Underrated Cyber Security Certs that WILL get you HIRED
Summary
TLDRThe video script discusses the outdated advice of pursuing traditional certifications like CompTIA and CCNA for a career in cybersecurity. Instead, the speaker advocates for hands-on, lab-based training, sharing the story of Josh, an electrician with a cybersecurity degree, who sought career mentorship. The speaker recommends platforms like Let's Defend for defensive technical skills and GC Mastery for non-technical GRC skills to broaden employability. The emphasis is on gaining practical experience and applying for jobs to build confidence and skills, rather than solely focusing on recognized certifications.
Takeaways
- 🚫 Outdated Advice - The conventional path of CompTIA, Network+, Security+, and CCNA before entering cybersecurity is considered outdated.
- 🌐 Global Success Stories - The YouTube channel shares success stories of individuals who achieved success in cybersecurity through alternative paths and trainings.
- 📋 Foundation Over Certifications - Emphasizing the importance of foundational skills and hands-on experience over traditional certifications.
- 🔍 Confidence Through Application - Gaining confidence in cybersecurity through real-world applications and interview experiences rather than just studying.
- 🛠️ Hands-On Training - Recommending lab-based, hands-on cybersecurity training as a more effective approach to learning and skill development.
- 🔧 Career Mentorship - Utilizing career mentorship calls to guide individuals in their cybersecurity career path and address specific concerns.
- 🔄 Broad Skillset - Advising beginners to focus on a broad skillset to maximize job opportunities rather than specializing too early.
- 🎯 Job Application Strategy - Encouraging job applications as soon as possible to gain experience and improve interview skills.
- 🔄 Continuous Learning and Applying - Emphasizing the importance of continuous learning and job application to increase the chances of landing a cybersecurity job.
- 🔎 Misconceptions About Hiring - Clarifying that hiring managers in cybersecurity are not solely focused on certifications but rather on practical skills and experience.
- 🌟 Specialization vs. General Skills - While specialization is important, having a general skillset that applies to a wide range of cybersecurity jobs is more beneficial for beginners.
Q & A
What is the speaker's opinion on the traditional advice of pursuing CompTIA, Network+, Security+, and CCNA before entering cybersecurity?
-The speaker believes that following this traditional advice is outdated, comparing it to advice given 20 years ago. They argue that many successful cybersecurity professionals have achieved their goals without these certifications by following alternative paths and training.
What was Josh's background and why did he book a career mentorship call with the speaker?
-Josh is a 32-year-old electrician living in the US who also holds a cybersecurity degree from WGU University, which includes many CompTIA certifications. Despite this, he felt unprepared and lacked confidence to apply for cybersecurity jobs, leading him to seek guidance from the speaker.
What was the speaker's first recommendation for Josh to improve his cybersecurity skills?
-The speaker recommended a platform called Let's Defend, specifically its Security Analyst pathway, which focuses on the defensive technical side of cybersecurity and can qualify Josh to work in a Security Operations Center (SOC).
Why did the speaker suggest Josh pursue a broad range of skills rather than focusing on a specific specialization early in his career?
-The speaker advised Josh to be as generic as possible to qualify for a larger number of jobs, maximizing his chances of landing a cybersecurity position. Specialization is less important initially, and a broad skill set is more marketable, especially for someone new to the field.
What is the speaker's stance on the importance of recognized training and certifications in the cybersecurity job market?
-The speaker emphasizes that hiring managers are not just looking for recognized training or certifications. They value the skills listed in job descriptions more, and candidates should focus on acquiring practical skills that match the job requirements rather than chasing after recognized certifications.
What is GC Mastery and why was it recommended to Josh?
-GC Mastery is a training program focused on the non-technical side of cybersecurity, known as GRC (Governance, Risk, and Compliance). It was recommended to Josh to broaden his skill set and increase his chances of landing a cybersecurity job, even if it's not directly related to his ultimate goal of digital forensics.
What are the other Hands-On training options mentioned by the speaker for someone looking to enter cybersecurity?
-The speaker mentions Blue Team Level One, Hack The Box, and Try Hack Me as other practical, hands-on training options that can help individuals gain the necessary skills for a cybersecurity career.
What advice does the speaker give regarding the selection of a training course?
-The speaker advises that the specific training course chosen is less important than the commitment to completing a hands-on, practical cybersecurity training. The goal is to gain skills and experience, not to collect certifications.
What is the speaker's strategy for job hunting in cybersecurity?
-The speaker suggests starting with a basic foundational certification, then immediately engaging in hands-on cybersecurity training while simultaneously applying for jobs. This approach involves continuous learning and applying to gain experience and confidence, increasing the chances of landing a job.
What mistake did Josh make that is common among beginners looking for their first cybersecurity job?
