When I was 15, my uncle got me a summer job on the landscaping crew for the hospital he worked at. At six feet and two hundred twenty pounds I was physically capable, but I was still a kid out there with the grown men. The summer was full of hot, sweaty triple digit days with lots of lawn mowing, weed eating, raking, gardening, and planting. It sucked. Many time I'd hear the men I worked with say, "You'll never catch me in any office! I love being out here in the fresh air!" Frankly I thought they were nuts. This was about the moment in my life when I decided my future work environment was going to have full time A/C, a water cooler, a big comfy office chair, and unmonitored break times. My uncle did me a solid that summer, and that's what I'll try to for you now.
​
If your goal is a paying job in cybersecurity, here is your blueprint for the first two to three years. Advanced math and programming skills are definitely not needed, math was my worst subject in school by far. College degree also not needed, my best friend is literally a high school dropout and he makes $150K as an AWS cloud architect for NASA, no BS. Intelligence is also helpful but not absolutely critical, I worked at IBM for five years with a woman that could not have been more average in every way. The only thing she was exceptional at was taking notes, any time she or anyone else did something it went in her notebook. If she need an answer for a problem later, she'd look in the notebook. Advanced equipment is not necessary, a second hand laptop and cable modem speed internet connection should be more than sufficient. Frankly, the "what to do" is the easy part. Actually sacrificing hours a day to learn the skills and execute the career plan is the hard part. By far the most important trait is determination, just a refusal to give up. Remember, if it was easy, everyone would do it.
You should be aiming to eventually get a position as a Security Operations Center (SOC) analyst.
A SOC analyst position gives you some insight into a whole range of different information security problems and practices. You'll see incoming recon and attacks, your org's defenses and responses, and the attacker's counter responses. You'll get experience using a SIEM. You'll become familiar with all of the tools in place and start to figure out what works and what doesn't. You'll learn the workflow of a security team and what the more senior engineers do to protect the enterprise. After a couple of years, you'll probably have a much better idea about your own interests and the path you want to pursue in your career.
​
Here's how you get there:
​
Step 1: Get the Network+ certification (Skip the A+, it's a waste of time for your purposes). You MUST understand IPv4 networking inside and out, I can't stress that enough. A used Net+ study guide on Amazon should be less than $10. Professor Messer videos are great and free: https://www.youtube.com/user/professormesser
​
Mike Meyers has about the best all in one Network + book out right now, you can get that from Amazon. You can also check out Mike Meyers' channel on Youtube, he has a lot of Network+ videos: https://www.youtube.com/watch?v=TcIV\_qc-eOU
​
Step 2: Start learning some basic Linux. The majority of business computing is done on a unix type platform, this will not change anytime soon.
​
For Linux, I'd highly recommend "Unix and Linux System Administration Handbook" by Evi Nemeth, et al. The information is presented in a way that is comprehensible to regular people. You can get a used copy of the fourth edition for about $15.00. The second edition got me through my first three jobs back in the day :) https://www.amazon.com/UNIX-Linux-System-Administration-Handbook/dp/0131480057/ref=sr_1_fkmrnull_1?keywords=evi+nemeth+4th+edition&qid=1551450119&s=gateway&sr=8-1-fkmrnull
​
Step 3: Get a techie job, probably in entry level tech support or helpdesk. You have to do a year or two here to get some practical experience.
​
Step 4: Get the Security+ certification.
​
Step 5: While in your tech support job try to do every security related task you can.
​
Step 6: Attend Bsides conferences (very cheap), there is almost certainly one within a couple hours of you. http://www.securitybsides.com/w/page/12194156/FrontPage
​
Step 7: Join a local hackers group similar to NoVA Hackers or Dallas Hackers.
​
Step 8: Network with everyone you can at security conferences and in your hackers group.
​
Step 9: After you get those certs and some technical work experience, apply for every SOC position you can.
​
Step 10: Take the free online Splunk class while you're waiting.
​
Step 11: Keep going until you get that SOC analyst job.
​
Guess what, you're an infosec professional!
​
That SOC analyst job should pay between $50K and $60K. You'll stay there for a year to eighteen months and get a couple more certifications, then leave for a new job making $75K to $85K. After five years in the tech/cybersecurity industry you should be at $100K+.
