How to Get Experience

One of the persistent questions I am asked, as an instructor, is a variation of:   “Every job I apply for wants experience, how do I get experience without a job?”  The flip side of that question comes from IT managers, and sounds like:  “We see too many candidates with computer degrees that lack any hands on computer experience or working knowledge of computers or networking.”

The problem is most college degree programs of any sort have an inherent bias against “working with the hands.”  Even in a major like music – you learn how to play a violin, but not how to build or repair one.  Colleges see that activity as “beneath” a college graduate with a proper four-year degree. That work is for “technicians.”  But what if you want to be a technician someday?  Many colleges offer Computer Science, which turns out to be a series of classes on programming, and offers nothing in the way of computer architecture or networking.

Even colleges with IT and Cybersecurity programs fail to provide students with fundamental practical skills such as malware mitigation and recovery, or troubleshoots boot time errors, or fixing a printer problem.  Knowing everything about governance, risk and compliance, but not knowing how to open up a computer case and successfully troubleshoot and repair a problem is of no value to an employer.  You are not going to get the “experience” you need in college.  And no one is going to turn their network security over to a person without practical skills.

An exception are the two-year computer certificate programs you can find at community and technical colleges.  Technical schools are designed to provide hands-on technical skills.  If you have to pursue a degree, start there, and finish your undergraduate requirements at a tech school.  Class credits tend to transfer best within state college and university systems.  Make sure your technical school has credits that transfer.

What kind of skills are IT department managers looking for, and how can you get that experience?

You should expect to learn how to install, configure, maintain, and repair a computer.  Any computer.  This means Windows, Linux, and Apple.  This means end-user computer systems and basic servers.

Computer hardware – Know your way around the inside of a computer.  Learn the main parts and their function.  The best way to learn is to get a second hand computer or two, take them apart, and put them back together, several times.  Learn how to add RAM, change out a power supply, add a video card.  As you disassemble your computer, take pictures of each step, especially the wiring connections.  This helps when you are ready to reassemble.  There are a wealth of videos on computer repair online, on YouTube.  Learn how online if you need to.  When you get it back together, does it power on?  If not figure out why not.

Operating systems and software – When I was taking my first computer class, we installed the Windows OS maybe as often as ten times.  We would show up to class, and the drive would be wiped by the instructor, and we got to install and implement a base configuration of the operating system all over again.  And again.  The computer you rebuilt more than once can be where you learn how to install and configure a Windows operating system.  If you have a second computer, learn how to install Linux on that one.

Learn how to check for and install Windows updates and other software updates.  This is fundamental to cybersecurity.

Find some applications to install.  If you have access to Microsoft Office work with that, but there are free, open-source alternatives.  Here’s a list you should be able to install:  Adobe Reader, Open Office or Libre Office, a free version of an anti-malware program such as Avast or Malwarebytes.

Virtual machines – One way to own a bunch of computers is to set them up in one physical system as a bunch of virtual machines.  My favorite VM software is VirtualBox.  You can run a virtual network, and learn how to work with multiple systems without having to worry about breakage.  Screw up a VM?  Just install another one.

Malware mitigation – Let everyone you know that you are available to be their “computer friend” and you are happy to help them find and remove malware.  My go to is Malwarebytes.  It is free and effective, even on highly infected systems.  Even if “everything is fine,” offer to take a look “just to be sure.”  Learn how to look for browser plugins.  Many of them can be removed to improve performance and remove nuisance advertising.  Learn how to “reset” the major browsers, Edge, Chrome, Firefox, and Safari.

Networking – Networking is fundamental to modern life, everything we need is available to use across a network.  The most important network is the Internet.  The second most important network is your home or office network, the “local area network” or LAN.  You can get experience in networking by working with the network inside your home. With IoT devices and media streaming systems, this can be a considerable number of devices.  Find them and create a network map.

Learn how to find network addresses using the command line tools ipconfig, traceroute, and ping.

Download a network scanning tool and find your devices.  I like Angry IP Scanner for a simple ping sweep.  Download and install the GUI version of nMap, called ZenMap.  Learn how to use these tools.  Again, there is good instruction online.

Your cable or DSL modem is open to subscriber configuration.  Learn how to get inside and configure it.  The instructions are online on your ISP’s web site.

Set up a wireless access point.  Reset it and do it again.  Rinse and repeat.

Find or buy a network switch and learn how to use them.

Learn how to set up a network printer.  Learn how to troubleshoot printer problems.

Aside from becoming a “computer friend.” you can gain experience from internships, volunteer gigs, and workforce development programs specializing in IT and cybersecurity.  Your county workforce development agency may offer IT training, and even assistance finding the first job.

For those of you who have a long term goal of getting into cybersecurity, pump the brakes a bit.  You will need to start at the beginning, and your first job should be in a hardware repair depot, then maybe to a help desk position, and then maybe desk-side support.  If you can get an entry-level networking job, take it.  You need to own networking if you are going to work in cybersecurity.

Good luck with your quest.  Whatever you do, don’t give up.  Most people give up about a week too soon, and miss their moment.  Please feel free to reach out to me for further information about certification programs, training, and online resources.  You can search this website for related articles, like this three part series:

Experience, Certifications, or Degrees – What Matters Most? Part 3  And Part 1 and Part 2
We live in a society that places an unwarranted importance on college education. If you are in a STEM education track, a college degree may be worthwhile.  If you are in Business Administration, probably less so.  The world is awash in business administration and MBA candidates who can’t fin…

Getting Certified? Here’s How To Study For Your Certs
There are many different ways to go about studying for and passing a certification exam.  Not every method will work for all people.  Here are some techniques that I have used to prepare for, pass, and maintain my professional certifications. Why Certify? – There is no denying that experienc…


About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.