-Josh made the mistake of only searching for digital forensics jobs, limiting his opportunities. The speaker advises against this narrow approach and encourages job seekers to apply for a broader range of cybersecurity positions.
How does the speaker suggest improving one's chances of landing a cybersecurity job?
-The speaker recommends a combination of completing hands-on cybersecurity training, gaining practical experience through labs, and applying to a variety of cybersecurity jobs to build confidence and interview experience. Persistence and a willingness to learn from rejections are key to success.
Outlines
🚀 Challenging Traditional Cybersecurity Career Advice
The speaker shares an alternative approach to entering the cybersecurity field, emphasizing the importance of hands-on experience over traditional certifications like CompTIA and CCNA. The story of Josh, a cybersecurity degree holder, is used to illustrate the limitations of conventional wisdom. The speaker recommends lab-based, practical training and highlights the value of broad, marketable skills to increase job opportunities. The focus is on gaining real skills that can lead to a rewarding career, rather than just collecting certifications.
🎯 Prioritizing Job Acquisition Over Specialization
The speaker advises that the primary goal for beginners should be to secure a cybersecurity job, regardless of specialization. They should aim to acquire a wide range of skills to qualify for various positions, especially generalist roles. The speaker introduces GRC Mastery as a valuable training for the non-technical side of cybersecurity, despite Josh's interest in digital forensics. The recommendation is to combine technical and GRC skills to enhance employability and to focus on the first job as a stepping stone to further opportunities.
📈 Maximizing Job Prospects Through Continuous Learning and Application
The speaker emphasizes the importance of continuous learning and applying for jobs concurrently to gain experience and confidence. They suggest that after completing a foundational certification, one should immediately start a hands-on cybersecurity training and begin job applications. The speaker encourages persistence and a growth mindset, advising to keep learning and applying until the desired job is achieved. They also address common misconceptions about job hunting in cybersecurity and the overemphasis on specific certifications.
Mindmap
Keywords
💡CompTIA Security+
💡CCNA
💡Career Mentorship
💡Hands-On Training
💡Security Operations Center (SOC)
💡Digital Forensics
💡GRC Mastery
💡Job Application Strategy
💡Blue Team Level One
💡Hack The Box
💡Cybersecurity Job Market
Highlights
The conventional advice of obtaining CompTIA, Network+, Security+, and CCNA before entering cybersecurity is outdated.
Success stories are shared weekly on the YouTube channel, showcasing alternative paths to cybersecurity without traditional certifications.
Josh, a 32-year-old electrician with a cybersecurity degree from WGU University, felt unprepared for cybersecurity jobs despite having multiple CompTIA certificates.
Josh's lack of confidence in applying for cybersecurity jobs is a common issue among those who follow conventional wisdom and certification paths.
The importance of applying for cybersecurity jobs to gain experience and confidence, rather than waiting for perfection from foundational certificates.
A list of lab-based, hands-on cybersecurity training is recommended for practical application of learned concepts.
Let's Defend is recommended for its focus on the defensive technical side of cybersecurity and its potential to qualify for work in a Security Operations Center.
Josh's ultimate goal of working in digital forensics, a cybersecurity specialization, is acknowledged, but broad skills are advised for initial job applications.
The myth that hiring in cybersecurity is solely based on recognized certifications and ticking boxes is debunked.
The importance of focusing on the skills listed in job descriptions rather than just the certifications.
GRC Mastery is recommended for its practical approach to the non-technical side of cybersecurity, despite Josh's desire for a technical role.
The necessity of being well-rounded in cybersecurity to maximize job opportunities, especially for beginners.
Blue Team Level One and Hack The Box certifications are mentioned as valuable, but the emphasis is on hands-on skills over specific course names.
The strategy of combining technical Security Operations Center skills with GRC skills to enhance employability in cybersecurity.
The advice to apply for cybersecurity jobs as soon as possible, even with the risk of rejection, to gain experience and confidence.
Josh's mistake of only searching for digital forensics jobs, illustrating a common beginner's approach that limits job opportunities.
The importance of a winner's mindset and continuous learning and applying to secure a cybersecurity job.
