GRC Training Options - Training for a Governance, Risk, and Compliance (GRC) Career in Cybersecurity
Summary
TLDRThe video discusses GRC (Governance, Risk, and Compliance) training options for those interested in entering the field. It highlights a training bundle from EC-Council covering security risk management and frameworks like NIST RMF. The speaker emphasizes the importance of connecting theoretical knowledge to real-world scenarios by creating case studies based on actual companies' challenges. He also mentions another GRC masterclass and offers advice on showcasing skills on LinkedIn and in interviews. The video provides affiliate links for discounted training but encourages using free resources if on a budget.
Takeaways
- 📚 GRC (Governance, Risk, and Compliance) is a popular career field, and many viewers are interested in related training.
- 📖 Jerry's GRC Masterclass is recommended, and it might still be available for free or at a nominal fee.
- 💼 EC Council offers training on security risk management, including three courses covering the fundamentals of risk management, auditing, and frameworks like NIST RMF.
- 🔗 The speaker advises using training to learn fundamentals and then applying this knowledge to real-world scenarios, such as analyzing case studies from companies.
- 💡 Building your own case studies from company examples can demonstrate practical knowledge and help with job applications, especially on platforms like LinkedIn.
- 💻 Practical application of training is key for getting noticed by hiring managers, who are more impressed by those who can 'connect the dots' between training and real-world use cases.
- 📊 Certifications and degrees are helpful, but connecting theoretical knowledge to practical experience can make a candidate stand out even more.
- 🎯 The speaker emphasizes that many job listings are automated or fake, so it's important to focus on building skills and showcasing them instead of mass job applications.
- 💼 The speaker is an EC Council affiliate, and any purchases through their links offer a discount, typically around $79 (compared to $200), though prices may vary by region.
- 🤝 The speaker uses affiliate income to support community initiatives like providing scholarships and sending people to conferences, rather than for personal luxury.
Q & A
What is the primary focus of the video?
-The video focuses on GRC (Governance, Risk, and Compliance) training opportunities for individuals seeking to enter the GRC field, including courses and strategies to enhance job prospects.
What training does the speaker recommend for learning GRC fundamentals?
-The speaker recommends a bundle of three courses from EC Council that cover the fundamentals of security risk management, auditing, and the application of frameworks like NIST RMF. Additionally, they mention Jerry aer's GRC master class as another useful resource.
What advice does the speaker give for applying the knowledge from GRC training?
-The speaker suggests applying the knowledge gained from GRC training to real-world scenarios by studying case studies of companies you want to work for, creating hypothetical solutions for their challenges, and sharing this work on platforms like LinkedIn.
Why does the speaker emphasize 'connecting the dots' in the job application process?
-The speaker believes that being able to apply learned knowledge to real-world situations and demonstrating this understanding to potential employers is crucial. They argue that connecting theoretical knowledge to practical scenarios is often more valuable than having numerous certifications or degrees.
What is the benefit of using the speaker’s affiliate link for the EC Council training?
-Using the speaker’s affiliate link provides a discount on the EC Council training, reducing the price from around $200 to $79 for U.S. customers. The speaker also mentions that the earnings from the affiliate link help fund scholarships and other opportunities for the community.
How does the speaker suggest showcasing the knowledge gained from GRC training?
-The speaker recommends showcasing knowledge by creating case studies, applying the learning to real or hypothetical company scenarios, and then sharing these examples on social media platforms, especially LinkedIn, to attract the attention of hiring managers.
What is the significance of case studies according to the speaker?
-Case studies are significant because they provide real-world examples of how companies solve security challenges. The speaker advises using these to demonstrate the application of learned concepts and to help connect theoretical knowledge to practical, real-world problems.
What alternative does the speaker offer for those who may not have the budget for paid courses?
-For those who cannot afford paid courses, the speaker suggests utilizing free content like YouTube videos to learn GRC fundamentals and then applying this knowledge in the same way as with paid courses—by creating case studies and demonstrating practical understanding.
What does the speaker say about the job market and hiring process in cybersecurity?
-The speaker highlights that many job listings are not real (referred to as 'fake jobs') and emphasizes that showcasing practical knowledge and the ability to connect concepts to real-world applications is more effective in getting interviews than blindly applying to numerous jobs.
Why does the speaker recommend fixing your LinkedIn profile?
-The speaker advises fixing your LinkedIn profile to better showcase your skills, knowledge, and ability to apply GRC concepts. A well-optimized LinkedIn profile can help make a strong impression on hiring managers and improve the chances of landing interviews.
Outlines
📚 GRC Training Overview and Resources
The speaker introduces the topic of Governance, Risk, and Compliance (GRC) training, emphasizing its importance for those interested in a career in GRC. They mention popular videos on the channel that focus on GRC and recommend Jerry Aer's GRC Master Class, which might still be free or available for a nominal fee. Additionally, they highlight a training bundle from EC Council, which includes three courses related to security risk management, fundamentals of auditing, and organizational risk management. The speaker discusses the importance of applying this knowledge in practical ways by studying real-world case studies from companies like Splunk or eSentire, suggesting that learners create hypothetical case studies based on what they have learned to demonstrate their ability to apply GRC concepts in a professional context.
💡 How to Leverage GRC Training for Job Applications
The speaker continues by advising viewers on how to maximize the benefits of GRC training for career advancement. They suggest showcasing knowledge gained through these courses on LinkedIn, resumes, and during job interviews. Emphasizing the value of connecting theoretical knowledge to real-world applications, the speaker advises learners to create case studies from their training and use them as portfolio pieces. The focus is on demonstrating one's ability to solve real problems, which can impress hiring managers even if the candidate doesn't meet every qualification listed on the job description. This strategy is portrayed as a more effective way to stand out compared to simply collecting certifications.
Mindmap
Keywords
💡GRC
💡Risk Management
💡EC-Council
💡Certification
💡Jerry Aer's GRC Master Class
💡Fundamentals
💡Case Studies
💡NIST RMF
💡Affiliate Link
Highlights
Discusses GRC-related training options for those seeking jobs in the GRC field.
Mentions Jerry Aer's GRC Master Class as a recommended training resource.
Highlights the benefits of EC Council's training bundle focused on security risk management fundamentals.
Emphasizes the importance of understanding fundamental concepts like risk management and auditing for aspiring GRC professionals.
Encourages learners to create their own case studies based on real-world companies they want to work for, using knowledge from the training.
Advises using case studies to showcase the ability to apply GRC concepts to real-world scenarios on platforms like LinkedIn and resumes.
Highlights the EC Council's courses as a valuable resource for understanding frameworks like NIST RMF.
Clarifies that the provided link is an affiliate link and that discounts are available for the training bundle.
Encourages investing in training if it fits within one's budget, but warns against spending excessively or taking loans for it.
Mentions potential price variations based on geographic location for EC Council courses.
Stresses the importance of connecting the dots between training and real-world applications to stand out in job applications.
Describes the significance of showcasing practical application of skills rather than just listing certifications or degrees.
Suggests utilizing hypothetical case studies as a way to demonstrate problem-solving skills and industry knowledge.
Mentions the importance of a well-optimized LinkedIn profile and provides guidance on finding relevant resources on their channel.
Encourages engaging with the community and sharing insights gained from training on social media platforms.
Transcripts
hey everyone in this video I just want
to talk about some GRC related training
I know a lot of you um like GRC you're
trying to get a job in the GRC realm in
fact those are some of the most popular
videos on this channel so in addition to
Jerry aer's GRC master class which I'll
put in the description below as well
link to that and I think his course is
still free but he may be charging a
nominal fee for that but anyways it'll
be a link um so that Link's not an
affiliate link this this uh training
here is from EC console so if any of you
ever heard of the certified ethical
hacker examination or the c um that's
one of the many certifications that EC
Council offers I sit on their Advisory
board for the ethical hacking stuff
their Global Advisory Board um it's a
volunteer thing and they don't pay me
any money for that um however they do
have this kind of uh fundamental for
those of you kind of starting out out
there they have this fundamental
training around uh security risk
management and so you basically get
three courses in this uh you know 10
plus hours whatever um but basically
kind of walks you through some of the
fundamentals of risk management
fundamentals of auditing things like
that kind of understanding really that
top level view for organizations why
would you care about you know going
through a training like this um first
off it will help you kind of you know of
course get the fundamentals down right
some of the basic stuff in addition to
that you can then take what you've
learned here grab an example from like
the company you want to work at like
let's say for example um there uh let's
just say Splunk right very easy one uh
basically Sim solution they've got a
variety of things but basically simu
solution or you know what let's do eent
tire with your their xdr MDR Solutions
so basically they're they they host
based Solutions right so
anyways let's say that you want to work
at e sentire so what you do take
training like this or Jerry AZ or do it
on your own whatever you want to do but
then once you got the fundamentals down
then go look at some of the case studies
on East cti's website for clients
they've worked with and how they've
helped them and then build your own case
study with a hypothetical company
showing that you can actually apply all
this stuff that you're learning from you
know these various courses you've gone
through and then that is the type of
stuff that you show on like LinkedIn you
talk about in your resume if you get an
interview with a place you talk about it
in that interview right that's what we
talk about especially myself when I talk
about you need to connect the dots you
need to connect what you're learning to
the real world that's how you do that
stuff but it all starts with
understanding some of the fundamentals
and this is just one way that you can
learn the fundamentals with this
training from EC Council now full
disclaimer am an EC Council affiliate so
any links I share out for them I get a
few bucks on the back end if I ever get
enough to buy a yacht I'll invite all of
you to the yacht party but um let's be
realistic it's an affiliate stuff uh
it's not going to be trillions of
dollars or anything like that but the
good news for you because I'm an
affiliate you basically get it's a
roughly half off or so there you you get
it for about $79 us and it's normally
about $200 us so um again this this
particular bundle comes with three
courses around essentially risk
management and understanding how to
apply uh frame Frameworks like nist RMF
to actual like use cases right so again
don't look at this training essentially
as like the Holy Grail like oh I just
got to do this what I want all of you to
do if you decide to invest in this
training and a link will be right below
in the description but if you decide to
invest in it take the training the
knowledge that you've gained and then go
find a real company you want to work at
look at their case studies from their
marketing team of ask clients they've
helped and then figure out how you can
plug in what you've learned into that
and that helps you connect the dots
that's that's kind of that magical
formula that helps you not have to have
a bunch of certifications and not have
to have a bunch of college degrees and
all this other stuff that everybody else
collects you can literally just show hey
look I understand how to connect the
dots and you're much more likely to
actually get an interview than all these
other people applying to thousands and
thousands of jobs right and by the way
like half the jobs out there are fake
anyway so you spend all this time doing
all that when you could just learn the
fundamentals apply to the real world
show that on social media especially
LinkedIn talk about here's you know I
learned this in this training and I
decided to take this case study and
here's you know I created a fictitious
Healthcare company for example unless is
a problem they were struggling with and
this is how I you know I would help them
solve that that is huge for a hiring
manager unless you're an idiot but for
most hiring managers out there they're
not idiots that's why they're a hiring
manager in a management position um and
so that's really powerful at least
especially for myself like if I'm hiring
and I see somebody that can connect the
dots even if they don't have all the
check boxes in the job description for
skills and CTS and all the other crazy
things we all want to gatekeep with if
they can connect the dots they're 99% of
the way there in my mind right I just
got to train them a little bit for my
particular company and the particular
problems that we're trying to solve so
anyways all that being said um I will
link two trainings below one is going to
be Jerry aer's training again I don't
know if it's still still free or not but
it used to be a free JC Master Class
many of you might have already taken it
and then I'm also going to put my um
again it's an affiliate link full
disclaimer so if you don't want to click
my affiliate link um your security
people you should know how to remove an
affiliate link from a URL uh if not just
let me know but anyways anything I earn
through that just really supports me um
getting people like try hack me vouchers
and scholarships and paying for people
to go to conferences and all all these
other things that you all see me doing
or sometimes you don't even know I'm
doing behind the scenes um so that's
really I'm like I said I'm not going to
buy a yacht with this stuff so anyways I
digress the link for this will be below
but definitely something worth checking
out if you have it in your budget uh
don't go like take out a loan at the
bank to buy this that's silly right you
can you know you can take like free
content or YouTube videos and kind of
craft it yourself um but if you've got
the budget here for this uh again $79 us
um and I don't know they pricing in
other countries if you open up this URL
it could it might give you less a lower
price based on where you are I don't
know if they have that um set up with
EAS console or not so um it could be
cheaper you might see it as a cheaper
price based on where you are or it might
be that same price across the board um
they are a global organization so again
they might have it a lower price
elsewhere but basically again you get
these three courses here walk you
through some of the fundamentals and
then what I want all of you to do though
if you decide to invest in this training
and or if you go through Jerry's
training is actually go apply it like
because you want to be in GRC show that
on social media show how you can
actually connect the dots apply it to
the real world and that's going to help
you quite a bit of course you need to
fix your LinkedIn profile which I've
already got videos about how to do that
here on this channel just search for
LinkedIn and it should pull up for you
so anyways check Below in the
description of this video you'll find
all the links you need let let me know
in the comments if you have any trouble
with links or if you have additional
questions around um either GRC related
careers or cyber security careers in
general
浏览更多相关视频
GRC Certification Roadmap v1.0: Recommended Training and Certs #cybersecurity #grc
Learn How to Make an Awesome Career in GRC and Find Your Path to Success!
IT Security Governance Overview
IT:16 Cybersecurity Training Platforms
Cyber Security Certificate Tier List – UPDATED (2023)
Como demonstrar meu conhecimento/trabalho: o gestor de projetos tem um portfólio?
5.0 / 5 (0 votes)