Hey everyone, welcome back to The Career Compass.

This week, I want to talk about a path into cybersecurity that I think more people should take seriously, and that’s the move from help desk into cyber.

A lot of people overlook help desk or IT support because they’re so focused on landing a job with “cybersecurity” in the title straight away. But the truth is, help desk can give you some of the best foundations possible if your long-term goal is to break into cyber.

So in this edition, I want to break down why that path makes sense, what I’m seeing in the market right now, and how you can use your current experience to move forward more strategically. Let’s get ito it!

Oh, and thank you to everyone who has already grabbed a copy of my Cyber Job-Ready Blueprint. I really appreciate the support, and I hope you’ve found it genuinely helpful in giving you more clarity and direction. If you haven’t picked up a copy yet, you can find more info below.

I genuinely think this is one of the best pathways into cyber. Here’s why. You build real technical foundations

In help desk, you are often dealing with:

Those are not random IT tasks. They are the building blocks of security. A lot of cybersecurity jobs, especially at the junior end, still require you to understand how systems work before you can protect them.

One of the biggest gaps I see in entry-level candidates is that they may know some theory, but they have not worked in a real environment

Help desk gives you exposure to:

That kind of operational awareness is hugely valuable. You develop the soft skills employers want.

Good cybersecurity professionals need more than technical knowledge. They need to communicate clearly, stay calm under pressure, document properly, and explain risks in a way that people understand. Help desk can build all of that.

From a recruiter’s perspective, this path makes sense. If someone tells me:

“I’ve worked in IT support, I understand systems, I’ve dealt with user access, troubleshooting, and endpoint issues, and now I’m building security knowledge on top of that”

That is a strong story. It is often much stronger than: “I’ve done a few courses but have never worked in a real technical environment.”

CyberSeek’s pathway tooling and CISA’s cyber career pathways resources both reinforce that cybersecurity careers often build from adjacent technical roles rather than starting from zero. 

Are you tired of hunting down data, fixing errors, and manually updating disconnected spreadsheets?

Tax reporting isn’t a simple as it used to be. You need real-time, flexible reporting so you can confidently make decisions backed by accurate, centralized data.

Learn how bringing all your tax information into one central system automates repetitive tasks, improves scenario planning, and frees your team to focus on strategy instead of data entry.

Whether you operate in one country or dozens, Longview Tax scales with you—reducing risk, speeding up your close process, and helping you optimize tax policies across all jurisdictions.

Download the paper

If you've been following my content for a while, you know I talk a lot about what actually gets people hired in cybersecurity. The certifications that matter. The projects that prove you can do the work. The way to position yourself so recruiters like me actually find you.

I took everything I've learned from 15 years of recruiting across two countries and packed it into one resource: the Cybersecurity Job-Ready Blueprint.

It's a step-by-step system broken into five modules:

Build the right foundation - practical skills that come up in interviews, not just theory

Certification strategy - which certs to get, in what order, and which ones to skip

Hands-on projects - five specific projects that prove to a recruiter you can do the work

Professional packaging - your LinkedIn, resume and portfolio, built to get found

Job search and interviews - how to apply strategically, network properly and answer the exact questions I ask candidates

There's also a full 90-day action plan, a section on AI in cybersecurity for 2026, security clearance guidance, and Australian-specific salary data and job boards.

Whether you're a career changer, a student or someone who's been self-studying and feeling lost in the noise, this was built for you. It's the roadmap I wish every candidate had before they applied to the roles I was recruiting for.

Grab your copy here: https://thecareercompass-newsletter.beehiiv.com/products/cybersecurity-job-ready-blueprint-copy

The cybersecurity market is continuing to shift in some very clear ways, and these trends matter for job seekers.

One of the strongest themes going into 2026 is the growing focus on identity, access, and Zero Trust. Microsoft has highlighted identity and AI agent governance as key priorities for 2026, including protecting AI agents as first-class identities and strengthening access controls across environments. 