​
Feel free to PM me with questions.
by sold_myfortune 2019-08-24
You should be aiming to eventually get a position as a Security Operations Center (SOC) analyst.
​
A SOC analyst position gives you some insight into a whole range of different information security problems and practices. You'll see incoming recon and attacks, your org's defenses and responses, and the attacker's counter responses. You'll get experience using a SIEM. You'll become familiar with all of the tools in place and start to figure out what works and what doesn't. You'll learn the workflow of a security team and what the more senior engineers do to protect the enterprise. After a couple of years, you'll probably have a much better idea about your own interests and the path you want to pursue in your career.
​
Here's how you get there:
​
Step 0: Make a habit of using spellcheck, then proofreading what you've written.
​
Step 1: Get the Network+ certification (Skip the A+, it's a waste of time for your purposes). You MUST understand IPv4 networking inside and out, I can't stress that enough. A used Net+ study guide on Amazon should be less than $10. Professor Messer videos are great and free: https://www.youtube.com/user/professormesser
​
Mike Meyers has about the best all in one Network + book out right now, you can get that from Amazon. You can also check out Mike Meyers' channel on Youtube, he has a lot of Network+ videos: https://www.youtube.com/watch?v=1uArp_bSvmA&list=PLtdZ8oHxJRK63k1sYKN4_8z0COxrXlO87
​
Step 2: Start learning some basic Linux. The majority of business computing is done on a unix type platform, this will not change anytime soon.
​
For Linux, I'd highly recommend "Unix and Linux System Administration Handbook" by Evi Nemeth, et al. The information is presented in a way that is comprehensible to regular people. You can get a used copy of the fourth edition for about $15.00. The second edition got me through my first three jobs back in the day :) https://www.amazon.com/UNIX-Linux-System-Administration-Handbook/dp/0131480057/ref=sr_1_fkmrnull_1?keywords=evi+nemeth+4th+edition&qid=1551450119&s=gateway&sr=8-1-fkmrnull
​
Step 3: Get a techie job, probably in entry level tech support or helpdesk. You have to do a year or two here to get some practical experience.
​
Step 4: Get the Security+ certification.
​
Step 5: While in your tech support job try to do every security related task you can.
​
Step 6: Attend Bsides conferences (very cheap), there is almost certainly one within a couple hours of you.http://www.securitybsides.com/w/page/12194156/FrontPage
​
Step 7: Join a local hackers group similar to NoVA Hackers or Dallas Hackers.
​
Step 8: Network with everyone you can at security conferences and in your hackers group.
​
Step 9: After you get those certs and some technical work experience, apply for every SOC position you can.
​
Step 10: Take the free online Splunk class while you're waiting.
​
Step 11: Keep going until you get that SOC analyst job.
​
Guess what, you're an infosec professional!
​
That SOC analyst job should pay between $50K and $60K. You'll stay there for a year to eighteen months and get a couple more certifications, then leave for a new job making $75K to $85K. After five years in the tech/cybersecurity industry you should be at $100K+.
​
The program above is mainly for people that are starting from absolute scratch and using no resources beyond the Internet. If you're actually in some sort of formal program I'd also highly recommend at least one programming class, preferably in python. Being able to automate tasks is an invaluable skill as a SOC analyst and will set you apart from those that can't.
by sold_myfortune 2019-08-24
Ok, well I humbly submit to you that if less stress and fewer hours are what you're after the IT industry in general, and the infosec industry in particular, may not be the place to find it. Pretty much all mid or senior level IT/infosec jobs require evening and weekend work at some point and most require a pager rotation as well. That said, the following career plan is mainly for people starting from scratch with little or no tech background and few financial resources. It's designed to get you to a place where you can get exposure to lots of different areas of infosec so you can eventually examine your own interests and then build from there.
​
You should be aiming to eventually get a position as a Security Operations Center (SOC) analyst.
​
A SOC analyst position gives you some insight into a whole range of different information security problems and practices. You'll see incoming recon and attacks, your org's defenses and responses, and the attacker's counter responses. You'll get experience using a SIEM. You'll become familiar with all of the tools in place and start to figure out what works and what doesn't. You'll learn the workflow of a security team and what the more senior engineers do to protect the enterprise. After a couple of years, you'll probably have a much better idea about your own interests and the path you want to pursue in your career. If pentesting really is your thing, you'll learn about all that tactics of the opposition while you're working on the defense side.
