Re: Looking for Cybersecurity Job & Resources for ...

Amirebm

Hi everyone,

I’m actively looking for a cybersecurity role and working to strengthen my skills in Cyber Threat Intelligence (CTI), Threat Hunting, and Incident Response (IR). I have a CISSP certification, but my knowledge in these areas is limited, and I recently realized I have skill gaps that I need to address.

Over the past few months, I’ve failed four interviews in a row, which has been frustrating. The interviews were highly technical, and I struggled to answer some of the in-depth questions. This experience made me realize I need to level up my practical knowledge to be more confident and prepared.

I know that SANS courses are great, but they are quite expensive, and my budget is limited. What are some affordable or free resources (books, online courses, hands-on labs, etc.) that helped you build strong skills in CTI, Threat Hunting, or IR?

I’d really appreciate any guidance from this community!

Thanks in advance for your insights.

jbuitron

I echo your posting. Only what employers are asking me to know Splunk, AWS, and a host of tools . . My response is that I have learned at LEAST seventy-five different tools in my career, and will happily learn more, I love learning, learn quickly and can turn around and document the tools and processes so the next new hire can learn more quickly.

WHAT you have so clearly exposed here is the UnWillingness of employers to help intelligent and motivated people to Learn On the Job!

This Lack of allowance to learn on the job is Employers' biggest contribution to the growing Talent Gap in cybersecurity. I have been tracking news on the so-called Talent Gap since around 2009. Here are the factors that I see:

a) Companies' job descriptions for 'cyber engineers,' 'cyber managers,' or any of another twenty or so titles are as varied and as numerous as the life forms on this planet. There are few to no standards in job descriptions. Academia and the US Government have developed the NICE framework, but companies still act like the Wild West and shy away from standards.

b) Not only are the job descriptions, requirements, and titles all-over-the-place, companies expect to be able to find the 'perfect person' for their jimmy-rigged, sometimes 120-line requirements, job description. Right now, I know of a project in Boulder, Colorado that has been trying to find their 'perfect candidate' since March of 2024! It seems to me to be a form of insanity.

And then, if a person is 'missing' just one of their laundry-list of requirements, usually a SIEM tool, or scanning tool, 'poof' they are rejected without giving the slightest thought or consideration that a person with 15 or 20 years experience has DEFINITELY LEARNED a plethora of tools, processes, methods, and can most definitely add the missing piece through on-the-job learning. Few to NO companies allow for on-the-job learning in cyber.

c) I still see barriers for women in cybersecurity. Please, for goodness sake, don't point out 'the one' female who has been promoted that you know of. Statistically, that can be called an 'outlier.' Most all of the surveys I see do Not demonstrate that there are 50% women in cyber, to reflect the general population, and nor are there a growing number of females in leadership. I see a drastic imbalance that continues.

d) All of the above factors add up to a growing 'talent gap' in cyber that is now at the point where National Security is in danger.

I still don't see that anyone is ready to change the status quo so as to energize cyber to allow people of ALL KINDS to enter and solve the Talent Gap.

thanks,

Doctor JSB, DCS

CISSP, Masters in CISO Operations

MCSE x2, ITIL v3

emb021

Some general advise.

Get involved with local infosec groups (ISSA, ISC2, ISACA, etc), attend conferences (especially BSides). Networking with other professionals will point you to resources as well as help with getting a job.

SANS courses. Yes, they are expensive. Take a look at Work Study to lower your cost. Or even their degree.

DON'T overlook the free and low cost training you get as an ISC2 member.

For resources, would recommend the following:

* Blue Team Handbook: SOC, SIEM & Threat Hunting Use Cases by Don Murdoch
* Blue Team Handbook: Incident Response Edition by Don Murdoch
* Blue Team Field Manual by Alan White & Ben Clark
* Cyber Crisis Response by Andrew Gorecki & Christopher Scott (AND others from the CISO DRG series)
* Open Source Intelligence Techniques by Michael Bazzell

There are other resources, but that's a start

---
Michael Brown, CISSP, HCISPP, CISA, CISM, CGEIT, CRISC, CDPSE, GSLC, GSTRT, GLEG, GSNA, CIST, CIGE, ISSA Fellow

kris10judy

I am unsure if this is what you're looking for, but I found this info yesterday on Ethical Hacking. He goes over free and paid resources. I think he is credible, knows what he is talking about, and gives a list of other people with more info. First is the video and second is the blog article both the same. It basically certifications free resources. He gives a bunch of labs to do for free that will help show your knowledge or ability/willingness to learn more. They also have help with interviewing. He will explain what you will need for interviewing and what jobs to apply for and what jobs you will need more certification for. There are also resources of communities to join. Very helpful! But I am newbie therefore I don't have much experience this is just my opinion. also, Coursera, Google, and University of Michigan. Those 3 have Ai and cybersecurity and general cybersecurity courses. They are all free. Hope it helps.

https://youtu.be/EdFiH_BfEH4?si=Z6FNkpe9m2hCKBSU

https://tcm-sec.com/how-to-be-an-ethical-hacker-in-2025/

Looking for Cybersecurity Job & Resources for IR, CTI & Threat Hunting