By Sandy Ryan
“So,” a recent job applicant I’ve known for some time asked, “should I consider a career in cybersecurity?”
My palms begin to sweat. As the senior director of recruiting at Level Legal, I should be persuading this document-review candidate to join our crack team. No, of course not! I thought. That’s a terrible idea. You should do doc review for Level Legal instead!
But I just couldn’t lie to her.
“That’s a great idea,” I said. “It’s a helpful compliment to what you already know about document review and a very in-demand field because of data breaches.”
I begin wondering if I’ll still have a job tomorrow.
“I don’t know how to start,” she said.
“Let me look into it,” I said.
This post is the result of my promise and sums up the advice I passed on to my candidate.
My research of the cybersecurity job market confirmed my suspicions: Cybersecurity is a great career choice right now. Jobs are booming and likely will continue to do so.
But to my delight, I learned that doc review and cybersecurity aren’t mutually exclusive. In fact, both can be great plan Bs for lawyers who need an alternative career path, want a change of pace, or feel stuck in their current practice.
The Case for Cybersecurity
Here’s why a career in cybersecurity should be on any doc reviewers’ radar:
- The need is great. While much of the legal market is slowing down, cybersecurity is accelerating. The number of unfilled jobs in this arena worldwide grew 350 percent between 2013 and 2021. This time last year, around 715,000 jobs were vacant.
- And so is the payoff. Cybersecurity jobs boast a wide pay range, depending on how much education and training you’re willing to put in. For example, a systems administrator makes around $81,000, while an information technology manager makes north of $138,000. Secure a director or chief security officer role, and you’re looking at several hundred thousand dollars. Of course, you wouldn’t start as a CIO, but your future could look bright.
- Training is inevitable. Attorneys who think they can avoid all cyber-things will be in for a surprise when mandatory continuing legal education makes it to their states. New York, for example, just implemented a one-credit CLE requirement, which takes effect July 1, 2023. Topics include ethical obligations and professional responsibilities regarding electronic data, protection of confidential or privileged information, client counseling, and funds-related issues. Bloomberg analysts predict other states will soon follow.
- Potential fulltime careers deserve consideration. If you’re already involved in doc review and like the flexibility it offers, you can leverage that flexibility to pursue a cybersecurity career. Even if you don’t switch careers, knowledge of cybersecurity usually proves an asset in doc review projects.
How to Start
Doc review projects will exist as long as lawyers do. If you’re already staffed on a doc review project, maintain that steady income while you evaluate cybersecurity and obtain any necessary training. Then take these steps:
- Research entry-level roles. To begin your cyber career, look for entry-level positions, such as security administrator, senior security consultant, or junior cybersecurity analyst. While attorneys with an IT degree or four years’ experience could also shoot for an information assurance analyst position, note these roles require a Certified Information Systems Security Professional (CISSP) certification.
- Prepare for the next level. Once you have some experience in the field, look for mid-level positions like cyber auditor (good for those working in compliance with IT experience or a related degree), information security analyst (good for mid-level IT professionals), and director of information security, IT project manager/IT security engineer (a more advanced career path), and chief information security officer (the top level). As with entry-level positions, these more senior roles might require additional certification.
- Obtain certifications. Begin with the CISSP. Certification takes about eight months and costs $749. You’ll need at least five years of experience in various cybersecurity domains, including e-Discovery.
- Next, consider the Certified Information Systems Auditor (CISA). For more mid-level IT professionals hoping to advance their careers, this option requires at least five years of IT or IS audit, control, security, or assurance experience, and costs between $600 and $800.
Since cybersecurity requires both project management and eDiscovery – your route into the industry – check out certifications in project management or specific eDiscovery platforms like Brainspace and Relativity.
In fact, the more specialized your experience, the more marketable you become. That’s why Level Legal has created a proprietary database of contractors with hyper-specific skillsets, including particular state bars, specific databases, various languages, specialized areas of law (litigation, pharmaceuticals), eDiscovery software, specific document review practice areas such as cybersecurity, and specific doc review skills like 1L, 2L, ITAR, and redaction. This in-depth knowledge helps us pair the right candidates with the right customers.
Seen enough? Then get moving! Begin with a search for relevant contacts in your network who may be able to make connections for you. After all, around 90,000 cybersecurity jobs are open and waiting.
In the meantime, if you’re looking for a steady doc review project at a customer service-minded company, contact us. We’re always looking for great talent.
Sandy Ryan is (still) the senior director of recruiting at Level Legal. She was born a natural eDiscovery recruiter, although she took a circuitous route from the tiny island of Montserrat through the U.S. Army Reserve to become one officially. When she is not overseas with close family, she calls the East Coast home, often opening her home to share Montserrat’s national dish: goat water. Don’t knock it ‘til you try it.