In partnership with

Welcome to Edition #38 of The Career Compass! This week, we’re digging deep into why certifications alone might not be landing you that cybersecurity job—and how to fix it.

From trending roles like vCISOs to strategic leadership as a Cybersecurity Program Manager, this edition gives you a recruiter’s lens into what’s working right now. We’re also introducing an interactive ransomware case study and a game-changing career hack you can apply immediately. Let’s dive in!

Video of the Week: Why You Can't Get Hired in Cybersecurity (Even with Certifications)

Struggling to land a cybersecurity job despite certifications like CompTIA Security+, Google Cybersecurity, or CEH? You’re not alone. As a recruiter, I’m revealing why it’s so tough to get hired in cybersecurity—even with certifications—and sharing five insider tips to help you stand out.

From building hands-on skills with TryHackMe to nailing interviews, this video has the recruiter secrets you need to break into the industry.

🎯 Ready to get unstuck? Book a free 15-minute exploratory career coaching call with me to see how I can help create a personalised plan for landing your dream cybersecurity job. Click here: https://lukegough.as.me/ 

Get Matched With the Best HRIS/ATS Software, for Free!

Researching HR systems shouldn’t feel like a second job.

The old way meant hours of demos, irrelevant product suggestions, getting bombarded with cold emails and sales calls.

But there’s a better way.

With SelectSoftware Reviews, spend 15 minutes with an HR software expert and get 2–3 vendor recommendations tailored to your unique needs—no sales pitches, no demos.

SSR’s free HR software matching service helps you cut through the noise and focus only on solutions that truly fit your team’s needs. No guesswork. No fluff. Just insights from real HR experts.

Why HR teams trust SSR:

✅ 100% free service with no sales pressure
✅ 2–3 tailored recommendations from 1,000+ vetted options
✅ Rated 4.9/5 by HR teams and trusted by 15,000+ companies

Skip the old way—find your right HRIS/ATS in a new way, for free!

Get Your Free HR Software Matches

News & Trends in Cybersecurity

🤖 Generative AI & the Cybersecurity Catch-Up

As GenAI tools like ChatGPT, Claude, and Gemini become standard in business workflows, cybersecurity teams are scrambling to keep pace. Employees increasingly use LLMs for content creation, code generation, and data processing, which introduces risks like data leakage, insecure code, and shadow IT.

What you need to know:

• Prompts may expose sensitive company data or trade secrets

• LLM-generated code can introduce security flaws into production

• Employees may bypass protocols using third-party tools

• AI models can be attacked via prompt injection or data poisoning

Security teams must now govern AI use with policies around prompt security, API restrictions, and model vetting. Expect roles like “AI Security Analyst” and “Model Governance Officer” to rise.

🔐 FBI Issues Advisory on Business Email Compromise (BEC)

The FBI reports a $2.9 billion loss from BEC scams in 2023. These scams target employees with spoofed emails from vendors or executives to divert funds.

Why it matters:

• Human error continues to be a major vulnerability

• Security awareness training and process controls are essential

• Professionals with skills in user education and process security are in demand

👨‍💼 Virtual CISOs on the Rise

Smaller organisations are increasingly hiring Virtual Chief Information Security Officers (vCISOs). These roles offer strategic cybersecurity leadership on a part-time or contract basis, perfect for experienced professionals seeking flexible consulting opportunities.

What it means for you: If you’ve got years of security leadership experience, a vCISO career could be your next big move.

📜 AI Compliance Takes Centre Stage

Global regulatory frameworks for AI—including GDPR updates, U.S. executive orders, and EU AI Act—are making AI governance non-negotiable.

Why this matters: Cybersecurity professionals skilled in compliance frameworks like NIST, ISO 27001, and SOC 2 are in high demand. Combining cybersecurity knowledge with AI governance is becoming a powerful career edge.

Cyber Career Spotlight: Cybersecurity Program Manager

Cybersecurity Program Managers are the glue between strategy and execution. They oversee security projects, coordinate teams, and ensure alignment with broader business goals.

🔹 What They Do:

• Manage enterprise-wide cybersecurity initiatives

• Align risk, compliance, and security activities

• Lead communication between technical and executive stakeholders

• Track KPIs and ensure on-time, on-budget delivery

🔹 Key Skills:

• Project management (Agile, PMP)

• Deep understanding of risk frameworks and security protocols

• Strong stakeholder engagement and communication

• Budgeting and resource planning

🔹 Career Path:

• Mid-Level: Security Project Manager / IT Risk Manager

• Senior-Level: Cybersecurity Program Manager / Director of Information Security

• Executive: VP of Security Programs / CISO

This role is ideal for professionals with leadership potential and strong organisational skills who want to drive cybersecurity outcomes from a business-centric view.

Career Hack: Build Your Personal Board of Advisors

Great leaders don’t go it alone—they build a Personal Board of Advisors. This is a small group (3–5 people) of mentors, peers, or industry experts who help guide your decisions, provide honest feedback, and support your growth.

How to Build One:

🔹 Diverse Perspectives: Choose advisors from different industries, career stages, or specialties. You’ll get a broader view and more well-rounded advice.

🔹 Schedule Quarterly Check-Ins: Stay connected through virtual or in-person meetings. Bring your current challenges and upcoming goals to the table.

🔹 Be Open to Feedback: Your board is there to challenge your thinking and offer insights, not just validate your ideas.

🔹 Give Back: Make it a two-way street. Ask how you can help or support them in return.

This network can accelerate your progress, open doors, and hold you accountable. Think of it as your secret weapon for career clarity and growth.

Interactive Challenge: Ransomware Case Study

Scenario: You’re the cybersecurity lead at a mid-sized hospital. A ransomware attack has locked patient records, and attackers are demanding cryptocurrency payment.

Your Mission:

• What are your immediate response steps?

• How do you communicate with staff, patients, and regulators?

• What long-term measures will prevent future attacks?

📣 Take Action: Share your strategy on LinkedIn using #CareerCompassCaseStudy and tag me @Luke Gough. I’ll showcase the sharpest solutions in next week’s edition!

The Power of Career Coaching (Exclusive Offer Inside!)

As a Career Coach, I consistently witness incredible transformations when individuals invest in their future. In today's fast-paced world, feeling stuck or uncertain is common—but that doesn't have to be your story.

Through 1:1 coaching, I help you:

🎯 Gain clarity on your career path
🛠️ Develop strategic plans for your next move
💡 Break through imposter syndrome and roadblocks
📈 Sharpen your interview and job search skills
💪 Build confidence to pursue opportunities you once thought were out of reach

📩 Special Offer for Newsletter Subscribers: Get 50% off a private coaching session this month. Curious how it works? Reach out to discuss your goals and secure your spot.

Email me at [email protected] to start the conversation or book a free 15 exploratory call https://lukegough.as.me/ 

Thank you for being part of The Career Compass community. Keep levelling up your career, stay consistent, and take your career into your own hands. I’ll see you in the next edition!

P.S. Remember to share The Career Compass with your network, and let’s work together to empower more careers!

Best,
Luke Gough
Career Coach & Founder, The Career Compass

P.S. Got feedback or topics you’d love to see? Reply to this email—I’m all ears!