Late-career pivoters should not feel excluded or discouraged by perceptions that they are “too old”, or that there is a narrow window in which one must enter the profession, says Chi Martin, CC.
Disclaimer: The views and opinions expressed in this article belong solely to the author and do not necessarily reflect those of ISC2.
I don’t come from a cybersecurity or STEM background; I began my professional life in business and analytics. However, I always had an interest in cybersecurity and found myself following news about zero-day exploits and emerging threats, long before it became my career. That curiosity, plus a strong problem-solving mindset, eventually gave me the confidence to pivot into cybersecurity around six years ago.
Early on, I believed that a computer science degree and advanced coding skills must be prerequisites for cybersecurity career success. But cybersecurity isn’t just about technology, it’s about understanding risk, people and impact. While technical expertise is undoubtedly important, one of the most surprising aspects of working in cybersecurity was the realization that it’s not as narrowly technical as I had assumed. It was encouraging to discover that many roles within cybersecurity rely just as heavily on analytical thinking, reasoning, curiosity and strong communication skills. Technical skills can be learned and developed over time, but the ability to interpret outputs, understand context and communicate findings clearly to a range of audiences is essential.
I was still working in the business on a project when a senior security officer encouraged me to pursue a career in cybersecurity and actively advocated for me. Later, structured development opportunities played an important role in enabling my growth and progression within the cybersecurity profession. I was fortunate to be the recipient of an ISC2 scholarship last year. That support and investment helped build my capability and confidence as my career evolved.
My Pivot to Cybersecurity
My cybersecurity career began in a Security Operations Center (SOC), one of the most technically demanding environments in the field. Coming from a non-technical background, while needing to challenge and influence technical subject matter experts, was one of the most demanding periods of my early career. It required confidence, preparation and the ability to ask the right questions.
Like many women — especially those from underrepresented backgrounds — I have encountered unspoken barriers throughout my career, from moments of self-doubt and microaggressions to the occasional instance of overt bias. I’ve often felt that I needed to work harder than my male counterparts to be heard and taken seriously, particularly when challenging technical decisions. These challenges can appear at any career stage and level. While difficult, each experience pushed me to strengthen my resilience and prove not only that I could adapt, but that I could excel.
When I first entered the profession, the number of women in cybersecurity within my organization could be counted on one hand. While representation has improved over time – and I include greater visibility of women in senior cybersecurity leadership roles – cybersecurity remains a highly male-dominated field. As a woman from an ethnic minority background, I am often the only person in the room who looks like me. I have seen positive cultural shifts and genuine progress, but there is still work to be done, particularly in ensuring women are not only encouraged into the profession but are supported and retained as their careers progress.
Such support has played a significant role in my own career journey. I was fortunate to grow up with inspiring women, particularly my grandmother and my sister, who instilled a strong work ethic in me from an early age. And like-minded people, mentors and advocates, who have encouraged me and reminded me that I deserve to be here, have made a meaningful difference. I have certainly benefited from mentors who recognized my potential before I did.
Support That Will Benefit Women in Cybersecurity
What I think the sector needs is systemic support. Initiatives such as ISC2 Scholarships and other female-focused development pathways make a significant difference in helping women both enter and progress within the field. It is equally important to reach women early, through education outreach, awareness in schools and visible role models.
However, support must not stop there; cybersecurity should remain accessible at any stage of life. Late-career pivoters, like myself, should not feel excluded or discouraged by perceptions that they are “too old”, or that there is a narrow window in which one must enter the profession. Age should never be a barrier or a prerequisite for working in cybersecurity. Curiosity, resilience and a willingness to learn matter far more than the timing of a career change. The industry benefits enormously from the breadth of experience that career-changers bring.
For anyone considering a career in cybersecurity, my key piece of advice is to know that cybersecurity offers many different roles and pathways. Explore what resonates with you and build depth in those areas; that focus will make the learning stick and keep you motivated.
I’m optimistic about the future for women in cybersecurity; even within my relatively short time in the field, I’ve seen positive change. The growth of programs aimed at women and underrepresented groups, and the increasing visibility of women in senior leadership roles across cybersecurity and risk disciplines, give me confidence that the profession is moving in the right direction.
Chi Martin, CC, has nearly six years’ experience in cybersecurity within the energy sector and critical national infrastructure environments. She has held both operational and governance roles, specializing in cyber risk, security operations, vulnerability management and stakeholder engagement. Her work focuses on strengthening organizational resilience through threat intelligence, risk governance and security operations practices.
Global 50x50 Women’s SummitTaking place on March 18, 2026, the Global 50x50 Women’s Summit is a virtual event which will bring together women and allies from every corner of the cybersecurity ecosystem to explore how inclusive leadership, intentional sponsorship, and meaningful mentorship open doors to opportunity and reshape the talent pipeline. Supported by ISC2 and The Centre for Cyber Safety and Education, this event builds on the work of the Global 50x50 Initiative towards a future where women make up 50% of the cyber workforce by 2050. The Summit will highlight the actions needed to create a more resilient and sustainable cybersecurity workforce for all. By attending this live event, you are eligible to receive 3.5 CPE credits. Additional credits can also be earned with on-demand viewing. |
