Follow Me: Linkedin: https://www.linkedin.com/in/caleb-o-967254173/ Instagram: https://instagram.com/caleb_oni.certified?igshid=YmMyMTA2M2Y= HASHTAGS: #cloud #cybersecurity #azure
MY RELEVANT VIDEOS: 1. How to get into Cybersecurity? (in the Current Job Market) | ft. @UnixGuy - https://youtu.be/Vfdh5ZXSklA?si=Fo_xYN2BD6M_CgfH 2. How to Get into CyberSecurity | Step by Step Roadmap (2024) - https://youtu.be/SS_yw7Xh95g?si=F8Vl4cgVgDICnlYR 3. How I passed the ISC2 CC? (Certified in Cybersecurity) | Guide to pass ISC2 CC Exam - https://youtu.be/EwYALup0bG4?si=jCs_nu-ytPWxjUxX 4. What are the pathways to CyberSecurity? - https://youtu.be/WZi0y4oybbQ
[00:00:00] Aspiring Engineers in Cybersecurity, what is your advice on getting into cybersecurity?
[00:00:07] That's a great question. Man, this is also one that if you had asked me like three, four, five years ago,
[00:00:14] my answer would be different. But now where I'm at, I'm seeing things differently, right? Quite
[00:00:21] honestly. And also with mentoring people on Cybers Academy and also just seeing the journeys of
[00:00:26] people, I think I think of it differently these days, right? With regards to my advice. My advice
[00:00:33] is honestly, pick something and get good at it, right? This goes back into the domain specific thing.
[00:00:41] I see so many people that are like just all over the place, right? You're not going to get good at
[00:00:46] anything if you don't get good at something at the very least, right? Like don't just jump around,
[00:00:55] like go from like learning offensive to like, yes, knowing multiple things in cybersecurity
[00:01:00] makes you better and well-rounded. But if you're not good at something, like one thing,
[00:01:07] one good enough thing, nobody's really wanting to hire you because how do they justify you being on
[00:01:14] their team? Like, yes, you might be good at all these things, but how do you fit in to their company or
[00:01:20] their organization, right? Think about, let's not even, let's just think about it from a hiring
[00:01:24] manager's perspective. When they're hiring somebody for a role, they need somebody to fulfill a certain
[00:01:30] requirement, a certain job requirement, right? So how do you become that person that fulfills that
[00:01:36] job requirement, right? Think of it as, okay, I want to be a Slack analyst. Okay. What does a Slack
[00:01:40] analyst need to know? I need to know how to use SIMS, EDRs, analyze logs, know how like
[00:01:48] Windows systems work, how Linux system works, how Active Directory works, maybe some cloud,
[00:01:53] right? I need to understand how attackers compromise these systems, but more importantly,
[00:01:57] how to detect that, how to analyze that, right? I need to understand like how to look at logs,
[00:02:01] how to look at processes, how to look at memory, right? You know, system memory, like Windows memory,
[00:02:06] like look at Linux memory. I need to know how to analyze malware, right? Understand like what
[00:02:12] hashes are. Like think of it as, as a perspective of a hiring manager hiring you for a job. What are
[00:02:18] they looking for? Right? And build those skills. Now, when you get into the industry, you can do
[00:02:23] whatever you want. You could continue to dig deeper into like defensive security. If you're a Slack
[00:02:27] analyst, like myself, I did the same thing. I dug deeper and deeper into like getting better at being
[00:02:33] a detection engineer, a Slack analyst or a threat hunter, or, you know, cloud threat detection,
[00:02:38] or like now where I do security response engineering, like I've been digging deeper into this domain.
[00:02:45] But what's to say like, you know, a few years down the line, I can't maybe transition into like
[00:02:49] offensive security or maybe like some devs at cops or something else. I can do that if I want to,
[00:02:54] because I have a solid foundation of something else that picking up the skills for this other
[00:02:59] thing, it's not going to be so much harder for me because I already know how to get good at
[00:03:03] something. It's like, I know I can, I can use that experience. I got from getting good at
[00:03:07] defensive security to transition into another field, right? So get good at something. I love
[00:03:14] the advice from the book, So Good They Can't Ignore You by Cal Newport. It's like, so maybe you want to
[00:03:20] pursue their passion. That's fine and great and all, but you also have to factor in like,
[00:03:27] you're living in this world where you get paid for the value you provide to an organization,
[00:03:33] right? Your passion might be in like knowing how to do everything in offensive security and
[00:03:38] defensive security. That's great and all, but you need to get good at something so good they
[00:03:43] can't ignore you. Like your skills are so good that it can't ignore you. They can't butt hire you for
[00:03:49] this role, right? And that also applies into like, even though you're an entry-level candidate,
[00:03:54] I know there's the sentiment out there where like entry-level roles should be for people without
[00:03:58] experience. And I agree with that, but you have to set yourself apart from other people, right?
[00:04:04] It's a job market. I get that, but it's also a competition because it's like, they're going to
[00:04:10] choose the best candidates. So how do you stand out? How do you become the best candidate, right?
[00:04:14] How do you keep building your skills to get better at what you do? How do you build your
[00:04:17] communication skills or your interviewing skills to get better at talking to people and sharing your
[00:04:22] skills, sharing your experiences? How do you build all of these things that help you be a better
[00:04:26] candidate, right? Ultimately, you want to be so good they can't ignore you. That's how you get the
[00:04:31] job. That's how you get into the industry and how you transition, you know, get other jobs,
[00:04:35] transition into different roles, all that stuff. So I think, you know, first, if you can like read
[00:04:41] that book, So Good They Can't Ignore You. It's very practical, but also like get really good at
[00:04:46] something, right? And while you're applying for jobs, don't give up. Like just keep getting better at
[00:04:50] what you do. Keep building your skills. Keep doing those CTFs. Keep doing those home labs. Keep like
[00:04:55] connected with people. Like just keep building and building and building. Eventually you get to a
[00:04:59] point where like you're, you're really good at this one thing and you can use that to get your foot in
[00:05:04] the door. And then from there, you can just like do whatever you want. You can build more skills,
[00:05:08] maybe in cloud, in like DevSecOps, in DevOps, in application security, offensive security,
[00:05:14] whatever the case is. So that's my advice. Wow. No, that's incredible, bro. And I feel like that
[00:05:19] advice really covers off what someone needs to know is to look at something, look at a specific
[00:05:27] role and go after the specific skills for that role and really learn it through and through. And it's
[00:05:35] similar to a conversation I was having with another guest of, you know, people loving to jump around
[00:05:41] or move into different roles, but learning the skills of that one role and becoming really good at it to the
[00:05:49] point where you're the go-to of this specific thing is super important for your career, which is some
[00:05:57] incredible advice and definitely some advice that will be super helpful for all those trying to get
[00:06:03] into the industry, those aspiring cybersecurity professionals.