Transcripts
if you are told you must do the comp A
Plus network plus Security Plus and CCNA
before you get into cyber security then
you're listening to the same stupid
advice that was given to me 20 years ago
but what if I told you that every week
on this YouTube channel I post weekly
success stories from all over the world
by following advice from this YouTube
channel without even doing any compa or
CCNA instead they do other Sears and
training that you may not have even
heard of like the ones that I recommend
it to Josh so Josh who's 32 years old
booked a career mentorship call with me
last week he is an electrician he lives
in the US and he also did a cyber
security degree from WGU University
which comes with a lot of compa
certificates yet he was confused because
he followed the conventional wisdom of
getting those foundational certificates
yet he felt like he learned nothing he
didn't feel confident enough to even
apply to cyber security jobs but the
problem is if he doesn't apply to cyber
security jobs he will not gain that
confidence that he's after he needs to
be in interviews he needs to learn how
to answer questions on the spot this is
how we gain confidence so he booked a
career mentorship call with me to know
what his next move should be so in order
for me to give him the skills and the
confidence that he needs to start
applying to cyber security job I
compiled the list of lab based Hands-On
cyber security training where he can
actually practice the concepts that he
learned instead of just scking boxes
cramming and passing multiple choice
exams this way he can learn a concept
apply it in a lab remember those
Concepts that he learned the training
and certification list that I provided
him with are challenging they will take
time but this is the only way to gain
real skill that will open so many doors
and lead to a very lucrative and
rewarding career my first recommendation
to him was a platform called let's
defend it's full of labs that focus on
the defensive technical side of cyber
security their website is a little bit
confusing but what I asked Josh to do
was their sock analyst pathway because
the skills that he will learn there can
qualify him to work in a security
Operation Center which will open so many
doors but Josh told me that his ultimate
goal was to work in digital forensics
which is a cyber security specialization
where you perform cyber forensic
examination as part of an investigation
yet I still advised him to follow let's
defend the stock analyst pathway so he
can have broad skills that will maximize
his chances of Landing a sa security job
even if the job is not directly influenc
the idea is to give him as many broad
marketable skills as possible to
maximize his chances of Landing a job
the specialization itself is not really
that important in the beginning so I
advised him to be as generic as possible
so he can qualify for a larger number of
jobs but then the next question he asked
me is this training recog recognized
this one drives me crazy there seem to
be this myth circulating around that
hiring in cyber security is based on
ticking boxes beginners seem to think
that we as hiring manager we only look
at the name of the training or the piece
of paper they think if they show us a
piece of paper then that's all we need
to qualify for a job which couldn't be
further from the truth they also seem to
think that the reason why they can't
plan the cyber security job is because
they don't have this magical recognized
piece of paper I have no idea who
started this idea but please please get
it out of your head we most definitely
don't look for certain keywords you are
not going to trick a hiring manager by
showing them the word comp in your CV
that is not what we look for sure in
some job descriptions we might list some
certifications that are nice to have but
please don't ignore the rest of the job
description where we list the skills
that we need for this job the skills
part of the job description is the most
important part this is what you you need
to focus on so yes lit's defend is not
widely known however the skills that you
will learn in that training are
Universal they apply to every situation
and every country your situation is not
special you are not a special snowflake
now the next training that I recommended
for Josh surprised him it was GC Mastery
there is a huge area in cyber security
called GRC which is the non-technical
side of cyber security there is so much
demand in this area and there was simply
no training that can cover Your Tracks
when it comes to GC so I created GC
Mastery which is fully practical full of
Hands-On labs and practical assessments
that will give you the skills that we
need for GRC jobs but Josh wasn't after
a untechnical cyber security job in fact
he wanted the complete opposite he
wanted to work in digital forensic which
is one of the most technical parts of
saba security so why did I recommend GC
Mastery well Josh is an electrician he
has never never worked in it before so
he has zero it experience so in his case
getting any cyber security job should be
his number one priority he shouldn't
Focus too much on the specialization in
the beginning instead he needs to have
the maximum number of skills that will
qualify him for the largest numbers of
cyber security jobs out there he simply
needs to get his foot in the door now
there are a lot of cyber security jobs
that are generalist in nature so they
want you to have more than one skill
this is really for small and
medium-sized organizations they will
usually want someone with the title
information security officer or a cyber
analyst where they want you to work with
their security service provider they
want you to respond to some incidents
but they also want you to run some
vulnerability scans conduct risk
management work with auditor and even
run security education awareness
campaign so that's a large number of
skills now they don't want you to have
deep knowledge in all of these areas but
they want you to touch on all of these
areas so so in order to maximize Josh's
chance of Landing any cyber security job
is for him to be a little bit more
well-rounded so combining technical
Security operation Center skills and GRC
skills will put him at an advantageous
point this will make him a lot more
attractive to an employer than someone
who simply just did one track or one
pathway this is key especially if you're
trying to land your first cyber security
job and you don't have any experience
now I talked about GRC Mastery in detail
in this video so please check it out now
Josh's next question was what about Blue
Team level one what about hack the Box
cdsa both are certifications that I've
personally recommended in previous
videos are they good should he do these
instead well the answer isn't what you
think but before we get to that I want
to thank the sponsor of this video n
pass business n pass business is a
password manager ideal for businesses
that want to maximize productivity did
you know that 50% of development teams
have missed de de lines due to issues
with accessing it infrastructure well n
pass makes managing passwords a lot more
efficient with easy to configure
password policies in fact 81% of data
breaches are caused by poor passwords
but the good news is with not pass you
can create strong passwords by default
the other big security problems that
businesses struggle with is sharing
sensitive data like passwords PIN codes
and even credit card information over
email but with not pass you can share
credential payment information and other
sensitive information safely and without
sacrificing convenience among your
teammates with full and limited rights
to ensure members only have access to
what they need but my favorite feature
is still the data breach notification
feature this allows you to change any
passwords that were compromised in a
breach before any damage is done but
best of all secure your business
effortlessly with a 3mon not pass trial
use the code Unix guy at notp pass.com
Unix guy it's a limited time offer and
back to the video so to answer the
question which training course is the
best you may not like the answer but it
is the truth which is it doesn't really
matter the reason why I recommend
courses like let's defend or hack the
box or try hack me is to Simply get you
out of the mindset of chasing multiple
choice based exams and keywords and
other stupid courses that don't teach
you anything I'm trying to get you to
focus on the skills on the Hands-On Labs
that will actually lead you to a job the
goal is to maximize your chances of
Landing a cyber security job it's not to
collect trophies and keywords and
certifications so the skills that you
learn in in Blue Team level one or hack
the box or let's defend they're all very
similar so it honestly doesn't matter
which one you choose pick one and go
with it till the end now for Josh I gave
him four options to do after he finishes
let's defend and GRC Mastery the first
one is try hack me sock one which is a
fantastic training it's a great chance
to practice everything that you've
learned and strengthen the knowledge
that you already have in a practical way
the second one is called cyber Defenders
they have a fantastic security analyst
certification that's fully lab based
that covers everything that you need to
work in a security Operation Center it's
really ideal for someone who want to be
a sock analyst or even a digital
forensic analyst the third option was
hack the Box cdsa again it's another
phenomenal handsome practical
certification that takes all the boxes
for what I look for in a good training
and the fourth one was blue Team level
one which is a phenomenal Hands-On
training that again teaches you
everything you need to work as a cyber
security analyst now the biggest
question that Josh had that we ended up
spending the majority of the Consulting
call on was at what point should he
start applying to cyber security job and
how many set should he do should he do
all of them should he pick one should he
pick two which one should he do first
well this is what I told Josh and this
is the mindset that I want you to have
as well once you finish one basic
foundational certification like let's
say the Google cyber security SE or even
comp Security Plus then the plan is to
start doing two things first immediately
pick a Hands-On practical cyber security
training and certification don't wait
start right away start start whilst
you're fresh pick any of the trainings
that I recommended it doesn't matter
which one if you're not sure which one
to pick then do them in the order that I
specified but the second thing that you
need to do is to start applying to cyber
security jobs as soon as possible yes
you will get rejected but you also might
plan the job you never know but the idea
is as you continue to study as you do
more and more practical Hands-On
training and as you apply to more and
more jobs you will have more confidence
you will get more experience in
interview settings you will start to
know which companies are hiring this way
your chances of Landing a job will go
way up for example let's say you did
let's defend and GC Mastery and now
you're doing try hack me so one and as
you apply to jobs you might get an
interview maybe you'll get a job but
let's say you get rejected that's fine
keep studying pick hack the Box this way
you will get to go over the same concept
that you learned you might learn
something new but more importantly you
get to have more projects on your CV the
idea is to continue studying and
continue applying until you land your
dream job I want you to have the winnner
mindset don't stop until you get to your
goal and it can happen really fast it
depends on how much time are you willing
to dedicate to it but it also comes down
to how bad do you want it how invested
are you now Josh actually made the
classic mistake that I see all beginners
make when they chy to land their first
cyber security job which is he was only
searching for digital forensics job and
he was complaining that there aren't
many digital forensics jobs advertised
this is not the correct way to look for
jobs in fact this is one of the five
mistakes that every beginner makes when
they try to land their first cyber
security job I talked about them in
detail in this video so please check it
out and I'll see you there
Посмотреть больше похожих видео
Step-By-Step Cybersecurity Beginner Learner's Guide | Cyber Security Training for Beginners 2023
FREE Cyber Security Training for Beginners (HIGH Demand Skills)
Cyber Security Certificate Tier List – UPDATED (2023)
How I Would Learn Cyber Security If I Could Start Over in 2024 (6 Month Plan)
GRC Certification Roadmap v1.0: Recommended Training and Certs #cybersecurity #grc
7 High Paying Certifications for Remote Jobs That ACTUALLY Work (2024)
5.0 / 5 (0 votes)