Are You Ready for a Cybersecurity Job in 2024?

00:00

if you're wondering how to get started

00:01

in cyber security this year you

00:02

definitely come to the right place my

00:04

name is Josh Mador for those who don't

00:05

already know and I've helped a whole

00:07

bunch of people on my channel and in

00:09

general get jobs in cyber security and

00:11

it and I've worked in a lot of different

00:13

domains of cyber security myself so I

00:15

have a really good intuition of how to

00:17

break into the field and I do want to

00:19

say before we get started me and my team

00:21

built a whole bunch of 100% free exam

00:24

test Banks like a lot of practice

00:25

questions for most of the compas like

00:28

CompTIA A+ Network plus security plus CA

00:31

plus project plus we're building pentest

00:33

plus right now cissp and itail and we're

00:36

going to build a whole bunch more so

00:37

definitely check those out and exchange

00:39

for the free practice questions please

00:41

consider subscribing I would really

00:43

appreciate it a lot I'm not going to

00:44

sell anything in this video it's going

00:46

to be purely informational and I'm

00:48

really confident about my viewpoint as

00:50

in I think I'm right about what I'm

00:51

saying so if you think I'm wrong

00:53

definitely let me know in the comments

00:55

we can have a discussion about it or

00:56

something people tend to get confused

00:58

about breaking into the field and no

01:00

doubt you've heard people say like oh

01:01

you need to know how to code you need to

01:03

know how to use Linux but the reality is

01:05

there's a lot of different domains in

01:07

cyber security and it's not like an

01:08

auditor is going to need to know how to

01:10

use python or somebody working in

01:12

governance is going to need to know the

01:14

ins and outs of Linux or something like

01:16

this it just doesn't make sense it

01:18

depends on where you're working right

01:19

and it's not like every single job is

01:21

really clean cut like oh this is a a

01:23

governance job this is an operations job

01:25

like the title will be as such sometimes

01:28

but for example I was working as a

01:30

vulnerability Management program manager

01:32

like a a program manager but I would use

01:34

Linux sometimes because my platform was

01:36

on Linux and i' would have to

01:37

troubleshoot it and I would use

01:39

programming sometimes because I needed

01:40

to do something I needed to automate

01:43

something to make my job and life easier

01:44

so there's a lot of like mixture between

01:47

them so it's not like you need to study

01:49

only audit and like be an auditor like

01:51

you can but it's it's more like mixed up

01:53

than that so it can be kind of hard to

01:55

pick where to focus but I will say for

01:57

sure especially for new people everyone

02:00

trying to get into cyber security should

02:02

have at least Security Plus level

02:03

knowledge I'm not necessarily saying go

02:05

and give comp to you $44 or something

02:08

like this but you should have that level

02:11

of knowledge you can get it for free

02:12

from Professor meso or even the Google

02:14

cyber security program for free if you

02:17

like Blitz it in 7 Days um or you just

02:20

you know get that certification and make

02:22

sure you absorb as much as you can but

02:24

everyone should have at least that level

02:26

of knowledge and I do talk about this on

02:28

my channel a lot uh this is something I

02:30

came up with to help you think about

02:32

what you need to do in order to increase

02:34

your chances of breaking into any field

02:36

really but particularly cyber security

02:38

for this example basically everything

02:40

boils down to getting an interview

02:42

passing an interview those are the only

02:44

two things that you need to worry about

02:45

and all these other boxes are just

02:48

facilitators for those things so for

02:50

example like social network if your dad

02:52

is the CEO of crowd strike that's like a

02:55

really strong social network and then

02:56

you probably don't really need much of

02:58

anything else right if you have a strong

03:00

enough social network but if you don't

03:02

have that you know you can make up for

03:04

in other areas for example having a

03:05

really good resume and having really

03:07

good interview skill so basically you

03:09

can use this chart and measure it

03:10

against yourself and really be honest

03:12

with yourself and kind of see where your

03:14

gaps are I'm just going to like talk

03:16

about some general things that you can

03:18

do for example if you don't have a

03:19

resume I'll put at least I'll put a link

03:21

to that in the in the description so you

03:23

can copy that resume but if you don't

03:25

have education can you afford one in

03:26

terms of time or money cuz you can get a

03:28

bachelor's degree from ugu for like

03:31

relatively inexpensive compared to like

03:33

20 years ago when you have to waste four

03:35

or 5 years do you have any

03:36

certifications cuz you don't need

03:38

certifications to break an it but it

03:40

certainly will help you for sure like

03:43

can you afford to get comts Security

03:45

Plus right cuz that has a lot of name

03:47

recognition and if you can't afford to I

03:49

would recommend getting that level of

03:51

knowledge and then putting on your

03:52

resume like comp Security Plus in

03:55

progress or something like this um at

03:57

least that will give you an ATS hit for

03:59

like those Auto aut at resum scanners if

04:01

you don't have a portfolio this is

04:03

really huge especially if you're trying

04:04

to break into cyber security you you

04:06

really need to make one right so you can

04:09

use this video to learn how to make a

04:11

portfolio you can use this video to

04:14

create some cybercity projects to go on

04:15

it if you don't have any experience you

04:18

can always generate experience for

04:20

yourself right you can make a bunch of

04:21

cyber security content creation make

04:23

your own LLC or something publish that

04:25

content on like YouTube or a blog or

04:27

LinkedIn or something you can build like

04:29

a mini following by posting like

04:31

Security Plus practice question like

04:33

polls every day or something put that on

04:35

your resume it's something it's better

04:37

than not having any experience right

04:39

there's always something that you can do

04:41

to make your resume decent and then in

04:42

terms of passing your interview like

04:44

self-presentation this is like really

04:46

obvious you know clean yourself up and

04:48

be appropriate looking but in terms of

04:50

interview skill and Technical ability

04:52

this will this is where labing comes

04:54

into practice like doing Labs practicing

04:57

Labs doing something over and over and

04:58

over again because the more you do

05:00

something the better you're going to

05:02

like the better intuition you're going

05:03

to have for it and the easier it is and

05:06

the easier it's going to be to talk

05:07

about it once you actually get into the

05:09

interview and of course there and of

05:11

course you can actually practice

05:13

interviewing as well I have a couple of

05:14

videos that go over a bunch of different

05:16

practice questions teach you like

05:18

interview Theory and like how to

05:20

interview properly and stuff so you can

05:21

watch those and get better at

05:23

interviewing and if you're wondering how

05:24

to do this or what projects to do um

05:26

I'll tell you but I'm going to talk

05:28

about my course a bit because kind of

05:30

have to so sorry about that but I just I

05:32

did just get done interviewing probably

05:34

about 10 people who went through my

05:36

course and then ended up getting some

05:37

kind of job in cyber security or it and

05:41

most of them had this experience where

05:43

they they went through the course and

05:44

they do the lab portion of the course a

05:46

lot which I'll tell you like everything

05:47

is that's in it so you can just do it on

05:49

your own without buying the course if

05:51

you want to but most of those people

05:53

they went through the the lab portion a

05:55

lot and they talked about it and showed

05:56

it to the interviewer and the

05:58

interviewer really impressed with with

06:00

with what they're doing like you don't

06:01

have to be like I went through Josh's

06:03

course I don't want people to say that

06:05

rather I want them to be like oh I did

06:07

this project right and the project is

06:09

impressive cuz basically they just build

06:11

inside of Microsoft Azure like in the

06:13

cloud they we set up a miniature sock

06:16

and then we expose a bunch of our assets

06:19

like virtual machines to the live

06:21

internet and it gets attacked inevitably

06:23

from Bots and Bad actors and then we

06:26

Aggregate and kind of display the attack

06:28

data on maps and we practice incident

06:30

response against the attacks and it's a

06:33

really good lab especially if you do it

06:34

many times because it gives you a good

06:36

in gives you a good intuition of

06:39

security operations and incident

06:40

response and it really shows that you

06:42

have at least it conveys a passion that

06:44

you have like passion for cyber security

06:46

so I I would recommend doing that like

06:49

you don't necessarily have to go through

06:51

the course to do it you can do those

06:53

things on your own just do it many times

06:55

and then put it on your resume and then

06:56

you can talk about it and it's really

06:58

impressive and you don't even have to do

07:00

that lab like I have a bunch of other

07:02

projects like that you can follow for

07:04

free and if you do them and you're able

07:06

to talk about them in the interview

07:08

right it will convey some kind of

07:10

passion and it will impress interviewers

07:12

and as someone who's hired a lot of

07:13

people this is to be honest I like to

07:16

see like you know Security Plus and

07:18

those like basic things but I really

07:20

like to see when people go out of their

07:22

way to do something extra and they're

07:24

able to talk about it cuz it really does

07:27

convey passion and it shows that your

07:29

doing those like extra stuff that your

07:31

peers aren't doing so it's really

07:33

important whether or not it's you know

07:35

my course my free projects on YouTube or

07:38

you just make up your own you should

07:40

really do something and have it on your

07:42

resume and you you should have done it

07:44

enough times to where you can like

07:45

easily talk about it and for full

07:47

transparency this is all the stuff

07:49

that's in my course so you can kind of

07:51

look at it and then go and try to study

07:53

it and implement it on your own the

07:55

benefit of the course is it's just kind

07:57

of like packaged up nicely but I'm not

07:59

like selling information where like this

08:02

is my information I'm selling it to you

08:04

like you can you can have those for free

08:06

right the course it just cost money

08:08

because it it costs money to maintain

08:10

and update it because Azure is like

08:12

changing all the time and there's like

08:13

an internship component um in the course

08:16

as well that cost like energy to like

08:18

maintain right but you can pretty much

08:21

Implement all the stuff for free right

08:23

and in terms of like if you're ready to

08:26

actually start applying for cyber

08:27

security jobs if your resume look

08:29

something like this this is kind of like

08:31

an ideal resume for a new person trying

08:33

to break into cyber security I'll kind

08:35

of put something on the screen here so

08:38

this is this is basically the resume

08:40

that students in my course they will get

08:42

this template and then after they go

08:44

through the course it will look

08:45

something like this so if you can make

08:47

your resume look like this and then you

08:50

can you know make sure it's like the

08:52

truth right like study all those things

08:54

do all of do all of the stuff so you are

08:56

like this person and then you start

08:58

applying to jobs like nice quality

09:00

applications then you know obviously

09:03

you're going to be able to start getting

09:04

interviews and if you've practiced your

09:06

lab enough times and you've practiced

09:08

interview questions enough times you're

09:10

just going to get hired uh eventually

09:12

and that's the reality of things and

09:14

this this resume is more like security

09:17

operations Centric because it involves

09:19

dealing with the lab quite a bit where

09:21

we do you know incident response but

09:23

there's a lot of other stuff on here

09:25

that you can see like the um regulatory

09:27

stuff like PCI DSS knowledge of HIPPA

09:30

some nist Frameworks like nist

09:32

853 um I don't know if I put cyber

09:35

security framework on here but if your

09:36

resume looks something like this and all

09:38

of these certifications are here the

09:40

these are mostly free or really cheap uh

09:44

so for example this like FEMA Incident

09:46

Management System that's like an

09:48

incident response certification that you

09:50

like training you can get for free

09:51

online you can Google it qualus V

09:54

vulnerability management this is also

09:55

free and it's something I recommend

09:57

students get and put on their resume

09:59

comp Security Plus once you have that

10:01

level of knowledge you can put comp

10:03

Security Plus like in progress on your

10:05

resume if you're you know studying for

10:06

it just be prepared to to talk about it

10:08

projects a nice project section

10:10

portfolio at the top just make sure you

10:13

know your resume is good and square to

10:15

way like this and if you can make this a

10:17

reality then you're ready to start

10:19

applying to jobs and work in cyber

10:21

security with you know it will takes

10:23

some effort but I can say that you're

10:25

ready at this point and then in terms of

10:27

what jobs to apply for pretty much

10:29

anything and everything but you can be

10:31

somewhat realistic for example you're

10:33

probably not going to get like Chief

10:35

Information Security Officer or senior

10:37

security architect probably not for your

10:39

first job I mean I was working in it

10:42

already and my first cyber security job

10:44

was like senior information security

10:45

analyst so like don't completely rule it

10:47

out but once your resume is like looking

10:50

pretty decent like this and you have a

10:52

decent amount of projects or at least

10:54

one project that's kind of big that

10:55

you've done a lot of times people will

10:57

see that and they'll be like oh person

10:59

has they know about cyber security they

11:01

have a passion and they obviously have

11:03

an aptitude and they're able to execute

11:05

on your own this is like kind of an

11:07

indicator that you're able to do like a

11:09

lot of different other things right so

11:11

I've had somebody they went through the

11:13

cyber security course and they executed

11:15

on it really really well and their first

11:17

job was information security officer and

11:19

they're kind of in management like

11:21

program manager like their first job me

11:23

I've seen this like many times and it's

11:25

happened to me as well so the the more

11:27

you kind of like sharpen your the better

11:30

job that you're going to be able to get

11:31

when you actually get into the field it

11:33

seems it seems crazy and cyber security

11:36

is kind of considered midcareer but

11:38

there's no there's no rule or law that

11:40

says like oh you need to like go through

11:42

all this other BS first before you can

11:44

make you know 70 80 90 100K as your for

11:47

your first job in cyber security it's

11:49

it's possible anyone who says it's not

11:52

possible is is wrong and they're

11:53

gatekeeping and they're like you know

11:55

they have some problem in my opinion but

11:57

it's just a matter of like how much

11:58

you're willing to sharpen your axe

12:00

obviously right even somebody sitting in

12:02

their mom's basement right they're just

12:04

like doing ethical hacking and Bug

12:06

Bounty all day like sweating and playing

12:08

valerant and eating Cheetos but they're

12:10

really good at bug Bounty they it's

12:11

possible they get hired as like senior

12:13

absec engineer at some like Fortune 500

12:16

company because their skill is like so

12:18

good and they displayed aptitude and

12:20

passion that's like really all it boils

12:22

down to and then the employability

12:24

framework is just like a guide to kind

12:26

of help you understand where you're weak

12:28

like what you need to care about and if

12:29

you're missing something you know at

12:31

least you can look at that framework and

12:33

then decide to make up for it somewhere

12:35

else if that makes sense so yeah to

12:36

recap look at this framework you know

12:39

get a good Baseline of security level

12:41

knowledge if you have money just get

12:43

Security Plus if you don't have money

12:45

get that level of knowledge and then

12:47

everyone else you know everyone should

12:49

be having a portfolio making their

12:51

resume good just adhere to this

12:53

framework as as good as you can in terms

12:56

of like what your money and time and

12:57

energy will allow make sure your resume

13:00

is good use this one use these free

13:02

practice questions if you want and just

13:04

start applying to jobs hope this helps