How I Would Learn Cyber Security If I Could Start Over in 2024 (6 Month Plan)

00:00

this is the most important cyber

00:02

security video that you will watch

00:04

because I will show you exactly how I

00:06

would land the cyber security job in 6

00:09

months if I had to start over without

00:11

any Sears or degrees or any it

00:14

experience I will show you how to build

00:16

a saber security resume from scratch

00:18

with a projects portfolio like this and

00:21

I will even give you that resume to

00:23

download for free so make sure you watch

00:25

the video to the end because we will

00:27

build it together in a way that will

00:29

make you stand out to hiring managers

00:31

now I've been in the cyber security

00:33

industry for over two decades but so

00:36

much has changed since then and if I'm

00:38

honest with you learning cyber security

00:40

has never been more accessible than it

00:42

is today you don't need overpriced

00:44

degrees and you don't need to go to

00:46

obscure internet forums and beg people

00:49

for information like we did I even had

00:51

to read hundreds of pages of Unix

00:53

manuals just to get a tiny piece of

00:56

information but fast forward to today

00:58

and you have an abundance of training

01:00

courses with Hands-On practical Labs

01:02

that cover pretty much everything that

01:04

you need to learn a cyber security job

01:07

and you can do it all from home from

01:08

your laptop but this comes with a

01:10

challenge as the amount of information

01:12

available online can be overwhelming

01:15

it's really hard to know where to start

01:17

so let me show you how so let's imagine

01:19

that I don't have any it knowledge and

01:21

I'm starting from the absolute zero and

01:23

I only have 6 months to land a job so I

01:26

will follow five steps that if

01:29

implemented correctly correctly will not

01:30

only give you a cyber security job in 6

01:33

months but it will also help you to

01:35

level up as a professional you will

01:37

stand out and you'll always have job

01:39

opportunities coming your way even in

01:42

times of recessions and layoffs starting

01:44

with step number one foundation so if I

01:47

had zero technical knowledge while I'm

01:49

watching this video then this means I

01:51

know how to turn on a computer therefore

01:54

the best starting point for me will be

01:56

the Google cyber security search it's a

01:58

perfect start for someone with zero it

02:00

knowledge it will ease you in the

02:02

industry but more importantly it will

02:04

give you Hands-On practice with Linux

02:07

Python and MySQL and having Hands-On

02:09

skills is key to Landing your first

02:12

cyber security job now I'm starting from

02:14

scratch so I don't have any

02:16

certifications but if you've done the

02:18

compa Security Plus or isc2 Cc or the

02:22

Microsoft saber security analyst set you

02:25

can technically skip the Google cyber

02:27

security set but in my opinion it's

02:29

worth doing it will take you about a

02:31

month or so give or take depending on

02:33

how fast you learn but if you've done

02:36

other stuff before then you'll finish it

02:38

even faster there is honestly no

02:40

downside to doing this the Google cyber

02:42

security search so just get it done I'll

02:44

leave a link to it in the description

02:46

box below and by the way when you finish

02:48

it you get a 30% discount code to do the

02:51

comps Security Plus which I definitely

02:53

think you should take advantage of but

02:55

if I want to landar a job in 6 months

02:57

then I will personally skip the security

03:00

Plus for now the Security Plus is a

03:02

beginner level theoretical set it's good

03:05

it will introduce you to some Concepts

03:07

but if the goal is to learn the job as

03:09

fast as possible then your focus should

03:11

be on gaming Hands-On skills that the

03:14

jobs are asking for once you build some

03:16

solid Hands-On skills then you can come

03:19

back later and do the security plus if

03:21

you really want to and it will make so

03:23

much more sense because you'll actually

03:25

understand the things that you're

03:26

reading because you've done them in a

03:28

lab remember which trying to land cyber

03:30

security job our goal is not to spend 2

03:32

years building Foundation of multiple

03:34

choice exams the goal is to land the

03:37

cyber security job in 6 months and we're

03:39

trying to go straight to cyber security

03:41

we're not trying to land the help desk

03:42

job but without the next step you might

03:45

be neglecting one of the most important

03:47

aspects of Landing a cyber security job

03:50

