Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Early_Adopter
Community Champion
‎12-01-2023 12:14 AM
‎12-01-2023 12:14 AM

Entry level cybersecurity jobs - videos on Youtube

With all the talk of Cybersecurity entry level jobs I got interested with what it’s like right now and started looking at YouTube to find my perfect guru so that I can break into that sweet six figure, WFH gig without experience…
… well, frankly I still think you’ll be much better off taking a couple of levels(if you are playing D&D) or spending a couple of years)if you consider yourself to be a proper person. You’d get paid doing something that gives you the foundation, IT pays well and you can make contacts and network effectively.

I’ve been watching a few Yoobers? And there are a lot of folk shilling for ISC2/Google/and others on the entry level certifications(the ethical ones have disclaimers for paid reviews etc), and most of the info is still good if a little rose tinted.

One chap who I’ve looked at goes by UnixGuy is someone I’d recommend looking at. While I’d argue that you’re going to get better outcomes in terms of salary and progression starting in IT, and that broadly cyber security isn’t entry level, it’s possible(I worked in IT for just over a year before moving to a role working with firewalls, proxies and VPNs(ah Avantale and Whale how we miss thee…)

So what’s to like about Unix Guy’s content? (Top three)

1. He provides structure and uses his obvious experience to give you a path to follow that is I will attest setting you up for success. We become what we pretend to be(just look at crabs in evolution, successful and delicious), following his approach gives you a solid curriculum before you understand.
2. He emphasises the need to have hands on experience and labs(especially in certs) this is essential, and super correct. You have to learn how to do, to practice skills and apply knowledge. This would be number one if decent role specific curriculums were more common on YouTube)there are plenty of bad ones).
3. He’s considered your mindset, and your adaptability. Staying focused and enthusiastic over a year or two is essential, as is measuring feedback and tuning your response. The people who make it as the first job in IT(you happy few) will Adapt, Improvise and Overcome. Particular gem of an insight on search engines giving you what you search for, that’s baked into the design.

My top three cautions on his approach:

1. I wouldn’t agree on applying for everything, especially if you are not getting interviews, It’s a smallish industry and you don’t want to spam so much you start getting filtered out by recruitment specialists. Instead shortlist, apply measure responses, tune your CV and don’t overdo the volume, especially if you want the role in limited geographies. Being ready to be a journeyman will help mitigate this. On over-saturation the CISSP elders talk in hushed tones of “Das Furby” who overexposed himself to the point of active(it was a different time) ridicule(you can still set them off today).
2. You going to need to be brutally focused psychologically to deal with rejection, and still keep working toward this goal. My own journey was made easier by having three contract IT roles before going into cybersecurity(floowalker trainer, tech support and DC engineer). Best of both worlds get IT job and follow his paths - less rejections this way.
3. You’re going to clock some serious hours of study to do this -it’s hard graft - nothing like the humble CC course - be prepared to set aside 10-20 hours per week for over six months. I did MCSE:security/messaging and Security+ as my military resettlement and this was none exams over a six week course with labs(mostly IT and Microsoft security was quaint in 2004) and was studying 18 hours a day in that time window plus a month after to finish sitting all the exams - never talk to me about WINS name resolution I will never get that one back).

Anyway in the balance I commend his channel to you, positives far outweigh cautions especially if you are playing on hard mode and not going IT first…:p

https://m.youtube.com/watch?v=wcJcH51hmXY
Reply
3 Replies
Steve-Wilme
Advocate II
‎12-01-2023 11:03 AM
‎12-01-2023 11:03 AM

The obvious other way in is to join a largish company that you know has an InfoSec/Cyber Security dept. gain some experience, possibly in IT and then watch out for internal vacancies and transfer in.  Or better still find a company that has an apprenticeship programme that rotates joiners through depts. including cyber, networking, sysadmin etc and use that to get experience.  Always keep in mind that there are two elements 1) courses and certifications and 2) relevant experience.  If you can get 2) then 1) should be comparatively easy.

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS
Reply
Early_Adopter
Community Champion
‎12-01-2023 11:20 AM
‎12-01-2023 11:20 AM

@Steve-Wilme

I don’t disagree, I personally went in through IT for a year plus, then moved to a security role in another company and that was smooth.

This post is more looking at what’s available in terms of guidance/support for folk who are going straight for cybersecurity, without first doing IT, effectively hard mode. Graduate programmes in the US and elsewhere tend to serve as or stand if for apprenticeship, which I think are rare these days, except perhaps in Germany and other northern European states. Internships could help as well.

Unixguy’s approach can work I think(you’d have to spend time watching to see if you had a different opinion), but I think it’s less efficient to going into IT first, so we’re looking at deliberate hard mode.


Reply
0 Kudos
JoePete
Advocate I
‎12-04-2023 08:20 AM
‎12-04-2023 08:20 AM

@Steve-Wilme wrote:

The obvious other way in is to join a largish company that you know has an InfoSec/Cyber Security dept. gain some experience, possibly in IT and then watch out for internal vacancies and transfer in.

I think the message is that security has a context in terms of experience, knowledge, and even a company. I always looked to hire internally. It makes it easy to check off a few boxes right away in terms of whether someone can do the job and fit in. Of course this is getting harder in remote-work situations. But it is a lot of effort to hire. While managers might wish they had more staff, no one I know also says "I love hiring." It takes a lot of effort, and if you're doing it, it means you're already understaffed. Timing is a big part of getting the job.

Reply