How I Would Learn Cyber Security If I Could Start Over in 2024 (6 Month Plan)
Summary
TLDRThis video script offers a strategic guide for aspiring cybersecurity professionals to land a job in just six months, even without prior experience. It emphasizes building a strong resume, acquiring hands-on skills through platforms like Google's Cybersecurity Search, and broadening knowledge with GRC Mastery. The speaker advises viewers to apply consistently to jobs, engage in virtual internships, and attend cybersecurity events for networking—all while maintaining a balance between learning and enjoying the journey.
Takeaways
- 🚀 Start with the Google Cyber Security Search for beginners with zero IT knowledge to get hands-on practice with Linux, Python, and MySQL.
- 📚 Skip CompTIA Security Plus for now to focus on gaining practical skills that are in demand for cybersecurity jobs.
- 💼 Create a professional resume to showcase your skills and training, which is crucial for standing out to hiring managers.
- 🔍 Apply to cybersecurity jobs early and consistently to build confidence and learn the job market, even if you feel unprepared.
- 🌐 Utilize LinkedIn and other job platforms popular in your country to search and apply for cybersecurity positions daily.
- 👨🏫 Become a generalist by gaining a broad set of skills to qualify for a wide range of cybersecurity jobs, especially in small to medium-sized organizations.
- 📈 Enroll in GRC Mastery to acquire practical skills in governance, risk, and compliance, which are essential for a cybersecurity career.
- 📝 Complete the Capstone project in GRC Mastery to add a practical project to your resume, demonstrating your hands-on abilities.
- 🛠️ Participate in free training like the Qualys Vulnerability Management course to familiarize yourself with industry tools.
- 📚 Take beginner-friendly courses from platforms like TryHackMe to build practical skills in security analysis and incident response.
- 🏢 Engage in virtual internships offered by major companies to gain experience and add projects to your resume without cost.
- 🎓 Pursue intermediate level training in the final stages of your job search to deepen your expertise and increase your chances of landing a job.
Q & A
What is the main goal of the video?
-The main goal of the video is to demonstrate a step-by-step plan for landing a cybersecurity job in 6 months, even without prior experience, degrees, or certifications.
What is the first step recommended in the video for someone starting with zero IT knowledge?
-The first step is to take the Google Cyber Security course, which provides a foundation in cybersecurity and hands-on practice with Linux, Python, and MySQL.
Why is it suggested to skip the CompTIA Security Plus initially?
-The CompTIA Security Plus is a beginner-level theoretical course. The focus should be on gaining hands-on skills that are in demand for cybersecurity jobs, which can be acquired later once foundational skills are established.
What is the importance of creating a resume early in the process?
-Creating a resume early helps to showcase skills and training, making it clear to hiring managers that the candidate is serious about a career in cybersecurity.
How should the job experience section in a resume be structured according to the video?
-The job experience section should list only the tasks and skills relevant to a cybersecurity job, even if they represent a small percentage of the actual work done in previous roles.
What is the significance of applying to cybersecurity jobs early in the learning process?
-Applying early helps to build confidence, understand what companies are looking for, and learn to play the numbers game, increasing the chances of landing an interview.
Why is it recommended to become a generalist in cybersecurity initially?
-Becoming a generalist allows a candidate to qualify for a wider range of cybersecurity jobs, especially in small to medium-sized organizations that require a broader skill set.
What does GRC Mastery offer that makes it a valuable resource in the learning process?
-GRC Mastery offers practical skills in governance, risk, and compliance, with a focus on what the job market is asking for, including a Capstone project that can be added to a resume.
How does the video suggest incorporating the skills gained from GRC Mastery into a resume?
-The skills and the Capstone project completed in GRC Mastery should be added to the resume under a 'practical projects' section, demonstrating hands-on experience.
What is the role of virtual internships in the job search process described in the video?
-Virtual internships provide free mini-projects that can be completed and added to a resume, showcasing practical experience and making the candidate more attractive to employers.
Why is it important to continue applying to jobs while taking intermediate level training courses?