which is Step number two creating a

03:52

resume or a CV I've seen this a lot I

03:54

see candidates who clearly have spent

03:57

time and money doing training and

03:59

certification they've studied hard but

04:01

when it come to creating a resume they

04:03

treat it like an afterthought they

04:05

literally spend 5 minutes on it now let

04:07

me tell you a secret people out there

04:09

hiring managers and Company they can't

04:12

know how amazing you are unless you let

04:14

them know you need to Showcase your

04:16

skills and you need to showcase the

04:18

training that you've done and you need

04:19

to put it in a professional way in a

04:21

resume this is the only way that

04:24

companies and hiring managers will know

04:26

that you're serious about your career in

04:28

cyber security now because of I'm

04:29

starting from zero I don't even know

04:31

what a resume or a CV is but thankfully

04:34

Unix guy from the future has created a

04:37

free cyber security resume specially for

04:39

you I'll put a link to it in the

04:41

description box below but before you

04:43

download it please make sure that you

04:44

watch this video till the end because we

04:46

will be building it together I will

04:49

teach you how to edit that resume so you

04:51

can tailor it to your own goals and

04:53

using your own experience and training

04:56

now the resume as it is it's really

04:58

simple it will only have the gole cyber

05:00

security se but I would personally add

05:02

one line to mention the labs that are

05:04

included in the certificate this way if

05:06

someone doesn't know the content of the

05:08

certificate you let them know that

05:10

you've had some practice with these

05:11

tools now under the experience section

05:14

for me it says receptionist because this

05:16

is the work that I've done before I

05:18

worked in cyber security for you this

05:20

will be something completely different

05:22

but what I want you to notice is under

05:24

receptionist I didn't list each and

05:26

every task that I've done as a

05:28

receptionist instead

05:30

I only added things that are relevant to

05:32

my goal job so anything that's relevant

05:35

to a cyber security job and that could

05:37

be interpersonal skills or communication

05:40

skills or even simple work on the it

05:42

system the purpose of the job experience

05:44

section is not to list everything that

05:46

you've done in your current job but to

05:49

list the things that are relevant to

05:50

your go job even if those things are 10%

05:54

of what you did in your current job this

05:55

is key this is a mistake I see over and

05:58

over especially from from people who

06:00

trying to change career for example if

06:02

someone has been working as a nurse for

06:04

the last 10 years then don't add each

06:06

and every detail about your nursing jobs

06:09

instead just say that you worked as a

06:11

nurse for 10 years list the names of the

06:14

hospitals that you worked at and

06:15

highlight your communication skills your

06:17

patient care skills and even any work

06:20

that you've done on the nursing it

06:22

system for example this way we keep our

06:24

resume brief but it's also highly

06:27

targeted to a cyber security job but the

06:29

real question is when should I start

06:31

applying to cyber security jobs and the

06:33

answer is now is the time even if I

06:36

don't feel that I have the confidence to

06:38

apply to cyber security jobs I

06:40

absolutely must start applying to cyber

06:43

security jobs so the right time is after

06:46

you finish the Google cyber security SE

06:48

now can I get a job with only the Google

06:50

cyber security SE the answer is yes it's

06:53

possible but probably not there are few

06:56

people in my Discord who landed the job

06:58

with only the Google security Ser but

07:00

they are the exception not the norm this

07:03

person right here on the screen is the

07:05

most recent one now the reality is yes

07:07

it's really hard to land a cyber

07:09

security job only with the Google cyber

07:11

security search but the point of

07:13

applying to cyber security jobs is for

07:15

you to start building your own

07:17

confidence it's for you to hopefully be

07:19

in an interview setting where you get to

07:21

learn what companies are asking for but

07:23

more importantly is for you to learn how

07:26

to play the numbers game if you have two

07:28

people with the exact same

07:29

qualifications and the exact same resume

07:31

one of them applies to three jobs whilst

07:34

the other person applies to 300 jobs who

07:36

do you think will have a higher

07:38

