This question was recently asked by Mohammad on Quora. Here’s how I encouraged him to set himself apart in a new career in Cyber Security.
There’s one practice that I’ve noticed is in short supply among the ranks of software developers: “negative visualization.” If you pick up this skill, it will set you apart as you make your career transition.
This means to envision what could go wrong (e.g., what vulnerabilities could end up in production) in advance, before starting to code the application, and then work with the dev team to mitigate the risks.
In the world of application security, you might call this a “premortem”, which is a takeoff on the idea of a “postmortem”.
Here’s a great article that provides more details: