Are You Ready for a Cybersecurity Job in 2024?
Summary
TLDRIn this informative video, Josh Mador shares valuable insights on breaking into the cybersecurity field. He emphasizes the importance of having a solid foundation, such as Security Plus level knowledge, and highlights the significance of building a strong resume and portfolio. Mador also discusses the role of certifications, networking, and practical experience through labs and projects. He provides a framework to assess one's employability and suggests actionable steps, including leveraging free resources and creating content to showcase skills. The video is a guide for aspiring cybersecurity professionals to enhance their chances of securing a job in the industry.
Takeaways
- 😀 Josh Mador, the speaker, has experience helping people secure jobs in cybersecurity and has worked in various domains within the field.
- 📚 Josh and his team have created free exam test banks and practice questions for certifications like CompTIA A+, Network+, Security+, and others.
- 🔒 The speaker emphasizes that cybersecurity is a broad field with different domains, and not every role requires the same skill set, such as coding or Linux proficiency.
- 📈 For beginners, having at least Security Plus level knowledge is recommended, which can be obtained for free through resources like Professor Messer or the Google Cybersecurity program.
- 💼 The key to breaking into any field, including cybersecurity, is to focus on getting interviews and passing them; other factors are facilitators to these goals.
- 📝 Creating a strong resume and having good interview skills can compensate for a lack of a strong social network or connections in the industry.
- 🎓 Education and certifications can be important, but not always necessary; what's crucial is demonstrating knowledge and skills relevant to the role.
- 🛠️ Building a portfolio is essential, especially for those without experience. Creating content or projects and showcasing them can demonstrate passion and expertise.
- 📚 Josh mentions his course, which includes labs and projects that can be done independently, to help build a candidate's skills and portfolio.
- 💼 An ideal resume for a newcomer in cybersecurity should include certifications, projects, and knowledge of relevant frameworks and standards.
- 🚀 The speaker encourages applying for jobs with a well-prepared resume and portfolio, emphasizing that high-level positions are attainable with the right skills and passion.
Q & A
What is the first step recommended by Josh Mador for someone looking to break into the field of cybersecurity?
-Josh Mador suggests that everyone trying to get into cybersecurity should have at least Security Plus level knowledge, which can be obtained for free from resources like Professor Messer or the Google Cybersecurity program.
What are the two main things one needs to focus on to break into the field of cybersecurity according to the transcript?
-The two main things to focus on are getting an interview and passing the interview. All other factors like social networking, resume quality, certifications, and technical skills are facilitators to achieve these two goals.
What does Josh Mador suggest for someone who cannot afford to get CompTIA Security Plus certification?
-Josh Mador recommends acquiring the level of knowledge equivalent to CompTIA Security Plus and then noting on the resume 'CompTIA Security Plus in progress' to get an initial foot in the door.
Why is creating a portfolio important for someone trying to break into cybersecurity?
-Creating a portfolio is important because it showcases one's experience and skills in the field. It can include personal projects, content creation, or any other relevant work that demonstrates a candidate's abilities and passion for cybersecurity.
What is the role of practicing labs in preparing for a cybersecurity interview?
-Practicing labs helps to build a strong intuition and understanding of the subject matter. It allows candidates to become more proficient in their technical skills, which can be effectively communicated during an interview.
What does Josh Mador suggest for someone who wants to stand out when applying for cybersecurity jobs?
-Josh Mador suggests that candidates should go the extra mile by doing projects that show initiative and passion. This could involve setting up a mini SOC in the cloud, practicing incident response, or engaging in other hands-on projects that can be discussed during interviews.
What is the importance of having a good resume when applying for cybersecurity jobs?
-A good resume is crucial as it is often the first impression a potential employer gets of a candidate. It should highlight relevant education, certifications, projects, and skills that align with the job requirements.
What are some free or low-cost certifications that Josh Mador recommends for enhancing a resume?
-Josh Mador recommends certifications like FEMA Incident Management System, Qualys Vulnerability Management, and noting CompTIA Security Plus 'in progress' on the resume as ways to enhance one's qualifications without high costs.
What is the significance of the employability framework mentioned in the transcript?
-The employability framework serves as a guide to help individuals understand their weaknesses and areas that need improvement. It helps them to focus on what is important and decide where to allocate their time and resources to increase their chances of breaking into the cybersecurity field.
Why does Josh Mador emphasize the importance of passion and initiative in cybersecurity?
-Josh Mador emphasizes passion and initiative because they convey a candidate's genuine interest and commitment to the field. Employers are often impressed by candidates who have gone beyond the basics to gain practical experience and demonstrate their dedication to cybersecurity.
What is the potential earning range for a first job in cybersecurity according to the transcript?
-The transcript suggests that it is possible for someone to earn between $70,000 to $100,000 for their first job in cybersecurity, depending on their skills, experience, and the effort they put into preparing for their role.
What is the role of social networking in the job search process for cybersecurity?
-Social networking can play a significant role in the job search process. Having a strong professional network, such as knowing the CEO of a company, can greatly increase the chances of securing a job. However, if one does not have such connections, they can compensate by having a strong resume, good interview skills, and a solid portfolio.
Outlines
🚀 Getting Started in Cyber Security
Josh Mador introduces himself as a cyber security professional and educator, emphasizing his experience in various domains within the field. He offers free exam test banks and practice questions for popular certifications such as CompTIA A+, Network+, Security+, and CISSP. The video aims to provide purely informational content without sales pitches. Josh clarifies that while coding and Linux skills are often mentioned, they are not universally required for all cyber security roles. He suggests that beginners should have at least a Security Plus level of knowledge, which can be obtained for free through resources like Professor Messer or the Google Cybersecurity Program. The key focus for breaking into the field is to secure an interview and pass it, with other factors like social networking, resume quality, certifications, and interview skills serving as facilitators. Josh encourages viewers to assess their strengths and weaknesses using a provided framework and to fill gaps in their knowledge and experience.
📚 Building a Strong Cyber Security Resume
Josh discusses the importance of creating a strong resume and improving interview skills to increase the chances of breaking into the cyber security field. He suggests that viewers without a formal education should consider affordable options like a bachelor's degree from UGU. Certifications like CompTIA Security Plus are recommended, even if not strictly necessary for entry-level IT positions. Josh emphasizes the need for a portfolio, especially for those without experience, and suggests creating content or engaging in projects to showcase skills. He also highlights the value of hands-on lab experience, mentioning a course he offers that involves setting up a mini SOC in Microsoft Azure and practicing incident response. Josh shares his insights from interviewing candidates, noting that while certifications are important, he values passion and initiative more. He encourages viewers to undertake projects that can be added to their resumes and discussed during interviews to demonstrate expertise and enthusiasm for cyber security.
🎯 Applying for Cyber Security Jobs
Josh provides guidance on how to apply for cyber security jobs, starting with ensuring that one's resume is up to par. He presents an ideal resume template for beginners, featuring a project section, certifications, and knowledge of various security frameworks and regulations. He suggests that with a solid resume and demonstrable skills, one can apply for a wide range of positions, though he advises being realistic about one's first job. Josh refutes the notion that high-paying roles are unattainable for newcomers, arguing that with enough skill and passion, it's possible to secure such positions. He encourages viewers to use the employability framework to identify weaknesses and to focus on improving in those areas. Josh concludes by recommending that viewers get a baseline of security knowledge, build a portfolio, make their resume impressive, and start applying for jobs, using the resources and strategies discussed in the video.
Mindmap
Keywords
💡Cyber Security
💡CompTIA A+
💡Security Plus
💡Vulnerability Management
💡Linux
💡Certifications
💡Portfolio
💡Interview Skills
💡Lab Exercises
💡Information Security Officer
💡Employability Framework
Highlights
Josh Mador introduces himself as a cyber security professional who has helped many people get jobs in the field.
Josh and his team have created free exam test banks and practice questions for various cybersecurity certifications.
The video is purely informational and aims to guide viewers on how to break into the cybersecurity field.
Different domains in cybersecurity require different skill sets, and not all jobs require coding or Linux knowledge.
Josh emphasizes that everyone should have at least Security Plus level knowledge to get started in cybersecurity.
The importance of having a good resume and interview skills to increase chances of breaking into cybersecurity.
Josh provides a framework to help viewers assess their readiness for a cybersecurity career.
Certifications like CompTIA Security Plus can help, but Josh suggests getting the knowledge even if the certification is unaffordable.
Creating a portfolio and gaining experience through projects is crucial for breaking into cybersecurity.
Josh suggests generating your own experience through content creation or building an online presence.
Practicing labs and technical skills is essential for passing interviews and demonstrating expertise.
Josh mentions his course, which includes labs and projects that can be impressive on a resume.
The course includes an internship component and projects that can be done on Azure to simulate real-world scenarios.
Josh advises on how to make a resume attractive to cybersecurity employers, including certifications and projects.
He provides an example of an ideal resume for a newcomer to cybersecurity, emphasizing the importance of projects and certifications.
Josh discusses the potential for new entrants to cybersecurity to secure high-level positions with the right skills and passion.
The employability framework is introduced as a guide to help viewers understand their strengths and weaknesses.
Josh concludes by encouraging viewers to use the framework, gain knowledge, and apply for jobs with confidence.
Transcripts
if you're wondering how to get started
in cyber security this year you
definitely come to the right place my
name is Josh Mador for those who don't
already know and I've helped a whole
bunch of people on my channel and in
general get jobs in cyber security and
it and I've worked in a lot of different
domains of cyber security myself so I
have a really good intuition of how to
break into the field and I do want to
say before we get started me and my team
built a whole bunch of 100% free exam
test Banks like a lot of practice
questions for most of the compas like
CompTIA A+ Network plus security plus CA
plus project plus we're building pentest
plus right now cissp and itail and we're
going to build a whole bunch more so
definitely check those out and exchange
for the free practice questions please
consider subscribing I would really
appreciate it a lot I'm not going to
sell anything in this video it's going
to be purely informational and I'm
really confident about my viewpoint as
in I think I'm right about what I'm
saying so if you think I'm wrong
definitely let me know in the comments
we can have a discussion about it or
something people tend to get confused
about breaking into the field and no
doubt you've heard people say like oh
you need to know how to code you need to
know how to use Linux but the reality is
there's a lot of different domains in
cyber security and it's not like an
auditor is going to need to know how to
use python or somebody working in
governance is going to need to know the
ins and outs of Linux or something like
this it just doesn't make sense it
depends on where you're working right
and it's not like every single job is
really clean cut like oh this is a a
governance job this is an operations job
like the title will be as such sometimes
but for example I was working as a
vulnerability Management program manager
like a a program manager but I would use
Linux sometimes because my platform was
on Linux and i' would have to
troubleshoot it and I would use
programming sometimes because I needed
to do something I needed to automate
something to make my job and life easier
so there's a lot of like mixture between
them so it's not like you need to study
only audit and like be an auditor like
you can but it's it's more like mixed up
than that so it can be kind of hard to
pick where to focus but I will say for
sure especially for new people everyone
trying to get into cyber security should
have at least Security Plus level
knowledge I'm not necessarily saying go
and give comp to you $44 or something
like this but you should have that level
of knowledge you can get it for free
from Professor meso or even the Google
cyber security program for free if you
like Blitz it in 7 Days um or you just
you know get that certification and make
sure you absorb as much as you can but
everyone should have at least that level
of knowledge and I do talk about this on
my channel a lot uh this is something I
came up with to help you think about
what you need to do in order to increase
your chances of breaking into any field
really but particularly cyber security
for this example basically everything
boils down to getting an interview
passing an interview those are the only
two things that you need to worry about
and all these other boxes are just
facilitators for those things so for
example like social network if your dad
is the CEO of crowd strike that's like a
really strong social network and then
you probably don't really need much of
anything else right if you have a strong
enough social network but if you don't
have that you know you can make up for
in other areas for example having a
really good resume and having really
good interview skill so basically you
can use this chart and measure it
against yourself and really be honest
with yourself and kind of see where your
gaps are I'm just going to like talk
about some general things that you can
do for example if you don't have a
resume I'll put at least I'll put a link
to that in the in the description so you
can copy that resume but if you don't
have education can you afford one in
terms of time or money cuz you can get a
bachelor's degree from ugu for like
relatively inexpensive compared to like
20 years ago when you have to waste four
or 5 years do you have any
certifications cuz you don't need
certifications to break an it but it
certainly will help you for sure like
can you afford to get comts Security
Plus right cuz that has a lot of name
recognition and if you can't afford to I
would recommend getting that level of
knowledge and then putting on your
resume like comp Security Plus in
progress or something like this um at
least that will give you an ATS hit for
like those Auto aut at resum scanners if
you don't have a portfolio this is
really huge especially if you're trying
to break into cyber security you you
really need to make one right so you can
use this video to learn how to make a
portfolio you can use this video to
create some cybercity projects to go on
it if you don't have any experience you
can always generate experience for
yourself right you can make a bunch of
cyber security content creation make
your own LLC or something publish that
content on like YouTube or a blog or
LinkedIn or something you can build like
a mini following by posting like
Security Plus practice question like
polls every day or something put that on
your resume it's something it's better
than not having any experience right
there's always something that you can do
to make your resume decent and then in
terms of passing your interview like
self-presentation this is like really
obvious you know clean yourself up and
be appropriate looking but in terms of
interview skill and Technical ability
this will this is where labing comes
into practice like doing Labs practicing
Labs doing something over and over and
over again because the more you do
something the better you're going to
like the better intuition you're going
to have for it and the easier it is and
the easier it's going to be to talk
about it once you actually get into the
interview and of course there and of
course you can actually practice
interviewing as well I have a couple of
videos that go over a bunch of different
practice questions teach you like
interview Theory and like how to
interview properly and stuff so you can
watch those and get better at
interviewing and if you're wondering how
to do this or what projects to do um
I'll tell you but I'm going to talk
about my course a bit because kind of
have to so sorry about that but I just I
did just get done interviewing probably
about 10 people who went through my
course and then ended up getting some
kind of job in cyber security or it and
most of them had this experience where
they they went through the course and
they do the lab portion of the course a
lot which I'll tell you like everything
is that's in it so you can just do it on
your own without buying the course if
you want to but most of those people
they went through the the lab portion a
lot and they talked about it and showed
it to the interviewer and the
interviewer really impressed with with
with what they're doing like you don't
have to be like I went through Josh's
course I don't want people to say that
rather I want them to be like oh I did
this project right and the project is
impressive cuz basically they just build
inside of Microsoft Azure like in the
cloud they we set up a miniature sock
and then we expose a bunch of our assets
like virtual machines to the live
internet and it gets attacked inevitably
from Bots and Bad actors and then we
Aggregate and kind of display the attack
data on maps and we practice incident
response against the attacks and it's a
really good lab especially if you do it
many times because it gives you a good
in gives you a good intuition of
security operations and incident
response and it really shows that you
have at least it conveys a passion that
you have like passion for cyber security
so I I would recommend doing that like
you don't necessarily have to go through
the course to do it you can do those
things on your own just do it many times
and then put it on your resume and then
you can talk about it and it's really
impressive and you don't even have to do
that lab like I have a bunch of other
projects like that you can follow for
free and if you do them and you're able
to talk about them in the interview
right it will convey some kind of
passion and it will impress interviewers
and as someone who's hired a lot of
people this is to be honest I like to
see like you know Security Plus and
those like basic things but I really
like to see when people go out of their
way to do something extra and they're
able to talk about it cuz it really does
convey passion and it shows that your
doing those like extra stuff that your
peers aren't doing so it's really
important whether or not it's you know
my course my free projects on YouTube or
you just make up your own you should
really do something and have it on your
resume and you you should have done it
enough times to where you can like
easily talk about it and for full
transparency this is all the stuff
that's in my course so you can kind of
look at it and then go and try to study
it and implement it on your own the
benefit of the course is it's just kind
of like packaged up nicely but I'm not
like selling information where like this
is my information I'm selling it to you
like you can you can have those for free
right the course it just cost money
because it it costs money to maintain
and update it because Azure is like
changing all the time and there's like
an internship component um in the course
as well that cost like energy to like
maintain right but you can pretty much
Implement all the stuff for free right
and in terms of like if you're ready to
actually start applying for cyber
security jobs if your resume look
something like this this is kind of like
