How to Break into Cybersecurity: Lessons from Our Exclusive Member Webinar with David Ukap
At Elevatech Network, our mission has always been simple: equip our community with the knowledge, connections, and confidence to build meaningful careers in tech.
On 6th June, we brought that mission to life once again with an exclusive members’ webinar hosted by Frances, featuring David Ukap — Cybersecurity Consultant and a living example of what a non-linear, determined path into tech can look like.
The session, “How I Started My Cybersecurity Journey and How You Can Do It Too,” was more than a talk. It was a practical, honest, and deeply encouraging conversation — the kind you rarely get in a lecture hall or a LinkedIn post.
Here is what we took away.
You Do Not Need a Degree. You Need a Track Record.
One of the most powerful moments of the evening came early. David was clear: you do not need to over-promise on your CV, and you certainly do not need to exaggerate your experience to get your foot in the door.
Whether you have just finished university, recently completed a master’s degree, or are transitioning from an entirely different field, Â the small projects you have worked on matter more than you might think. The key, David explained, is demonstrating that you know the tools. Hiring managers in cybersecurity are not just looking for credentials. They are looking for evidence that you understand the environment you will be working in.
This reframing alone was worth the evening.
Start Junior. Build Deliberately. Step Up.
A theme that ran throughout the webinar was the importance of strategy over impatience. David’s advice was consistent and grounded: start with junior roles and work your way up, rather than applying for senior positions before you are ready and burning out in the process.
The entry-level roles he highlighted as genuinely accessible include:
- Junior SOC Analyst
- Junior Information Security Analyst
- Junior Penetration Tester
These are not consolation prizes. They are the foundation. David’s own journey, from Information Security Officer to analyst to consultant, now advising over 100 organisations on cyber risk, Â began in exactly that kind of ground-level role. What he learned in that first position, he was clear, could not have come from any course or certification. It came from doing the work.
Certifications Are Confidence Builders, Treat Them That Way
On the question of learning pathways, David’s approach was refreshingly direct. Short courses are valuable, but only if you sit the exams. He encouraged community members to aim to clear one certification per week where possible, even when it feels difficult, even when life gets in the way.
This is not about collecting badges. It is about building confidence in a field where confidence, combined with competence, opens doors.
What Actually Counts as a Track Record Before You Have a Title?
This was one of the most asked-about topics of the evening, and rightly so. If no employer has yet given you a formal role, what do you actually have to show?
David’s answer: produce things. Document things. Do things. Whether it is a home lab project, a write-up of a Capture the Flag challenge, a small vulnerability assessment you ran on a practice environment, or a short case study of a tool you have learned, these are the building blocks of a professional identity in cybersecurity. They signal curiosity, initiative, and technical grounding. And in a field where trust is everything, those signals matter enormously.
Honesty About the UK Market
David did not shy away from the harder truths. The UK cybersecurity job market, while full of genuine opportunity, is not without its challenges, particularly for newcomers. Some roles that appear open to beginners are, in practice, not. Competition is real, and the current job market is difficult for many people in the room.
His honest advice: focus your energy on roles that are genuinely hiring at entry level, stay consistent, and avoid the trap of applying broadly without tailoring your approach. Quality of application, paired with evidence of skill, will always outperform volume.
The One Mistake Most Beginners Make
When David was asked about the most common mistake he sees when a beginner walks into a room with a hiring manager or potential client, he did not hesitate.
It is the gap between what someone claims and what they can demonstrate. The stronger alternative is not pretending to know more than you do, it is being articulate about what you do know, how you learned it, and how you think about problems. In cybersecurity, intellectual honesty is a professional asset.
Your Next 30 Days — A Starting Point
For community members who are starting from zero, have a limited budget, and want to make meaningful progress, David closed with a clear challenge. In your next 30 days:
- Get certified in one foundational area— sit the exam, do not just study for it.
- Build or document a project— something tangible that shows your thinking and your skills.
- Enter the conversation— connect with people already in the field, follow the right communities, and make yourself visible.
Thirty days is not enough to become an expert. It is enough to become someone who is clearly on the way.
A Word from Elevatech Network
We are proud to offer our members access to practitioners like David, Â professionals who are in the field, doing the work, and generous enough to share what they know with the next generation. This is what empowerment looks like in practice: not inspiration without substance, but honest, actionable guidance from someone who has walked the path.
If you missed this webinar, it is another reminder of why being an Elevatech Network member matters. Sessions like this are exclusively available to our community, because we believe that access to the right knowledge, at the right time, changes trajectories.
More sessions are coming. Stay connected. Follow our social handles.
Want to join the Elevatech Network community and access exclusive content, webinars, and career support? Signup here: https://elevatech.network/contact.