Cybersecurity is one of the most sought-after career paths in the IT market. To become a coveted talent in this field, starting as a Security Operations Center (SOC) analyst is an excellent beginning. Once you’ve gained experience as a seasoned SOC analyst, you can continue your journey in the security domain or redirect your IT career in another desired direction.
The Roadmap: The following roadmap is tailored for individuals who have never been involved with IT before. Realistically, it is anticipated to take 3 to 5 years to implement and conclude the entire career plan. All recommended resources are either free or come at a minimal cost. In other words, anyone with theoretical knowledge of computers and internet access can complete the educational steps below.
Level 1: Get Acquainted with Technology and Understand Networks
As a starting point, try to secure a position in a company with some relation to technology or obtain the CompTIA A+ Certification. This might sound unusual, but let me explain: Remember, this career plan is designed for individuals with no prior tech experience. Just as you need to get into the water to learn swimming, working in a technology-related role, such as sales in a phone company or data entry in a fintech company, can both kickstart your tech career and provide financial support. Many of these jobs also offer various training provided by the company, some of which could lay the foundation for your future tasks.
If finding a job or starting from here doesn’t appeal to you, consider obtaining the CompTIA A+ certification, the most valid certificate to kickstart your journey into the IT sector. You can prepare for this certification using this guide: CompTIA A +Certification Guide.
Also, grab the CompTIA Network+ certification!
If you intend to pursue a career in IT, you must have a solid understanding of the IPv4 network, as you will likely encounter subnetting issues in the future. Obtaining CompTIA Network certifications can help mitigate this risk.
Here are some resources you can leverage:
- Professor Messer A+ series: YouTube Playlist
- Professor Messer Network+ series: YouTube Playlist
- Berry Smith Subnetting series: YouTube Playlist, Part 2, Part 3, Part 4, What is Subnetting, How to Subnet Part 1, How to Subnet Part 2
- Mike Meyer’s Network+ book and YouTube Channel: Amazon Link
Also, check out this Reddit Master List for preparation resources for all CompTIA certifications.
Level 2: Start Learning the Basics of Linux
You need to learn Linux. Almost all technological developments you admire are implemented with Linux/Unix. Whether you’re interested in cybersecurity or any other IT field, knowing Linux is crucial.
Whether you prefer learning by reading, watching, or doing, the following resources can get you in a good position:
- Bandit Wargame
- Free Books: William Shot’s The Linux Command Line and Evi Nemeth’s Unix and Linux System Administration Handbook
- Online Free Courses: Linux Operating System – Crash Course for Beginners, Introduction to Linux – Full Course for Beginners
- Websites: linuxjourney.com, tecmint.com, linuxpath.org
- Labs: Learn to be a Linux Sysadmin task list, Linux From Scratch (LFS)
Level 3: Find a Helpdesk or Technical Support Job & Obtain the CompTIA Security+ Certification
This step differs from the initial job-seeking suggestion. Now, you’re not at ground zero. You have certifications and, to some extent, Linux knowledge. At this point, you need to gain practical experience related to the knowledge you’ve acquired. Moreover, you likely need to build confidence in your technical skills. When searching for a job, pay attention to the following details:
- Be prepared for a low salary: Since you probably don’t have prior academic education or internships related to these subjects, you will likely start at the bottom, so the salary won’t be very high.
- Plan to stay in this job for 1 or 2 years: Not longer! You need to continue improving your skills and yourself. Remember that many people spend 6-7 years in these roles, so don’t get too comfortable.
Obtain the CompTIA Security+ certification: You can achieve this in just a few months if you’re disciplined. It’s time to get the CompTIA Security+ certification. Here are some resources:
- Professor Messer’s Security Study Group
- Study Plan
- Top 10 Learning and Practice Platforms to Build Confidence in Cybersecurity
- Archived webcasts from the SANS Institute
- Archived webcasts from Black Hills Information Security
- Bleeping Computer
- Dark Reading
- Krebs on Security
Connect with Senior Engineers: During the time spent in this role, establish connections with engineers at your workplace, ask questions, and build trust. After obtaining your security certification, express your interest in routine security tasks at your workplace. Include such tasks in your resume.
Participate in B-Sides Conferences: Attend live cybersecurity conferences. Not only will you equip yourself with the latest information, but you can also connect with industry professionals and seek advice from career counselors regarding your resume. While conferences aren’t free, they’re extremely affordable and well worth the time and resources. Check Security BSides.
Step 4: Try to Join Hacker Groups
By hacker groups, I mean those engaged in legal information sharing and community building. Use these groups to network and secure your first job.
Joining and gaining trust in a hacker group isn’t easy but is worth the effort. Put in the work, be confident about yourself and your abilities, ask questions, get to know people, and earn their trust!
Step 5: Apply to as Many SOC Positions as Possible
Now, you can start working as a SOC Analyst. To increase your chances, apply to as many positions as possible. Be ready to relocate even if it means moving to a different city. While a home office position would be ideal, at the beginning of your career, you will likely have to work in the office.
To enhance your chances of landing your first SOC Analyst job:
- Perfect your resume: Make yourself visible. Remember, there are thousands of candidates who have walked the same path as you. To stand out among them, ensure your resume uses the right keywords that describe the tools you’ve used, the certifications you hold, and your skills. Consider preparing your resume in the STAR format to showcase your career achievements comprehensively.
- Home Lab: Strengthen your resume by practicing at home. If you do this, you’ll increase your chances in competitive conditions.
- Two Additional Certifications: To completely stand out, consider getting the CCNA and CompTIA CySA certifications. For this, check out David Bombal’s and Andrei Cioba’s free YouTube courses: CCNA and CompTIA CySA.
By following these steps, you can build a successful career in cybersecurity. Remember, patience and continuous learning are key in this dynamic field. Good luck!