cybersecurity than you think. Password resets, MFA, ticket notes, endpoint issues, phishing reports, access requests, and troubleshooting all connect to security work.
Quick answer
Spend 90 days building proof: security-focused resume bullets, one home lab, one vulnerability project, one incident-response writeup, and better job-title targeting.
Spend 90 days building proof: security-focused resume bullets, one home lab, one vulnerability project, one incident-response writeup, and better job-title targeting.
Days 1-30: translate your current work
- Rewrite help desk bullets to include access control, MFA, endpoint troubleshooting, ticket documentation, and escalation.
- Collect examples of security-related work you already do.
- Study common SOC, GRC, IAM, and vulnerability management job descriptions.
- Build a list of keywords that match your actual experience.
Days 31-60: create proof projects
| Project | What it proves |
|---|---|
| phishing email analysis writeup | alert review and communication |
| Windows event log review | basic investigation skills |
| vulnerability scan lab | risk prioritization and remediation notes |
| IAM access review sample | user access and least privilege thinking |
| security policy checklist | GRC documentation ability |
Days 61-90: apply smarter
- Create one SOC resume and one GRC/IAM resume.
- Apply to roles where you match at least half the duties.
- Use your projects as proof in LinkedIn and interviews.
- Track applications and adjust based on responses.
Good search titles
- SOC analyst tier 1
- security operations analyst
- cybersecurity analyst entry level
- IAM analyst
- GRC analyst associate
- vulnerability management analyst junior
- security compliance analyst
Helpful DamnJobs Resources
Before you send more applications, make sure your resume and job target actually match the role.
Useful reference: