Underrated Cyber Security Certs that WILL get you HIRED

00:00

if you are told you must do the comp A

00:02

Plus network plus Security Plus and CCNA

00:05

before you get into cyber security then

00:07

you're listening to the same stupid

00:09

advice that was given to me 20 years ago

00:12

but what if I told you that every week

00:14

on this YouTube channel I post weekly

00:17

success stories from all over the world

00:19

by following advice from this YouTube

00:21

channel without even doing any compa or

00:24

CCNA instead they do other Sears and

00:26

training that you may not have even

00:28

heard of like the ones that I recommend

00:30

it to Josh so Josh who's 32 years old

00:33

booked a career mentorship call with me

00:35

last week he is an electrician he lives

00:37

in the US and he also did a cyber

00:40

security degree from WGU University

00:42

which comes with a lot of compa

00:45

certificates yet he was confused because

00:47

he followed the conventional wisdom of

00:49

getting those foundational certificates

00:51

yet he felt like he learned nothing he

00:54

didn't feel confident enough to even

00:56

apply to cyber security jobs but the

00:58

problem is if he doesn't apply to cyber

01:00

security jobs he will not gain that

01:02

confidence that he's after he needs to

01:05

be in interviews he needs to learn how

01:07

to answer questions on the spot this is

01:10

how we gain confidence so he booked a

01:12

career mentorship call with me to know

01:14

what his next move should be so in order

01:16

for me to give him the skills and the

01:18

confidence that he needs to start

01:20

applying to cyber security job I

01:22

compiled the list of lab based Hands-On

01:24

cyber security training where he can

01:26

actually practice the concepts that he

01:28

learned instead of just scking boxes

01:30

cramming and passing multiple choice

01:33

exams this way he can learn a concept

01:35

apply it in a lab remember those

01:37

Concepts that he learned the training

01:39

and certification list that I provided

01:41

him with are challenging they will take

01:43

time but this is the only way to gain

01:46

real skill that will open so many doors

01:49

and lead to a very lucrative and

01:51

rewarding career my first recommendation

01:54

to him was a platform called let's

01:56

defend it's full of labs that focus on

01:59

the defensive technical side of cyber

02:01

security their website is a little bit

02:03

confusing but what I asked Josh to do

02:06

was their sock analyst pathway because

02:09

the skills that he will learn there can

02:11

qualify him to work in a security

02:13

Operation Center which will open so many

02:15

doors but Josh told me that his ultimate

02:17

goal was to work in digital forensics

02:20

which is a cyber security specialization

02:22

where you perform cyber forensic

02:24

examination as part of an investigation

02:27

yet I still advised him to follow let's

02:29

defend the stock analyst pathway so he

02:31

can have broad skills that will maximize

02:34

his chances of Landing a sa security job

02:37

even if the job is not directly influenc

02:39

the idea is to give him as many broad

02:41

marketable skills as possible to

02:44

maximize his chances of Landing a job

02:46

the specialization itself is not really

02:48

that important in the beginning so I

02:50

advised him to be as generic as possible

02:53

so he can qualify for a larger number of

02:56

jobs but then the next question he asked

02:58

me is this training recog recognized

03:00

this one drives me crazy there seem to

03:02

be this myth circulating around that

03:05

hiring in cyber security is based on

03:07

ticking boxes beginners seem to think

03:10

that we as hiring manager we only look

03:12

at the name of the training or the piece

03:14

of paper they think if they show us a

03:16

piece of paper then that's all we need

03:18

to qualify for a job which couldn't be

03:20

further from the truth they also seem to

03:22

think that the reason why they can't

03:24

plan the cyber security job is because

03:26

they don't have this magical recognized

03:29

piece of paper I have no idea who

03:31

started this idea but please please get

03:33

it out of your head we most definitely

03:35

don't look for certain keywords you are

03:38

not going to trick a hiring manager by

03:40

showing them the word comp in your CV

03:42

that is not what we look for sure in

03:44

some job descriptions we might list some

03:47

certifications that are nice to have but

03:49

please don't ignore the rest of the job

03:51

description where we list the skills

03:53

that we need for this job the skills

03:55

part of the job description is the most

03:57

important part this is what you you need

04:00

to focus on so yes lit's defend is not

04:03

widely known however the skills that you

04:05

will learn in that training are

04:07

Universal they apply to every situation

04:10

and every country your situation is not

04:13

special you are not a special snowflake

04:15

now the next training that I recommended

04:18

for Josh surprised him it was GC Mastery

04:22

there is a huge area in cyber security

04:24

called GRC which is the non-technical

04:26

side of cyber security there is so much

04:28

demand in this area and there was simply

04:30

no training that can cover Your Tracks

04:32

when it comes to GC so I created GC

04:35

Mastery which is fully practical full of

04:37

Hands-On labs and practical assessments

04:39

that will give you the skills that we

04:41

need for GRC jobs but Josh wasn't after

04:45

a untechnical cyber security job in fact

04:47

he wanted the complete opposite he

04:49

wanted to work in digital forensic which

04:51

is one of the most technical parts of

04:53

saba security so why did I recommend GC

04:56

Mastery well Josh is an electrician he

04:59

has never never worked in it before so

05:01

he has zero it experience so in his case

05:04

getting any cyber security job should be

05:07

his number one priority he shouldn't

05:09

Focus too much on the specialization in

05:11

the beginning instead he needs to have

05:13

the maximum number of skills that will

05:15

qualify him for the largest numbers of

05:17

cyber security jobs out there he simply

05:19

needs to get his foot in the door now

05:21

there are a lot of cyber security jobs

05:24

that are generalist in nature so they

05:26

want you to have more than one skill

05:28

this is really for small and

05:31

medium-sized organizations they will

05:33

usually want someone with the title

05:34

information security officer or a cyber

05:37

analyst where they want you to work with

05:39

their security service provider they

05:41

want you to respond to some incidents

05:43

but they also want you to run some

05:45

vulnerability scans conduct risk

05:47

management work with auditor and even

05:49

run security education awareness

05:51

campaign so that's a large number of

05:53

skills now they don't want you to have

05:55

deep knowledge in all of these areas but

05:57

they want you to touch on all of these

05:59

areas so so in order to maximize Josh's

06:01

chance of Landing any cyber security job

06:04

is for him to be a little bit more

06:06

well-rounded so combining technical

06:08

Security operation Center skills and GRC

06:11

skills will put him at an advantageous

06:13

point this will make him a lot more

06:16

attractive to an employer than someone

06:17

who simply just did one track or one

06:20

pathway this is key especially if you're

06:22

trying to land your first cyber security

06:24

job and you don't have any experience

06:27

now I talked about GRC Mastery in detail

06:29

in this video so please check it out now

06:31

Josh's next question was what about Blue

06:33

Team level one what about hack the Box

06:35

cdsa both are certifications that I've

06:38

personally recommended in previous

06:40

videos are they good should he do these

06:42

instead well the answer isn't what you

06:44

think but before we get to that I want

06:46

to thank the sponsor of this video n

06:48

pass business n pass business is a

06:51

password manager ideal for businesses

06:53

that want to maximize productivity did

06:55

you know that 50% of development teams

06:58

have missed de de lines due to issues

07:01

with accessing it infrastructure well n

07:03

pass makes managing passwords a lot more

07:06

efficient with easy to configure

07:09

password policies in fact 81% of data

07:12

breaches are caused by poor passwords

07:15

but the good news is with not pass you

07:17

can create strong passwords by default

07:20

the other big security problems that

07:22

businesses struggle with is sharing

07:24

sensitive data like passwords PIN codes

07:27

and even credit card information over

07:29

email but with not pass you can share

07:32

credential payment information and other

07:35

sensitive information safely and without

07:38

sacrificing convenience among your

07:40

teammates with full and limited rights

07:43

to ensure members only have access to

07:46

what they need but my favorite feature

07:48

is still the data breach notification

07:50

feature this allows you to change any

07:53

passwords that were compromised in a

07:55

breach before any damage is done but

07:58

best of all secure your business

08:00

effortlessly with a 3mon not pass trial

08:03

use the code Unix guy at notp pass.com

08:07

Unix guy it's a limited time offer and

08:09

back to the video so to answer the

08:11

question which training course is the

08:13

best you may not like the answer but it

08:16

is the truth which is it doesn't really

08:19

matter the reason why I recommend

