Cybersecurity Career Guide 2023 Technical 1. Start with general reading. Read the security news, read some fan-favorite books, and listen to podcasts. o Reading the security news and books familiarizes yourself with the most recent tactics and techniques adversaries are using. When you do not understand a concept or phrase, look it up. Start building an archive of acronyms, technologies, and tools. 2. Start with the fundamentals of I.T. o Hardware, software, operating systems, and networking. o If you have video some of my previous videos, I have said this many times, start with general technology. You need to know how the underlying concepts work such as networking in order secure the network. 3. Deep-dive into networking. o Hardware, TCP/IP and OSI Model, network architecture, subnetting, protocols, and network security. o Computer networking (think about a traditional router for those who are brand new) is a fundamental to security. Formalize yourself with the following concepts. 4. Programming and scripting o Choose a popular, user-friendly programming language. Recommend Python, Bash, PowerShell, Go. o Programming and more so scripting for general-purpose security analysts are used to automate the boring tasks. Learning the basics of scripting, how to read, and write scripts will help you along the way. 5. OS Basics (Windows & Linux) o Learn the basics. How to navigate to command line, shell commands, kernel and user space, basic Linux setup, etc. o Linux is a sizeable component to back-end architecture powering servers. Understanding the basics of Linux architecture, how it differs from traditional Windows and Unix environments will help you gain a comprehensive understanding of the big picture. o Windows on the other hand powers the large majority of business environments. Understanding common techniques and tactics used to attack and defend in a Windows environment will help you gain a holistic perspective on the end-user workstation and enterprise active directory landscape. 6. Security Basics o Hardware, security concepts, common attacks, etc o Now you can move into security basics, learn about the basic security hardware, software, common attack techniques, etc. © Cybercademy LLC 2023 7. Virtualization & Web Basics o Web architecture, HTTP/S protocols, basic attacks. o Virtualization is used for various purposes, including malware sandboxing, honeypots, and efficient use of hardware resources. o The internet is powered through the architecture of the web. Understanding basic communication processes is imperative to identifying and defending against common techniques. 8. Security Technology o Vulnerability scanners, SIEM, Firewall, IDS/IPS, EDR, etc o Working with various security technologies will allow you to understand and gain a comprehensive approach to security. Fiddling around with different security technologies helps you understand how tools work together. The majority of security jobs are working hands-on with security tools. Career 1. Focus on the basics, create extensive documentation, and develop a plan. 2. Project-based approach. CTFs, cybersecurity homelabs (virtualization), online lab websites, and more. 3. Formal qualifications, technology, computer science, or cybersecurity degree. Cybersecurity certifications (focus on the main ones). 4. Portfolio. Projects, blogs, clubs, network meetups, etc. 5. Consistency Links Training Platforms: https://cybercademy.org/training-platforms/ Project Ideas Page: https://cybercademy.org/project-ideas/ Resources Page: https://cybercademy.org/resources/ Books: https://cybercademy.org/books/ Podcasts: https://cybercademy.org/general-resources/ CTF Platforms: https://ctfsites.github.io/ © Cybercademy LLC 2023