-Continuing to apply to jobs while training ensures that the candidate stays proactive in the job market, updating their resume with new skills and increasing the chances of landing a job.
What is the bonus step suggested in the video for enhancing the learning experience?
-The bonus step is to have fun and enjoy the journey by attending cybersecurity events and conferences, which can provide networking opportunities and additional learning experiences.
Outlines
🛠️ Building a Cyber Security Resume from Scratch
The speaker outlines a plan to secure a cyber security job within six months, starting with no experience. They propose creating a strong resume and portfolio, and offer a free resume template. The video promises to guide viewers through the resume-building process, emphasizing the importance of hands-on skills over degrees. The speaker reflects on the evolution of cyber security learning, highlighting the abundance of accessible online courses and labs that simplify the learning process. They also address the challenge of information overload and commit to showing a clear starting path.
🔒 Starting with the Google Cyber Security Search
The second paragraph focuses on the initial step of the six-month plan: the Google Cyber Security Search. This course is recommended for beginners to gain hands-on experience with Linux, Python, and MySQL. The speaker suggests that while certifications like CompTIA Security Plus or ISC2 CC are valuable, they are not essential for immediate job placement. The paragraph underscores the importance of practical skills and obtaining a discount for CompTIA Security Plus upon completion of the Google course.
📝 Crafting a Targeted Cyber Security Resume
This paragraph delves into the importance of resume creation, warning against treating it as an afterthought. The speaker provides a free cyber security resume template and instructs viewers on how to tailor it to their experiences and goals. They emphasize the need to highlight relevant skills and training, and to avoid listing every task from previous jobs unless they pertain to cyber security. The speaker also advises starting to apply for jobs immediately after completing the Google Cyber Security Search.
🌐 Applying to Cyber Security Jobs Widely
The speaker encourages viewers to apply to cyber security jobs daily, using platforms like LinkedIn and other local job sites. They discuss the difference between job requirements at big and small companies, suggesting that a broad set of skills is beneficial for job applications. The paragraph introduces the concept of becoming a 'generalist' to maximize job qualifications and discusses the importance of understanding the job market's needs for various specializations.
🛡️ Becoming a Generalist with GRC Mastery
The fourth paragraph introduces GRC (Governance, Risk, and Compliance) skills as a way to become a generalist in cyber security. The speaker recommends GRC Mastery, a course designed to provide practical skills demanded by the job market. They detail the course's structure, including practical assessments and a Capstone project, which can be added to the resume. The goal is to make the resume more attractive to potential employers by showcasing a broad skill set.
🚀 Advancing with Practical Training and Virtual Internships
The speaker suggests taking intermediate-level practical training courses like those from TryHackMe and participating in virtual internships offered by major companies. These experiences not only enhance the resume but also provide practical skills and confidence for job interviews. The paragraph also touches on the importance of applying for jobs consistently while undergoing training to increase the chances of landing a cyber security position.
🎉 Enjoying the Journey to Cyber Security Career
In the final paragraph, the speaker emphasizes the importance of enjoying the learning process and not being overly stressed. They recommend attending cyber security events and conferences to network and meet others in the field, which can be both enjoyable and beneficial for job prospects. The paragraph concludes by encouraging viewers to have fun and treat the learning journey as an important mission that can change their lives.
Mindmap
Keywords
💡Cyber Security
💡Resume
💡Google Cyber Security Search
💡CompTIA Security Plus
💡ISC2 CC
💡Microsoft Cyber Security Analyst
💡GRC Mastery
💡Vulnerability Management
💡TryHackMe
💡Virtual Internships
💡Bsides
Highlights
A six-month plan to land a cybersecurity job without prior experience, degrees, or IT background is presented.
Building a cybersecurity resume from scratch with a portfolio of projects is discussed.
A free resume template for cybersecurity is offered for download.
The importance of hands-on skills over degrees in cybersecurity is emphasized.
Google's Cyber Security Search is recommended as a starting point for beginners.
CompTIA Security Plus and other certifications are suggested for foundational knowledge.
The necessity of creating a professional resume to showcase skills and training is highlighted.