​
Here's how you get there:
​
Step 1: Get the Network+ certification (Skip the A+, it's a waste of time for your purposes). You MUST understand IPv4 networking inside and out, I can't stress that enough. A used Net+ study guide on Amazon should be less than $10. Professor Messer videos are great and free: https://www.youtube.com/user/professormesser
​
Mike Meyers has about the best all in one Network + book out right now, you can get that from Amazon. You can also check out Mike Meyers' channel on Youtube, he has a lot of Network+ videos: https://www.youtube.com/watch?v=1uArp_bSvmA&list=PLtdZ8oHxJRK63k1sYKN4_8z0COxrXlO87
​
Step 2: Start learning some basic Linux. The majority of business computing is done on a unix type platform, this will not change anytime soon.
​
For Linux, I'd highly recommend "Unix and Linux System Administration Handbook" by Evi Nemeth, et al. The information is presented in a way that is comprehensible to regular people. You can get a used copy of the fourth edition for about $15.00. The second edition got me through my first three jobs back in the day :) https://www.amazon.com/UNIX-Linux-System-Administration-Handbook/dp/0131480057/ref=sr_1_fkmrnull_1?keywords=evi+nemeth+4th+edition&qid=1551450119&s=gateway&sr=8-1-fkmrnull
​
Step 3: Get a techie job, probably in entry level tech support or helpdesk. You have to do a year or two here to get some practical experience. If you can somehow use personal connections to bypass this step, then go for it, but most people will need to show this time on their resume.
​
Step 4: Get the Security+ certification.
​
Step 5: While in your tech support job try to do every security related task you can.
​
Step 6: Attend Bsides conferences (very cheap), there is almost certainly one within a couple hours of you.http://www.securitybsides.com/w/page/12194156/FrontPage
​
Step 7: Join a local hackers group similar to NoVA Hackers or Dallas Hackers.
​
Step 8: Network with everyone you can at security conferences and in your hackers group.
​
Step 9: After you get those certs and some technical work experience, apply for every SOC position you can.
​
Step 10: Take the free online Splunk class while you're waiting.
​
Step 11: Keep going until you get that SOC analyst job.
​
Guess what, you're an infosec professional!
​
That SOC analyst job should pay between $50K and $60K. You'll stay there for a year to eighteen months and get a couple more certifications, then leave for a new job making $75K to $85K. After five years in the tech/cybersecurity industry you should be at $100K+.
by sold_myfortune 2019-07-21
Mike Meyers has about the best all in one Network + book out right now, you can get that from Amazon. You can also check out Mike Meyers' channel on Youtube, he has a lot of Network+ videos:
https://www.youtube.com/watch?v=TcIV_qc-eOU
For Linux, I'd highly recommend "Unix and Linux System Administration Handbook" by Evi Nemeth, et al. You can get a used copy of the fourth edition for about $15.00. The second edition got me through my first three jobs back in the day :)
https://www.amazon.com/UNIX-Linux-System-Administration-Handbook/dp/0131480057/ref=sr_1_fkmrnull_1?keywords=evi+nemeth+4th+edition&qid=1551450119&s=gateway&sr=8-1-fkmrnull
by _chauhanshubham 2019-07-21
Unix and Linux system administration handbook - Evi nemeth, garth Snyder..
https://www.amazon.com/UNIX-Linux-System-Administration-Handbook/dp/0131480057
by dontgetborn 2017-08-19
I've heard that this is the best handbook for UNIX/Linux administration:
When I was 15, my uncle got me a summer job on the landscaping crew for the hospital he worked at. At six feet and two hundred twenty pounds I was physically capable, but I was still a kid out there with the grown men. The summer was full of hot, sweaty triple digit days with lots of lawn mowing, weed eating, raking, gardening, and planting. It sucked. Many time I'd hear the men I worked with say, "You'll never catch me in any office! I love being out here in the fresh air!" Frankly I thought they were nuts. This was about the moment in my life when I decided my future work environment was going to have full time A/C, a water cooler, a big comfy office chair, and unmonitored break times. My uncle did me a solid that summer, and that's what I'll try to for you now.