an ideal resume for a new person trying
to break into cyber security I'll kind
of put something on the screen here so
this is this is basically the resume
that students in my course they will get
this template and then after they go
through the course it will look
something like this so if you can make
your resume look like this and then you
can you know make sure it's like the
truth right like study all those things
do all of do all of the stuff so you are
like this person and then you start
applying to jobs like nice quality
applications then you know obviously
you're going to be able to start getting
interviews and if you've practiced your
lab enough times and you've practiced
interview questions enough times you're
just going to get hired uh eventually
and that's the reality of things and
this this resume is more like security
operations Centric because it involves
dealing with the lab quite a bit where
we do you know incident response but
there's a lot of other stuff on here
that you can see like the um regulatory
stuff like PCI DSS knowledge of HIPPA
some nist Frameworks like nist
853 um I don't know if I put cyber
security framework on here but if your
resume looks something like this and all
of these certifications are here the
these are mostly free or really cheap uh
so for example this like FEMA Incident
Management System that's like an
incident response certification that you
like training you can get for free
online you can Google it qualus V
vulnerability management this is also
free and it's something I recommend
students get and put on their resume
comp Security Plus once you have that
level of knowledge you can put comp
Security Plus like in progress on your
resume if you're you know studying for
it just be prepared to to talk about it
projects a nice project section
portfolio at the top just make sure you
know your resume is good and square to
way like this and if you can make this a
reality then you're ready to start
applying to jobs and work in cyber
security with you know it will takes
some effort but I can say that you're
ready at this point and then in terms of
what jobs to apply for pretty much
anything and everything but you can be
somewhat realistic for example you're
probably not going to get like Chief
Information Security Officer or senior
security architect probably not for your
first job I mean I was working in it
already and my first cyber security job
was like senior information security
analyst so like don't completely rule it
out but once your resume is like looking
pretty decent like this and you have a
decent amount of projects or at least
one project that's kind of big that
you've done a lot of times people will
see that and they'll be like oh person
has they know about cyber security they
have a passion and they obviously have
an aptitude and they're able to execute
on your own this is like kind of an
indicator that you're able to do like a
lot of different other things right so
I've had somebody they went through the
cyber security course and they executed
on it really really well and their first
job was information security officer and
they're kind of in management like
program manager like their first job me
I've seen this like many times and it's
happened to me as well so the the more
you kind of like sharpen your the better
job that you're going to be able to get
when you actually get into the field it
seems it seems crazy and cyber security
is kind of considered midcareer but
there's no there's no rule or law that
says like oh you need to like go through
all this other BS first before you can
make you know 70 80 90 100K as your for
your first job in cyber security it's
it's possible anyone who says it's not
possible is is wrong and they're
gatekeeping and they're like you know
they have some problem in my opinion but
it's just a matter of like how much
you're willing to sharpen your axe
obviously right even somebody sitting in
their mom's basement right they're just
like doing ethical hacking and Bug
Bounty all day like sweating and playing
valerant and eating Cheetos but they're
really good at bug Bounty they it's
possible they get hired as like senior
absec engineer at some like Fortune 500
company because their skill is like so
good and they displayed aptitude and
passion that's like really all it boils
down to and then the employability
framework is just like a guide to kind
of help you understand where you're weak
like what you need to care about and if
you're missing something you know at
least you can look at that framework and
then decide to make up for it somewhere
else if that makes sense so yeah to
recap look at this framework you know
get a good Baseline of security level
knowledge if you have money just get
Security Plus if you don't have money
get that level of knowledge and then
everyone else you know everyone should
be having a portfolio making their
resume good just adhere to this
framework as as good as you can in terms
of like what your money and time and
energy will allow make sure your resume
is good use this one use these free
practice questions if you want and just
start applying to jobs hope this helps
Weitere ähnliche Videos ansehen
Por onde começar em segurança da informação?
Step-By-Step Cybersecurity Beginner Learner's Guide | Cyber Security Training for Beginners 2023
How to Get into CyberSecurity | Step by Step Roadmap (2024)
Kickstart Your Cybersecurity Career: Top 5 Certifications for Newbies
Getting Into Cyber Security: 5 Skills You NEED to Learn
How I Would Learn Cyber Security If I Could Start Over in 2024 (6 Month Plan)
5.0 / 5 (0 votes)