CYBERSECURITY GUIDIE THREAD
So you want to pursue the Cybersecurity pathway for IT.
This will be a collection of information to help you get into the pathways.
(Any cybersecurity recruiters and senior level employees will also agree with this thread, ask them)
So you want to pursue the Cybersecurity pathway for IT.
This will be a collection of information to help you get into the pathways.
(Any cybersecurity recruiters and senior level employees will also agree with this thread, ask them)
First off
Cybersecurity is NOT entry level at all. This is just a marketing buzz they are doing because they are DESPERATE for basic qualified candidates
That "you need 5 years" IS A LIE
Basically they mean "3 certs and some labs".
Cybersecurity is NOT entry level at all. This is just a marketing buzz they are doing because they are DESPERATE for basic qualified candidates
That "you need 5 years" IS A LIE
Basically they mean "3 certs and some labs".
Its VERY VERY common for people to go from level 1 or level 2 helpdesk to engineers in less than a year, matter a fact, people become even Analysts in less than a year from entirely DIFFERENT industries
My background:
Im currently a self study student and have been using versions of Linux since a child. My degree isnt related to the pathway at all.
In IT in general, its common to have unrelated majors to it and not in a degree at all
Experience > Certs > Degree
Im currently a self study student and have been using versions of Linux since a child. My degree isnt related to the pathway at all.
In IT in general, its common to have unrelated majors to it and not in a degree at all
Experience > Certs > Degree
Now before you can go into the pathway the you MUST have a fundamental understanding of networking.
The CCNA is a need, not the network+, the CCNA. Cisco MADE networking
After the CCNA id advise the Vmware VCP-NV
Virtualization is VERY critical in Cybersecurity
The CCNA is a need, not the network+, the CCNA. Cisco MADE networking
After the CCNA id advise the Vmware VCP-NV
Virtualization is VERY critical in Cybersecurity
With virtualization, you'll also need an understanding of Linux. Avoid the Linux+ its shit.
RHCSA is a good well rounded linux cert which will help you get an understanding of more Linux advanced operating systems
RHCSA is a good well rounded linux cert which will help you get an understanding of more Linux advanced operating systems
Those 3 alone can get you some networking job.
Now to understanding cybersecurity, there's 3 teams basically
Blue team - Defense - Analysts
Red team - Offense - Pen testers/vulnerability testers
Purple team - Both/create security plans - Engineers/Architects
Now to understanding cybersecurity, there's 3 teams basically
Blue team - Defense - Analysts
Red team - Offense - Pen testers/vulnerability testers
Purple team - Both/create security plans - Engineers/Architects
With job outlook the most in demand roles are as followed
Engineers > Analysts > Pen Testers
The demand for Analysts and Engineers is like 4 to 1 compared to Pen Testers
But ALL are in high demand and ALL have jobs that go vacant for months
Engineers > Analysts > Pen Testers
The demand for Analysts and Engineers is like 4 to 1 compared to Pen Testers
But ALL are in high demand and ALL have jobs that go vacant for months
Most people begin as level 1 Security Analysts (also called socs) and you can branch to upper level blue, red, or purple if you please. Its on you.
Enginners and Architects get paid the most, followed by Pen testers, than Analysts (unless its level 3)
ALL start around 70k
Enginners and Architects get paid the most, followed by Pen testers, than Analysts (unless its level 3)
ALL start around 70k
In simple terms
Level 1 SOCs start at 60k
Level 2 SOCS , level 1 pen testers, and level 1 engineers its over 75k usually,
Level 2 engineers and pen testers and Level 2 SOCS should be around 90k
Now ANY level 3 role if its around 90k YOU ARE UNDERPAID
Level 1 SOCs start at 60k
Level 2 SOCS , level 1 pen testers, and level 1 engineers its over 75k usually,
Level 2 engineers and pen testers and Level 2 SOCS should be around 90k
Now ANY level 3 role if its around 90k YOU ARE UNDERPAID
Across the board ALL the mediun incomes are increasingly about 3k-7k a year
In possibly 3 years from now the medium income for engineers will be around 135k-145* or more, its current around 90-120k
In possibly 3 years from now the medium income for engineers will be around 135k-145* or more, its current around 90-120k
How to become a Level 1 Security/SOC Analyst/Incident Reporter (Blue Team)
After networking certs id advise this
Sec+ -> CySa+ or CCNA Cyber Ops + Labs
This will make you a level 1 Analyst basically.
After networking certs id advise this
Sec+ -> CySa+ or CCNA Cyber Ops + Labs
This will make you a level 1 Analyst basically.
How to become just a Pentester/ Vulnerability Tester (Red team)
Sec+ -> study the material from Pentest + and or a ejpt sponsor if you can -> OSCP
I only advise CEH for government roles. But for clearance once you have Sec+.
Pen Test+ is 8570 and cheaper than CEH but harder
Sec+ -> study the material from Pentest + and or a ejpt sponsor if you can -> OSCP
I only advise CEH for government roles. But for clearance once you have Sec+.
Pen Test+ is 8570 and cheaper than CEH but harder
If you dont have the OSCP its EXTREMELY hard to be a pen tester. It IS the baseline and IS the level
It doesn't have everything but it WILL get you a job
Yes you will also need to learn SOME programming like Python and Ruby but the certs will cover this
It doesn't have everything but it WILL get you a job
Yes you will also need to learn SOME programming like Python and Ruby but the certs will cover this
How to become a Cybersecurity Engineer (purple team)
Again after CCNA and VCP-NV and Red Hat
Security+ -> CySa+ / CCNA Cyber Ops -> CEH (semi optional, if you lack experience and find a sponsor get it) -> OSCP
Become decent at Python , other languages will come as needed-
Again after CCNA and VCP-NV and Red Hat
Security+ -> CySa+ / CCNA Cyber Ops -> CEH (semi optional, if you lack experience and find a sponsor get it) -> OSCP
Become decent at Python , other languages will come as needed-
If you have no experience here's some estimations:
Analyst/SOC - ive seen it done the QUICKEST in about 9 months but its about a year tops
Pen Tester - 1 year if you learn VERY quickly but around year and a half
Engineer - year and a half MIN
Analyst/SOC - ive seen it done the QUICKEST in about 9 months but its about a year tops
Pen Tester - 1 year if you learn VERY quickly but around year and a half
Engineer - year and a half MIN
Now as for where to learn this?
Cybrary, Udemy, bootcamps WITH JOB PLACEMENT ONLY ADD YOUR PROFESSORS ON LINKEDIN AND IT BETTER NOT COST NO MORE THAN 10K, youtube, etc
If your city has cybersecurity conferences ATTEND THEM AND ADD RECRUITERS ON LINKEDIN
Cybrary, Udemy, bootcamps WITH JOB PLACEMENT ONLY ADD YOUR PROFESSORS ON LINKEDIN AND IT BETTER NOT COST NO MORE THAN 10K, youtube, etc
If your city has cybersecurity conferences ATTEND THEM AND ADD RECRUITERS ON LINKEDIN
Github is also a great place to store your labs.
Other than that, this is pretty much how to get into cybersecurity.
Other than that, this is pretty much how to get into cybersecurity.
I forgot to also mention
Some cloud certs like AWS are also useful
I advise it due to things becoming more remote
Some cloud certs like AWS are also useful
I advise it due to things becoming more remote
ANOTHER THING
If you dont purse Vmware VCP NV GET ANOTHER CISCO CERT FOR NETWORKING
Trust me
If you dont purse Vmware VCP NV GET ANOTHER CISCO CERT FOR NETWORKING
Trust me