​
If your goal is a paying job in cybersecurity, here is your blueprint for the first two to three years. Advanced math and programming skills are definitely not needed, math was my worst subject in school by far. College degree also not needed, my best friend is literally a high school dropout and he makes $150K as an AWS cloud architect for NASA, no BS. Intelligence is also helpful but not absolutely critical, I worked at IBM for five years with a woman that could not have been more average in every way. The only thing she was exceptional at was taking notes, any time she or anyone else did something it went in her notebook. If she need an answer for a problem later, she'd look in the notebook. Advanced equipment is not necessary, a second hand laptop and cable modem speed internet connection should be more than sufficient. Frankly, the "what to do" is the easy part. Actually sacrificing hours a day to learn the skills and execute the career plan is the hard part. By far the most important trait is determination, just a refusal to give up. Remember, if it was easy, everyone would do it.
You should be aiming to eventually get a position as a Security Operations Center (SOC) analyst.
A SOC analyst position gives you some insight into a whole range of different information security problems and practices. You'll see incoming recon and attacks, your org's defenses and responses, and the attacker's counter responses. You'll get experience using a SIEM. You'll become familiar with all of the tools in place and start to figure out what works and what doesn't. You'll learn the workflow of a security team and what the more senior engineers do to protect the enterprise. After a couple of years, you'll probably have a much better idea about your own interests and the path you want to pursue in your career.
​
Here's how you get there:
​
Step 1: Get the Network+ certification (Skip the A+, it's a waste of time for your purposes). You MUST understand IPv4 networking inside and out, I can't stress that enough. A used Net+ study guide on Amazon should be less than $10. Professor Messer videos are great and free: https://www.youtube.com/user/professormesser
​
Mike Meyers has about the best all in one Network + book out right now, you can get that from Amazon. You can also check out Mike Meyers' channel on Youtube, he has a lot of Network+ videos: https://www.youtube.com/watch?v=TcIV\_qc-eOU
​
Step 2: Start learning some basic Linux. The majority of business computing is done on a unix type platform, this will not change anytime soon.
​
For Linux, I'd highly recommend "Unix and Linux System Administration Handbook" by Evi Nemeth, et al. The information is presented in a way that is comprehensible to regular people. You can get a used copy of the fourth edition for about $15.00. The second edition got me through my first three jobs back in the day :) https://www.amazon.com/UNIX-Linux-System-Administration-Handbook/dp/0131480057/ref=sr_1_fkmrnull_1?keywords=evi+nemeth+4th+edition&qid=1551450119&s=gateway&sr=8-1-fkmrnull
​
Step 3: Get a techie job, probably in entry level tech support or helpdesk. You have to do a year or two here to get some practical experience.
​
Step 4: Get the Security+ certification.
​
Step 5: While in your tech support job try to do every security related task you can.
​
Step 6: Attend Bsides conferences (very cheap), there is almost certainly one within a couple hours of you. http://www.securitybsides.com/w/page/12194156/FrontPage
​
Step 7: Join a local hackers group similar to NoVA Hackers or Dallas Hackers.
​
Step 8: Network with everyone you can at security conferences and in your hackers group.
​
Step 9: After you get those certs and some technical work experience, apply for every SOC position you can.
​
Step 10: Take the free online Splunk class while you're waiting.
​
Step 11: Keep going until you get that SOC analyst job.
​
Guess what, you're an infosec professional!
​
That SOC analyst job should pay between $50K and $60K. You'll stay there for a year to eighteen months and get a couple more certifications, then leave for a new job making $75K to $85K. After five years in the tech/cybersecurity industry you should be at $100K+.
​
Feel free to PM me with questions.
You should be aiming to eventually get a position as a Security Operations Center (SOC) analyst.
​
A SOC analyst position gives you some insight into a whole range of different information security problems and practices. You'll see incoming recon and attacks, your org's defenses and responses, and the attacker's counter responses. You'll get experience using a SIEM. You'll become familiar with all of the tools in place and start to figure out what works and what doesn't. You'll learn the workflow of a security team and what the more senior engineers do to protect the enterprise. After a couple of years, you'll probably have a much better idea about your own interests and the path you want to pursue in your career.