08:20

courses like let's defend or hack the

08:22

box or try hack me is to Simply get you

08:25

out of the mindset of chasing multiple

08:27

choice based exams and keywords and

08:29

other stupid courses that don't teach

08:31

you anything I'm trying to get you to

08:33

focus on the skills on the Hands-On Labs

08:36

that will actually lead you to a job the

08:38

goal is to maximize your chances of

08:40

Landing a cyber security job it's not to

08:42

collect trophies and keywords and

08:44

certifications so the skills that you

08:46

learn in in Blue Team level one or hack

08:49

the box or let's defend they're all very

08:51

similar so it honestly doesn't matter

08:53

which one you choose pick one and go

08:55

with it till the end now for Josh I gave

08:57

him four options to do after he finishes

09:00

let's defend and GRC Mastery the first

09:03

one is try hack me sock one which is a

09:05

fantastic training it's a great chance

09:07

to practice everything that you've

09:09

learned and strengthen the knowledge

09:11

that you already have in a practical way

09:13

the second one is called cyber Defenders

09:15

they have a fantastic security analyst

09:18

certification that's fully lab based

09:20

that covers everything that you need to

09:22

work in a security Operation Center it's

09:24

really ideal for someone who want to be

09:26

a sock analyst or even a digital

09:28

forensic analyst the third option was

09:30

hack the Box cdsa again it's another

09:33

phenomenal handsome practical

09:35

certification that takes all the boxes

09:37

for what I look for in a good training

09:39

and the fourth one was blue Team level

09:42

one which is a phenomenal Hands-On

09:44

training that again teaches you

09:45

everything you need to work as a cyber

09:47

security analyst now the biggest

09:49

question that Josh had that we ended up

09:51

spending the majority of the Consulting

09:53

call on was at what point should he

09:56

start applying to cyber security job and

09:58

how many set should he do should he do

10:00

all of them should he pick one should he

10:03

pick two which one should he do first

10:06

well this is what I told Josh and this

10:08

is the mindset that I want you to have

10:10

as well once you finish one basic

10:12

foundational certification like let's

10:14

say the Google cyber security SE or even

10:16

comp Security Plus then the plan is to

10:19

start doing two things first immediately

10:23

pick a Hands-On practical cyber security

10:25

training and certification don't wait

10:27

start right away start start whilst

10:29

you're fresh pick any of the trainings

10:31

that I recommended it doesn't matter

10:33

which one if you're not sure which one

10:35

to pick then do them in the order that I

10:36

specified but the second thing that you

10:39

need to do is to start applying to cyber

10:41

security jobs as soon as possible yes

10:44

you will get rejected but you also might

10:46

plan the job you never know but the idea

10:49

is as you continue to study as you do

10:51

more and more practical Hands-On

10:53

training and as you apply to more and

10:56

more jobs you will have more confidence

10:58

you will get more experience in

11:00

interview settings you will start to

11:02

know which companies are hiring this way

11:04

your chances of Landing a job will go

11:06

way up for example let's say you did

11:09

let's defend and GC Mastery and now

11:11

you're doing try hack me so one and as

11:14

you apply to jobs you might get an

11:15

interview maybe you'll get a job but

11:18

let's say you get rejected that's fine

11:20

keep studying pick hack the Box this way

11:22

you will get to go over the same concept

11:24

that you learned you might learn

11:26

something new but more importantly you

11:28

get to have more projects on your CV the

11:31

idea is to continue studying and

11:33

continue applying until you land your

11:35

dream job I want you to have the winnner

11:38

mindset don't stop until you get to your

11:40

goal and it can happen really fast it

11:43

depends on how much time are you willing

11:44

to dedicate to it but it also comes down

11:47

to how bad do you want it how invested

11:49

are you now Josh actually made the

11:51

classic mistake that I see all beginners

11:53

make when they chy to land their first

11:55

cyber security job which is he was only

11:58

searching for digital forensics job and

12:00

he was complaining that there aren't

12:02

many digital forensics jobs advertised

12:04

this is not the correct way to look for

12:06

jobs in fact this is one of the five

12:09

mistakes that every beginner makes when

12:11

they try to land their first cyber

12:13

security job I talked about them in

12:15

detail in this video so please check it

12:17

out and I'll see you there