What this means for you:

If you are in a help desk or IT support role, experience with user accounts, access issues, MFA, permissions, and troubleshooting authentication problems is more relevant than ever. Those are not “basic IT tasks” anymore. They are directly connected to modern security priorities.

Microsoft’s Digital Defence Report 2025 makes it clear that AI is now being used by adversaries to scale phishing, social engineering, vulnerability discovery, and other attack activity. The same report also notes that 28% of breaches in Microsoft incident response investigations were initiated through phishing or social engineering. 

What this means for you:

Cybersecurity hiring is not just about knowing theory. Employers increasingly value people who understand real-world user behaviour, suspicious activity, access risks, and practical security hygiene. That is another reason support-based backgrounds can translate well.

CyberSeek’s 2025 data shows 457,398 online job openings for cybersecurity-related positions in the U.S. national dataset it tracks. 

What this means for you:

There are still opportunities, but employers are looking for people who can demonstrate usable skills, not just collect certifications. That is why practical experience, even from adjacent roles like help desk, can carry real weight when positioned properly.

One of the biggest mistakes I see from people trying to move into cybersecurity is thinking they need to wait until they have the perfect title before they can position themselves seriously. You don’t.

As a recruiter, I can tell you that hiring managers are often far more interested in relevant experience and transferable skills than whether your current title says “Cybersecurity Analyst.”

If you’re working in help desk or IT support, and you’re dealing with users, access issues, permissions, endpoints, troubleshooting, ticketing systems, and escalation processes, you are already building experience that can be relevant to cyber.

The key is knowing how to talk about it. Too many candidates undersell themselves by describing their work in the most basic way possible. Meanwhile, stronger candidates learn how to frame that same experience in a way that shows security relevance, technical understanding, and business value.

So the real question is not always, “Do I have a cyber title yet?” It’s, “Am I building the right foundation and positioning it properly?” Because if you are, you may be more ready than you think.

If you are currently in help desk or IT support, start keeping track of the security-relevant work you already do.

That might include:

Why does this matter?

Because when it comes time to update your CV, LinkedIn, or interview answers, you want evidence that your current role already overlaps with security. Most people undersell this badly.

If you're looking at breaking into a Security Operations Centre role, I want to put something on your radar. CyberDefenders have launched a certification called CCDL1, their Entry-Level SOC Analyst certification, and I've been checking it out from a recruiter's perspective.

It's built specifically for beginners and career changers who want hands-on experience with the kind of work SOC analysts actually do day to day. I've been going through the platform myself and evaluating it the way I would if a candidate put it on a resume in front of me.

I did a full review video with my honest take on who it's best for, how it compares to other entry-level paths, and whether it actually moves the needle when applying for roles. Check it out here

In the meantime, I've got a 10% discount code for you if you want to get started. Use my link below to grab it: Make sure to use code LUKE at checkout.

👉 https://cyberdefenders.org/?via=e5c717

Code: LUKE

This week, write down 5 tasks from your current role that connect to cybersecurity.

Then ask yourself: How can I describe these in a way that shows security relevance?

For example, instead of saying:

“Handled password resets”. You could say:

“Supported user identity and access processes, including password resets, account lockouts, and MFA-related troubleshooting in a live business environment.”

Same task. Stronger positioning.

You do not need the perfect starting point to build a cybersecurity career. You need a believable path, useful skills, and the ability to position your experience properly. Help desk is not a detour. For many people, it is the foundation. And if you are already there, you may be closer than you think.

As always, keep levelling up your career.

Best wishes
Luke

P.S. If you have not watched this week’s video yet, check out Help Desk to Cybersecurity: The Exact Roadmap (2026). And if you want a more structured approach to getting job-ready, my Cyber Job-Ready Blueprint is there to help you focus on what actually moves the needle.

P.S. Remember to share The Career Compass with your network, and let’s work together to empower more careers!