IT & Cyber Security Career Workshop

A practitioner-led journey from "what is cyber security?" to a working understanding of how networks operate and how ethical hackers test them. Delivered free to schools, colleges, and community groups.

What the workshop covers

The session is built around four objectives, moving from career awareness, through underpinning theory, into hands-on practical hacking against safe targets.

Careers

IT and cyber specialisms, the real job roles behind the buzzwords, the qualifications that matter, and how to choose a path that suits you.

Jump to Careers ↓

Theory

The building blocks: hosts and devices, networking fundamentals, the OSI and TCP/IP models, and ports & services.

Jump to Theory ↓

Practical

The seven-phase penetration testing methodology, applied to both infrastructure and web application targets.

Jump to Practical ↓

Choosing your path

Honest self-assessment: hands-on vs. strategic, and whether you want to protect, build, or analyse.

Jump to guidance ↓

IT specialisms and example roles

Technology is not one job — it is a family of related disciplines. Most careers start in one area and branch out over time.

SpecialismExample roles
Technical SupportHelpdesk, IT Technician
NetworkingNetwork Engineer, Systems Administrator
Software DevelopmentWeb Developer, App Developer
Cyber SecuritySecurity Analyst, Penetration Tester, SOC Analyst, Information Security Manager
Cloud & DevOpsCloud Engineer, DevOps Specialist
Data & AIData Analyst, AI Developer

Cyber specialisms: Red Team vs Blue Team

Within cyber security, two complementary mindsets dominate. Red teams simulate attackers to find weaknesses; blue teams defend, detect, and respond.

 Red TeamBlue Team
ObjectiveSimulate real-world attacks to identify vulnerabilities and security gaps.Provide monitoring and detection across systems, networks, and applications.
ResponsibilitiesTest detection and incident response; recommend remediation.Investigate, contain, and respond to security incidents.
Tools & techniquesPentest methodology, Kali Linux, password cracking, intercepting proxies, exploitation & evasion tools, privilege escalation scripts, C2 frameworks.IDS/IPS, EDR, SIEM, malware analysis, forensics, IAM, and cloud security tooling.
Example rolesPenetration Tester, Red Team Operator, Security Researcher.SOC Analyst, Malware Analyst, GRC Analyst, Threat Intel Analyst, Forensic Investigator, Security Engineer, CISO.
QualificationsOSCP/OSEP, CEH, GPEN, PenTest+, CSTM, CSTL, CPSA, CRT, CCT, CRTO.CySA+, CISA, CISM, CISSP, GREM, EC-Council CSA.

Qualifications & progression

You do not need every certification — you need the right next one. A common, vendor-neutral progression starts with CompTIA and builds toward specialist credentials.

  • CompTIA ITF+
  • A+
  • Network+
  • Security+
  • CySA+
  • PenTest+

Theory: hosts, networking, ports & services

Before you can attack or defend a network, you need to understand what is actually on it and how the pieces talk to each other.

Hosts & devices

A host is any device on a network. These include End User Devices (EUDs), servers, workstations, and virtual machines (such as Azure Virtual Desktops, AWS EC2, VirtualBox, and VMware guests). In your home lab, your Kali attack box and your vulnerable targets are all hosts.

The OSI model (7 layers)

LayerFunctionExamples
7 · ApplicationServices used by end-user applications.HTTP, HTTPS, FTP, DNS, SSH, SNMP, SMTP
6 · PresentationFormats, encrypts, and decrypts data for the user.JPG, GIF, SSL, TLS
5 · SessionEstablishes and ends connections between hosts.NetBIOS, PPTP
4 · TransportTransport protocol and error handling.TCP, UDP
3 · NetworkReads the IP address from the packet.Routers, Layer 3 switches
2 · Data LinkReads the MAC address from the data frame.Switches
1 · PhysicalSends data onto the physical medium.Hubs, NICs, cabling

The TCP/IP model (4 layers)

LayerFunctionExamples
4 · ApplicationNetwork services to applications; high-level protocols.HTTP, HTTPS, SSH, DNS, FTP, SMTP, SNMP
3 · TransportEnd-to-end communication, reliability, flow and error control.TCP, UDP
2 · InternetBest path through the network; logical addressing and routing.IP, ICMP, ARP, IGMP
1 · Network AccessPhysical addressing, media access, and framing.Ethernet, Wi-Fi, MAC, switches, NICs

Ports & services

Ports are logical endpoints a host uses to manage multiple network connections and services at once. A single host can run many services, each listening on a specific port number.

  • Well-known ports (0–1023) are reserved for common services — e.g. 80 HTTP, 443 HTTPS, 22 SSH, 25 SMTP, 53 DNS, 21 FTP.
  • Registered ports (1024–49151) are used by applications — e.g. 3306 MySQL.
  • Dynamic / private ports (49152–65535) are typically used for temporary, client-side connections.

Tools such as netstat (local) and nmap (remote) reveal which ports and services are active on a host — the first thing an attacker enumerates.

Practical: the penetration testing methodology

Professional testing follows a repeatable, ethical process. We apply this same seven-phase methodology in the Learning Hub against both infrastructure and web application targets.

PhasePurposeCommon actions & tools
1 · ReconnaissanceGather information about the target.Passive & active OSINT — Recon-ng, Maltego, theHarvester, Google dorking, WHOIS, Shodan.
2 · ScanningIdentify live hosts, open ports, services, and vulnerabilities.Nmap, Masscan, Nessus, Nikto, OpenVAS.
3 · ExploitationUse vulnerabilities to gain initial access.Metasploit, Hydra, SQLmap, Burp Suite.
4 · Privilege EscalationMove from user to admin/root; lateral movement.Linux Exploit Suggester, WinPEAS, LinPEAS, PowerUp.
5 · Post-ExploitationMaintain access and extract value.Mimikatz, Empire, Meterpreter, BloodHound.
6 · Covering TracksRemove evidence (in authorised engagements).Log clearing, Auditpol, Clear-EventLog.
7 · ReportingDocument findings and remediation.Dradis, Faraday, Serpico, custom templates.

Infrastructure testing

Targeting servers, services, and operating systems — exactly what you will practise against Metasploitable in the Learning Hub.

Infrastructure targets →

Web application testing

Targeting websites and web apps — practised safely against DVWA, covering injection, access control, and more.

Web app targets →
Ethics first. Every technique in this workshop is taught for defensive and authorised testing only. Only ever test systems you own or have explicit written permission to assess.

Choosing your path

There is no single "right" route. The best starting point is honest self-reflection:

  • What do you actually enjoy — hands-on building and breaking, or strategy and analysis?
  • Do you want to protect (defend systems), build (create software and infrastructure), or analyse (investigate and interpret)?
  • Do you learn best through formal study, apprenticeships, or self-directed practice?

Start the hands-on lab guides Explore career resources

Bring this workshop to your school or group

We deliver the IT & Cyber Security Career Workshop free of charge to schools, colleges, and youth and community organisations across the UK.

Request a workshop