A strategy for tailoring a resume to include relevant job experience and skills is provided.
The recommendation to start applying for cybersecurity jobs after completing the Google Cyber Security Search is made.
The concept of becoming a generalist to qualify for a broad range of cybersecurity jobs is introduced.
GRC Mastery is endorsed as a course for gaining practical skills in governance, risk, and compliance.
The importance of adding practical projects to a resume for a stronger job application is discussed.
Qualys vulnerability management training is suggested to gain experience with industry tools.
TryHackMe's SOC course is recommended for developing skills in security operations.
Virtual internships from major companies are presented as a way to gain experience and enhance resumes.
Intermediate level training courses are advised for the final phase of the job preparation journey.
The encouragement to enjoy the learning process and attend cybersecurity events for networking is given.
Transcripts
this is the most important cyber
security video that you will watch
because I will show you exactly how I
would land the cyber security job in 6
months if I had to start over without
any Sears or degrees or any it
experience I will show you how to build
a saber security resume from scratch
with a projects portfolio like this and
I will even give you that resume to
download for free so make sure you watch
the video to the end because we will
build it together in a way that will
make you stand out to hiring managers
now I've been in the cyber security
industry for over two decades but so
much has changed since then and if I'm
honest with you learning cyber security
has never been more accessible than it
is today you don't need overpriced
degrees and you don't need to go to
obscure internet forums and beg people
for information like we did I even had
to read hundreds of pages of Unix
manuals just to get a tiny piece of
information but fast forward to today
and you have an abundance of training
courses with Hands-On practical Labs
that cover pretty much everything that
you need to learn a cyber security job
and you can do it all from home from
your laptop but this comes with a
challenge as the amount of information
available online can be overwhelming
it's really hard to know where to start
so let me show you how so let's imagine
that I don't have any it knowledge and
I'm starting from the absolute zero and
I only have 6 months to land a job so I
will follow five steps that if
implemented correctly correctly will not
only give you a cyber security job in 6
months but it will also help you to
level up as a professional you will
stand out and you'll always have job
opportunities coming your way even in
times of recessions and layoffs starting
with step number one foundation so if I
had zero technical knowledge while I'm
watching this video then this means I
know how to turn on a computer therefore
the best starting point for me will be
the Google cyber security search it's a
perfect start for someone with zero it
knowledge it will ease you in the
industry but more importantly it will
give you Hands-On practice with Linux
Python and MySQL and having Hands-On
skills is key to Landing your first
cyber security job now I'm starting from
scratch so I don't have any
certifications but if you've done the
compa Security Plus or isc2 Cc or the
Microsoft saber security analyst set you
can technically skip the Google cyber
security set but in my opinion it's
worth doing it will take you about a
month or so give or take depending on
how fast you learn but if you've done
other stuff before then you'll finish it
even faster there is honestly no
downside to doing this the Google cyber
security search so just get it done I'll
leave a link to it in the description
box below and by the way when you finish
it you get a 30% discount code to do the
comps Security Plus which I definitely
think you should take advantage of but
if I want to landar a job in 6 months
then I will personally skip the security
Plus for now the Security Plus is a
beginner level theoretical set it's good
it will introduce you to some Concepts
but if the goal is to learn the job as
fast as possible then your focus should
be on gaming Hands-On skills that the
jobs are asking for once you build some
solid Hands-On skills then you can come
back later and do the security plus if
you really want to and it will make so
much more sense because you'll actually
understand the things that you're
reading because you've done them in a
lab remember which trying to land cyber
security job our goal is not to spend 2
years building Foundation of multiple
choice exams the goal is to land the
cyber security job in 6 months and we're
trying to go straight to cyber security
we're not trying to land the help desk
job but without the next step you might
be neglecting one of the most important
aspects of Landing a cyber security job
which is Step number two creating a
resume or a CV I've seen this a lot I
see candidates who clearly have spent
time and money doing training and
certification they've studied hard but
when it come to creating a resume they
treat it like an afterthought they
literally spend 5 minutes on it now let
me tell you a secret people out there
hiring managers and Company they can't
know how amazing you are unless you let