likelihood of Landing an interview the

07:40

person who applied for three jobs got

07:42

rejected then went then went on to

07:44

Reddit to complain about how the market

07:46

is so rough or the person who applied to

07:48

300 jobs and and continue their studying

07:52

Journey anyway therefore if I want to

07:54

landar a cyber security jobs in 6 months

07:56

or less I need to start applying to

07:58

cyber sec commity jobs every single day

08:01

I should spend 30 minutes every day you

08:03

don't need to spend any longer and just

08:05

make it a habit of searching and

08:07

applying to cyber security jobs this is

08:09

how I want you to search for cyber

08:11

security jobs go to LinkedIn and filter

08:14

for the word cyber then filter for the

08:16

city that you live in and search for

08:18

jobs and apply now depending on where

08:20

you live there might be certain website

08:22

that are applicable for you locally for

08:24

example in the US there is Monster

08:27

indeed and dice whil in Australia we

08:30

have se but LinkedIn is universal so no

08:32

matter where you live chances are cyber

08:34

security jobs are also advertised in

08:36

LinkedIn so I recommend you use LinkedIn

08:39

plus whatever is popular in your country

08:42

now when you apply to cyber security

08:43

jobs for the first time you will notice

08:45

something confusing some jobs want you

08:48

to be an ethical hacker whereas other

08:50

jobs want you to conduct cyber security

08:52

risk assessment both are completely

08:54

different skill sets you will see that

08:56

jobs are asking for a wide spectrum of

08:59

skills and different specializations so

09:01

how do we solve this problem should we

09:04

specialize early on or should we try and

09:06

learn everything at the same time well

09:08

this my friend is one of the biggest

09:10

problems that you will face as you're

09:12

trying to land your first cyber security

09:14

job but the next tactic will make all

09:16

the difference and it will solve this

09:18

problem for you which is Step number

09:20

three become a generalist the idea is to

09:23

cast a wide net meaning gain a broad set

09:27

of skills so you can qualify for for the

09:29

maximum number of cyber security jobs

09:32

advertised but to really understand why

09:34

I want you to understand the difference

09:36

between small and big companies from my

09:38

experience in cyber security Consulting

09:40

where I work with both small and large

09:43

organizations the main difference that I

09:45

see is this big companies usually need

09:48

to hire individuals who are highly

09:50

specialized for example they may have

09:52

someone who specializes in application

09:54

security and perhaps they'll have one

09:56

individual or a group of individuals who

09:59

only do incident response or only do

10:02

threat management or they only

10:03

specialize in spun whereas small to

10:06

mediumsized organizations they can't

10:08

afford this luxury so usually they need

10:10

to hire one person who can do so many

10:13

things so they want that person to be

10:14

able to do cyber security risk

10:16

assessments read vulnerability

10:18

management reports analyze and respond

10:20

to fishing attacks and at least be able

10:22

to interpret penetration testing reports

10:25

this is very common in the industry

10:26

therefore if I wanted to get a cyber

10:28

security jobs in 6 months or less I need

10:31

to maximize the number of jobs that I

10:33

can qualify for I will aim to First be a

10:36

generalist learn a little bit about

10:38

everything and then later specialize and

10:40

go deep in one or two areas and you can

10:43

always specialize after you learn your

10:45

first cyber security job now the way to

10:47

become a generalist is definitely not by

10:50

collecting multiple choice based

10:51

certifications and exams instead if you

10:54

want to be a top 1% candidate you'll

10:56

need to differentiate Yourself by adding

10:59

broad spectrum of practical skills that

11:01

are applicable to so many different jobs

11:04

to do that we will need to add

11:05

non-technical cyber security skills

11:08

which we collectively refer to as GRC

11:11

GRC stands for governance risk and

11:13

compliance and for GRC you don't need to

11:16

look further than GRC Mastery I designed

11:19

it in such a way that the course will

11:20

give you the practical skills that the

11:22

job market is asking for without any

11:25

fluff or any nonsense I looked at the

11:27

training courses available in the market

11:29

and I found that they didn't really

11:31

teach you what the job market is asking

11:33

