Understanding networks, endpoints and security tools are important. But as Dhruti Mehta, SSCP, CC, reflects on the skills that have mattered most in her career, technical fundamentals have only been part of the equation; what differentiates individuals in cybersecurity is how effectively they apply that knowledge.
Disclaimer: The views and opinions expressed in this article belong solely to the author and do not necessarily reflect those of ISC2.
My journey into cybersecurity was not predefined; I found my way into it while navigating a much larger transition. Moving to the U.S. as an international student meant adapting to a completely new education system, culture and professional environment, all at once. During that time, I was drawn to cybersecurity because it felt like a field where effort directly translated into growth: it rewarded curiosity, problem-solving and persistence, the qualities I was already relying on to build my life in a new country.
What started as interest quickly became commitment. I realized cybersecurity is not a static discipline; it evolves constantly and that continuous change is what has kept me engaged. Every challenge, whether analyzing threats, strengthening defenses or adapting to new technologies, requires both technical depth and critical thinking. That combination of purpose and continuous learning is what has sustained my long-term interest in the field.
Pursuing Career Development Opportunities
Like many early-career professionals, I began by building foundational knowledge through academic coursework. But the real turning point for me came from actively seeking opportunities beyond the classroom. I took on a cybersecurity analyst internship with the New York State Education Department, which gave me my first exposure to real-world security operations. From there, I transitioned into professional roles in the health sector, working in enterprise security operations. However, technical experience alone wasn’t enough. One of the most impactful decisions I made was to intentionally invest in community.
I joined Women in CyberSecurity (WiCyS) during my final year as a student. That decision shaped my career in ways I hadn’t anticipated. Today, I serve as the President of the WiCyS Northern Indiana affiliate, where I lead initiatives focused on cybersecurity education, mentorship and workforce development for students and early-career professionals. Through my role, I’ve seen firsthand how access to the right community and guidance can accelerate someone’s confidence and career trajectory.
Through WiCyS, I gained access to mentorship, career coaching and a network of professionals who were willing to share both guidance and honest experiences. That support system helped me prepare for certifications like the ISC2 Certified in Cybersecurity (CC) and build confidence as I entered the workforce. More importantly, it reinforced the idea that cybersecurity is a collective effort shaped by the communities we build and contribute to, not just an individual journey.
Why Technical Skills are Part of a Wider Skillset
Certainly, understanding networks, endpoints and security tools is critical. When I reflect on the skills that have mattered most in my career, technical fundamentals have only been part of the equation; what differentiates individuals in cybersecurity is how effectively they apply that knowledge. My adaptability has been essential in a field that changes as rapidly as ours. My communication skills have been equally important, especially in operational roles where explaining risk, incidents, or controls to non-technical stakeholders is part of the job. Self-advocacy has also played a significant role; I learned to speak up, ask questions and position my work confidently, particularly early in my career and as an international professional.
Especially in the beginning, there were experiences when I had consistently to prove my credibility. Those experiences weren’t defined by a single factor, but rather a combination of being early-career, navigating a new country and working in a technical field where representation is still evolving. While there’s still work to be done to ensure that inclusivity is not just acknowledged but actively practiced, organizations are becoming more aware of the value that diverse perspectives bring to cybersecurity. This represents encouraging progress.
Thinking Long-Term
For anyone considering a career in cybersecurity, or already in the field for that matter, my advice is to approach it as a long-term investment rather than a quick entry point. As I did, start with the fundamentals – but don’t wait for perfection before gaining experience. Internships, labs, certifications and hands-on practice all contribute to building confidence and capability.
At the same time, prioritize building your professional network. Communities like ISC2, WiCyS and other industry groups can provide mentorship, opportunities and support that extend far beyond technical learning. For women in particular: recognize that you belong in this space. Seek out environments that support your growth and be willing to advocate for yourself when needed. Don’t underestimate the value of your perspective; cybersecurity is ultimately about protecting people and systems, and diverse viewpoints strengthen how we approach that mission.
Finally, stay curious. Ours is a field where learning never stops and that is one of its greatest strengths. The more we invest in developing both our technical expertise and our professional network, the more opportunities we create – for ourselves and those following a similar path.
Dhruti Mehta, SSCP, CC, has three years of experience in healthcare, public sector and enterprise cybersecurity operations. She has held technical and leadership roles, with responsibility for threat detection, incident response and security operations workflows. Her cybersecurity work spans AI-enabled security operations, mentorship and workforce development initiatives.