them know you need to Showcase your
skills and you need to showcase the
training that you've done and you need
to put it in a professional way in a
resume this is the only way that
companies and hiring managers will know
that you're serious about your career in
cyber security now because of I'm
starting from zero I don't even know
what a resume or a CV is but thankfully
Unix guy from the future has created a
free cyber security resume specially for
you I'll put a link to it in the
description box below but before you
download it please make sure that you
watch this video till the end because we
will be building it together I will
teach you how to edit that resume so you
can tailor it to your own goals and
using your own experience and training
now the resume as it is it's really
simple it will only have the gole cyber
security se but I would personally add
one line to mention the labs that are
included in the certificate this way if
someone doesn't know the content of the
certificate you let them know that
you've had some practice with these
tools now under the experience section
for me it says receptionist because this
is the work that I've done before I
worked in cyber security for you this
will be something completely different
but what I want you to notice is under
receptionist I didn't list each and
every task that I've done as a
receptionist instead
I only added things that are relevant to
my goal job so anything that's relevant
to a cyber security job and that could
be interpersonal skills or communication
skills or even simple work on the it
system the purpose of the job experience
section is not to list everything that
you've done in your current job but to
list the things that are relevant to
your go job even if those things are 10%
of what you did in your current job this
is key this is a mistake I see over and
over especially from from people who
trying to change career for example if
someone has been working as a nurse for
the last 10 years then don't add each
and every detail about your nursing jobs
instead just say that you worked as a
nurse for 10 years list the names of the
hospitals that you worked at and
highlight your communication skills your
patient care skills and even any work
that you've done on the nursing it
system for example this way we keep our
resume brief but it's also highly
targeted to a cyber security job but the
real question is when should I start
applying to cyber security jobs and the
answer is now is the time even if I
don't feel that I have the confidence to
apply to cyber security jobs I
absolutely must start applying to cyber
security jobs so the right time is after
you finish the Google cyber security SE
now can I get a job with only the Google
cyber security SE the answer is yes it's
possible but probably not there are few
people in my Discord who landed the job
with only the Google security Ser but
they are the exception not the norm this
person right here on the screen is the
most recent one now the reality is yes
it's really hard to land a cyber
security job only with the Google cyber
security search but the point of
applying to cyber security jobs is for
you to start building your own
confidence it's for you to hopefully be
in an interview setting where you get to
learn what companies are asking for but
more importantly is for you to learn how
to play the numbers game if you have two
people with the exact same
qualifications and the exact same resume
one of them applies to three jobs whilst
the other person applies to 300 jobs who
do you think will have a higher
likelihood of Landing an interview the
person who applied for three jobs got
rejected then went then went on to
Reddit to complain about how the market
is so rough or the person who applied to
300 jobs and and continue their studying
Journey anyway therefore if I want to
landar a cyber security jobs in 6 months
or less I need to start applying to
cyber sec commity jobs every single day
I should spend 30 minutes every day you
don't need to spend any longer and just
make it a habit of searching and
applying to cyber security jobs this is
how I want you to search for cyber
security jobs go to LinkedIn and filter
for the word cyber then filter for the
city that you live in and search for
jobs and apply now depending on where
you live there might be certain website
that are applicable for you locally for
example in the US there is Monster
indeed and dice whil in Australia we
have se but LinkedIn is universal so no
matter where you live chances are cyber
security jobs are also advertised in
LinkedIn so I recommend you use LinkedIn
plus whatever is popular in your country
now when you apply to cyber security
jobs for the first time you will notice
something confusing some jobs want you
to be an ethical hacker whereas other
jobs want you to conduct cyber security
risk assessment both are completely
different skill sets you will see that
jobs are asking for a wide spectrum of
skills and different specializations so
how do we solve this problem should we
specialize early on or should we try and
learn everything at the same time well
this my friend is one of the biggest
problems that you will face as you're
trying to land your first cyber security
job but the next tactic will make all
the difference and it will solve this