for so I solved this problem for you in

11:35

GC Mastery the course has each module in

11:38

the course has a practical assessment

11:41

but more importantly at the end of the

11:42

course there is a large Capstone project

11:45

that you can add to your resume as you

11:46

build up your portfolio now GRC Mastery

11:49

on average will take you a month and a

11:51

half to 2 months to finish just a caveat

11:54

with GC Mastery you're meant to watch

11:56

the videos at least two times and you're

11:58

meant to take notes because a lot of the

12:00

topics will be new to you and the idea

12:02

is not to finish it as fast as possible

12:04

but to absorb the knowledge in the

12:06

course so you can be confident in an

12:08

interview setting and you can

12:10

demonstrate your knowledge to hiring

12:12

managers I talked about GC Mastery in

12:14

detail in this video where I did a deep

12:16

dive on each module so please check it

12:18

out now this is how I will add the

12:21

skills that I gained from GC Mastery to

12:23

the resume and suddenly our resume looks

12:26

so much better and we can qualify for so

12:28

many more jobs now because GC Mastery

12:31

has a Capstone project so I will add a

12:33

section in the resume called practical

12:35

projects and I'll add one bullet points

12:38

describing the Capstone practical

12:40

project that I did in GC Mastery now I

12:43

know some people like to add their

12:45

practical portfolio or projects to

12:47

GitHub you can definitely do that I

12:50

personally don't do it I think GitHub is

12:52

more appropriate for professionals who

12:54

do coding and programming for a living

12:57

for cyber security not so much I only

12:59

recommend it to people who do

13:02

programming within cyber security or who

13:04

created specific coding programming

13:06

tools that are used for cyber security

13:09

so we can skip GitHub for now now I will

13:11

continue to apply to jobs for at least

13:14

30 minutes every day and some of you

13:16

will definitely find the job at this

13:18

point we will be 2 and 1 half months to

13:20

3 months into our journey now assuming

13:22

you haven't found a job yet the next

13:24

skill that I want to add to our resume

13:27

is vulnerability management there are

13:29

tools in the industry that we refer to

13:31

as vulnerability scanners they they scan

13:33

systems to try and find weaknesses and

13:35

they will generate a report that details

13:38

those weaknesses so the IT team can fix

13:40

those vulnerabilities now in GRC Mastery

13:43

you will actually know what

13:44

vulnerability management is and when and

13:47

why we perform it but this particular

13:49

free training from qualis will show you

13:51

how to use qualis which is a really

13:53

prominent tool that we use in the

13:55

industry so this will give you a chance

13:57

to practice with the tool for free you

13:59

can finish this training in 1 week or 2

14:01

weeks maximum now there are more free

14:03

training courses from qualus you can do

14:05

them later but if my goal is to land the

14:08

job as fast as possible I will skip them

14:10

for now and this is how I will add the

14:12

qualus training to the resume it will

14:14

just be one simple line item that says

14:16

that I finished qual vulnerability

14:18

Management training a common mistake

14:20

that I see is people add the training

14:23

but then they create another section

14:24

they call it skills and they copy paste

14:26

the same thing so they have

14:28

vulnerability management and then

14:29

vulnerability management again as a

14:30

skill I personally don't recommend that

14:33

we need to be strategic about how we use

14:35

space in our resume if you mention it

14:37

once you don't need to repeat it at this

14:39

point we're halfway through our journey

14:41

we're 3 months in and chances are some

14:44

of you will landar the cyber security

14:45

job at this point things will start to

14:48

look a lot clearer but to build even

14:50

more confidence so we can smash that

14:52

first interiew the next training course

14:54

that we will do is from try hack me

14:56

there are so many other training

14:58

platforms out there but the reason why I

15:00

picked try hackme is because it's really

15:02

beginner friendly and it can get you

15:04

those skills that we want really fast

15:07

the first course that I want you to do

15:08

from tryhackme is the sock one course

15:11

this will give you the practical skills

15:13

that will enable you to work as a

15:15

security analyst in a security Operation

15:17

Center or even as a generalist you will

15:20

learn how to analyze security incidents

15:22

and how to respond to them this course

15:24

will take you one or 2 months it depends

15:26

on how fast you learn which means you

15:28

will be 4 months in your journey now in

15:30

the next step we will take a little bit

15:32

of a break from doing certifications but

15:35

we will add even more practical work to

15:38

our resume which is Step number four

15:40

virtual internships those are free mini

15:43

projects available to you that you can

15:45

do and you can add to your resume and

15:47

they are from some of the biggest

15:49

companies in the world and the crazy

15:50

thing is they are completely free you

15:52

have no reason not to do all of them

15:55

there are a total of nine virtual

15:57

internships each one of them will take

15:59

you 1 to 2 hours in total it will take

16:02

you 20 hours to finish but the good

16:04

thing about them is that a lot of these

16:06

topics will be like a review for you

16:08

you'll find that you've learned most of

16:10

these topics in GC Mastery and in try

16:13

hack me stock one now the forage will

16:15

also teach you how to add those virtual

16:17

internships to your resume I'll leave a

16:19

link to this in the description box

16:21

below I will not do this for you because

16:23

I want you to learn how to do it

16:25

yourself so you can have that skills of

16:27

creating and modifying resumes now the

16:29

next step in my opinion is where the

16:32

real fun begins which is Step number

16:34

five intermediate level training you're

16:37

in the final month or two of your

16:38

journey and this is where things will

16:40

get a lot more serious we need to pick

16:43

an intermediate level Hands-On practical

16:45

training and we need to do it as we do

16:48

it we should continue to apply to jobs

16:50

the idea is as you do training you apply

16:53

to jobs you finish that training you

16:54

update your resume you apply to more

16:56

jobs if you learn the job fantastic

16:59

you've reached your goal if not then you

17:00

need to pick another certification do it

17:03

apply for jobs again rinse and repeat

17:06

until you reach your goal this way it's

17:08

really impossible to fail if you do

17:10

these courses if you put in the time if

17:13

you actually apply to jobs consistently

17:15

there is no reason why you can't reach

17:17

your goal now the courses that I

17:19

recommend in no particular order are

17:21

from try hack me you can do the Cyber

17:24

defense course or the sock2 course or

17:27

you can do hack the Box CD SA or Blue

17:30

Team level one these are all great pick

17:32

one run with it apply to jobs if you

17:34

reach your goal great if not rinse and

17:36

repeat until you reach your goal there

17:38

are other courses that are also great

17:40

like from let's defend and cyber

17:42

Defenders they all touch on the same

17:44

topics so pick the one that you like and

17:46

run with it and run with it until you

17:49

reach your goal now if you reach this

17:50

far in this video then there is a bonus

17:53

step for you and in my opinion it will

17:55

make all the difference for your journey

17:57

as cheesy as it may sound but it's

17:59

really important to have fun and enjoy

18:02

the journey I don't want you to be

18:04

constantly stressed out as you study

18:06

this is not the goal here the goal is

18:07

for you to treat this like a mission a

18:10

really important mission that your life

18:12

depend on because at the end of this

18:13

Mission you will change your life and

18:15

there is no reason why this Mission

18:17

can't be fun now a great way to have fun

18:19

in this journey is to try and go to

18:22

cyber security events and meet to cyber

18:24

security events and conferences you

18:26

don't need to go to expensive ones you

18:28

can simply Go to meetup.com and search

18:31

for cyber security events in your area I

18:34

also recommend you go to Google and you

18:36

type bides and then the name of your

18:38

city bides is a cyber security

18:41

conference that's usually cheap I highly

18:43

recommend that you go to these

18:44

conferences because it's a good chance

18:47

for you to meet other people who are on

18:49

a similar Journey but you never know you

18:51

might get a job from these events in

18:53

fact one of our Discord members landed

18:56

her first cyber security job through

18:59

someone she met in a bsides event so

19:01

this could be you now if you want a deep

19:04

dive into GC Mastery which is an

19:06

essential part of this plan then please

19:09

go and watch this video because I broke

19:11

down each module of GRC Mastery in

19:14

detail and I'll see you there