problem for you which is Step number
three become a generalist the idea is to
cast a wide net meaning gain a broad set
of skills so you can qualify for for the
maximum number of cyber security jobs
advertised but to really understand why
I want you to understand the difference
between small and big companies from my
experience in cyber security Consulting
where I work with both small and large
organizations the main difference that I
see is this big companies usually need
to hire individuals who are highly
specialized for example they may have
someone who specializes in application
security and perhaps they'll have one
individual or a group of individuals who
only do incident response or only do
threat management or they only
specialize in spun whereas small to
mediumsized organizations they can't
afford this luxury so usually they need
to hire one person who can do so many
things so they want that person to be
able to do cyber security risk
assessments read vulnerability
management reports analyze and respond
to fishing attacks and at least be able
to interpret penetration testing reports
this is very common in the industry
therefore if I wanted to get a cyber
security jobs in 6 months or less I need
to maximize the number of jobs that I
can qualify for I will aim to First be a
generalist learn a little bit about
everything and then later specialize and
go deep in one or two areas and you can
always specialize after you learn your
first cyber security job now the way to
become a generalist is definitely not by
collecting multiple choice based
certifications and exams instead if you
want to be a top 1% candidate you'll
need to differentiate Yourself by adding
broad spectrum of practical skills that
are applicable to so many different jobs
to do that we will need to add
non-technical cyber security skills
which we collectively refer to as GRC
GRC stands for governance risk and
compliance and for GRC you don't need to
look further than GRC Mastery I designed
it in such a way that the course will
give you the practical skills that the
job market is asking for without any
fluff or any nonsense I looked at the
training courses available in the market
and I found that they didn't really
teach you what the job market is asking
for so I solved this problem for you in
GC Mastery the course has each module in
the course has a practical assessment
but more importantly at the end of the
course there is a large Capstone project
that you can add to your resume as you
build up your portfolio now GRC Mastery
on average will take you a month and a
half to 2 months to finish just a caveat
with GC Mastery you're meant to watch
the videos at least two times and you're
meant to take notes because a lot of the
topics will be new to you and the idea
is not to finish it as fast as possible
but to absorb the knowledge in the
course so you can be confident in an
interview setting and you can
demonstrate your knowledge to hiring
managers I talked about GC Mastery in
detail in this video where I did a deep
dive on each module so please check it
out now this is how I will add the
skills that I gained from GC Mastery to
the resume and suddenly our resume looks
so much better and we can qualify for so
many more jobs now because GC Mastery
has a Capstone project so I will add a
section in the resume called practical
projects and I'll add one bullet points
describing the Capstone practical
project that I did in GC Mastery now I
know some people like to add their
practical portfolio or projects to
GitHub you can definitely do that I
personally don't do it I think GitHub is
more appropriate for professionals who
do coding and programming for a living
for cyber security not so much I only
recommend it to people who do
programming within cyber security or who
created specific coding programming
tools that are used for cyber security
so we can skip GitHub for now now I will
continue to apply to jobs for at least
30 minutes every day and some of you
will definitely find the job at this
point we will be 2 and 1 half months to
3 months into our journey now assuming
you haven't found a job yet the next
skill that I want to add to our resume
is vulnerability management there are
tools in the industry that we refer to
as vulnerability scanners they they scan
systems to try and find weaknesses and
they will generate a report that details
those weaknesses so the IT team can fix
those vulnerabilities now in GRC Mastery
you will actually know what
vulnerability management is and when and
why we perform it but this particular
free training from qualis will show you
how to use qualis which is a really
prominent tool that we use in the
industry so this will give you a chance
to practice with the tool for free you
can finish this training in 1 week or 2
weeks maximum now there are more free
training courses from qualus you can do
them later but if my goal is to land the
job as fast as possible I will skip them
for now and this is how I will add the
qualus training to the resume it will
just be one simple line item that says
that I finished qual vulnerability
Management training a common mistake
that I see is people add the training
but then they create another section
they call it skills and they copy paste
the same thing so they have
vulnerability management and then
vulnerability management again as a
skill I personally don't recommend that
we need to be strategic about how we use
space in our resume if you mention it
once you don't need to repeat it at this
point we're halfway through our journey
we're 3 months in and chances are some
of you will landar the cyber security
job at this point things will start to
look a lot clearer but to build even
more confidence so we can smash that
first interiew the next training course
that we will do is from try hack me
there are so many other training
platforms out there but the reason why I
picked try hackme is because it's really
beginner friendly and it can get you
those skills that we want really fast
the first course that I want you to do
from tryhackme is the sock one course
this will give you the practical skills
that will enable you to work as a
security analyst in a security Operation
Center or even as a generalist you will
learn how to analyze security incidents
and how to respond to them this course
will take you one or 2 months it depends
on how fast you learn which means you
will be 4 months in your journey now in
the next step we will take a little bit
of a break from doing certifications but
we will add even more practical work to
our resume which is Step number four
virtual internships those are free mini
projects available to you that you can
do and you can add to your resume and
they are from some of the biggest
companies in the world and the crazy
thing is they are completely free you
have no reason not to do all of them
there are a total of nine virtual
internships each one of them will take
you 1 to 2 hours in total it will take
you 20 hours to finish but the good
thing about them is that a lot of these
topics will be like a review for you
you'll find that you've learned most of
these topics in GC Mastery and in try
hack me stock one now the forage will
also teach you how to add those virtual
internships to your resume I'll leave a
link to this in the description box
below I will not do this for you because
I want you to learn how to do it
yourself so you can have that skills of
creating and modifying resumes now the
next step in my opinion is where the
real fun begins which is Step number
five intermediate level training you're
in the final month or two of your
journey and this is where things will
get a lot more serious we need to pick
an intermediate level Hands-On practical
training and we need to do it as we do
it we should continue to apply to jobs
the idea is as you do training you apply
to jobs you finish that training you
update your resume you apply to more
jobs if you learn the job fantastic
you've reached your goal if not then you
need to pick another certification do it
apply for jobs again rinse and repeat
until you reach your goal this way it's
really impossible to fail if you do
these courses if you put in the time if
you actually apply to jobs consistently
there is no reason why you can't reach
your goal now the courses that I
recommend in no particular order are
from try hack me you can do the Cyber
defense course or the sock2 course or
you can do hack the Box CD SA or Blue
Team level one these are all great pick
one run with it apply to jobs if you
reach your goal great if not rinse and
repeat until you reach your goal there
are other courses that are also great
like from let's defend and cyber
Defenders they all touch on the same
topics so pick the one that you like and
run with it and run with it until you
reach your goal now if you reach this
far in this video then there is a bonus
step for you and in my opinion it will
make all the difference for your journey
as cheesy as it may sound but it's
really important to have fun and enjoy
the journey I don't want you to be
constantly stressed out as you study
this is not the goal here the goal is
for you to treat this like a mission a
really important mission that your life
depend on because at the end of this
Mission you will change your life and
there is no reason why this Mission
can't be fun now a great way to have fun
in this journey is to try and go to
cyber security events and meet to cyber
security events and conferences you
don't need to go to expensive ones you
can simply Go to meetup.com and search
for cyber security events in your area I
also recommend you go to Google and you
type bides and then the name of your
city bides is a cyber security
conference that's usually cheap I highly
recommend that you go to these
conferences because it's a good chance
for you to meet other people who are on
a similar Journey but you never know you
might get a job from these events in
fact one of our Discord members landed
her first cyber security job through
someone she met in a bsides event so
this could be you now if you want a deep
dive into GC Mastery which is an
essential part of this plan then please
go and watch this video because I broke
down each module of GRC Mastery in
detail and I'll see you there
Ver Más Videos Relacionados
How I Would Learn Cyber Security If I Could Start Over (Amazon Principal Security Engineer)
Are You Ready for a Cybersecurity Job in 2024?
Learn Cyber Security for FREE! Best Hacking Resources
FREE Cyber Security Training for Beginners (HIGH Demand Skills)
Underrated Cyber Security Certs that WILL get you HIRED
Getting Into Cyber Security: 5 Skills You NEED to Learn
5.0 / 5 (0 votes)