​
Here's how you get there:
​
Step 0: Make a habit of using spellcheck, then proofreading what you've written.
​
Step 1: Get the Network+ certification (Skip the A+, it's a waste of time for your purposes). You MUST understand IPv4 networking inside and out, I can't stress that enough. A used Net+ study guide on Amazon should be less than $10. Professor Messer videos are great and free: https://www.youtube.com/user/professormesser
​
Mike Meyers has about the best all in one Network + book out right now, you can get that from Amazon. You can also check out Mike Meyers' channel on Youtube, he has a lot of Network+ videos: https://www.youtube.com/watch?v=1uArp_bSvmA&list=PLtdZ8oHxJRK63k1sYKN4_8z0COxrXlO87
​
Step 2: Start learning some basic Linux. The majority of business computing is done on a unix type platform, this will not change anytime soon.
​
For Linux, I'd highly recommend "Unix and Linux System Administration Handbook" by Evi Nemeth, et al. The information is presented in a way that is comprehensible to regular people. You can get a used copy of the fourth edition for about $15.00. The second edition got me through my first three jobs back in the day :) https://www.amazon.com/UNIX-Linux-System-Administration-Handbook/dp/0131480057/ref=sr_1_fkmrnull_1?keywords=evi+nemeth+4th+edition&qid=1551450119&s=gateway&sr=8-1-fkmrnull
​
Step 3: Get a techie job, probably in entry level tech support or helpdesk. You have to do a year or two here to get some practical experience.
​
Step 4: Get the Security+ certification.
​
Step 5: While in your tech support job try to do every security related task you can.
​
Step 6: Attend Bsides conferences (very cheap), there is almost certainly one within a couple hours of you.http://www.securitybsides.com/w/page/12194156/FrontPage
​
Step 7: Join a local hackers group similar to NoVA Hackers or Dallas Hackers.
​
Step 8: Network with everyone you can at security conferences and in your hackers group.
​
Step 9: After you get those certs and some technical work experience, apply for every SOC position you can.
​
Step 10: Take the free online Splunk class while you're waiting.
​
Step 11: Keep going until you get that SOC analyst job.
​
Guess what, you're an infosec professional!
​
That SOC analyst job should pay between $50K and $60K. You'll stay there for a year to eighteen months and get a couple more certifications, then leave for a new job making $75K to $85K. After five years in the tech/cybersecurity industry you should be at $100K+.
​
The program above is mainly for people that are starting from absolute scratch and using no resources beyond the Internet. If you're actually in some sort of formal program I'd also highly recommend at least one programming class, preferably in python. Being able to automate tasks is an invaluable skill as a SOC analyst and will set you apart from those that can't.
Ok, well I humbly submit to you that if less stress and fewer hours are what you're after the IT industry in general, and the infosec industry in particular, may not be the place to find it. Pretty much all mid or senior level IT/infosec jobs require evening and weekend work at some point and most require a pager rotation as well. That said, the following career plan is mainly for people starting from scratch with little or no tech background and few financial resources. It's designed to get you to a place where you can get exposure to lots of different areas of infosec so you can eventually examine your own interests and then build from there.
​
You should be aiming to eventually get a position as a Security Operations Center (SOC) analyst.
​
A SOC analyst position gives you some insight into a whole range of different information security problems and practices. You'll see incoming recon and attacks, your org's defenses and responses, and the attacker's counter responses. You'll get experience using a SIEM. You'll become familiar with all of the tools in place and start to figure out what works and what doesn't. You'll learn the workflow of a security team and what the more senior engineers do to protect the enterprise. After a couple of years, you'll probably have a much better idea about your own interests and the path you want to pursue in your career. If pentesting really is your thing, you'll learn about all that tactics of the opposition while you're working on the defense side.
​
Here's how you get there:
​
Step 1: Get the Network+ certification (Skip the A+, it's a waste of time for your purposes). You MUST understand IPv4 networking inside and out, I can't stress that enough. A used Net+ study guide on Amazon should be less than $10. Professor Messer videos are great and free: https://www.youtube.com/user/professormesser
​
Mike Meyers has about the best all in one Network + book out right now, you can get that from Amazon. You can also check out Mike Meyers' channel on Youtube, he has a lot of Network+ videos: https://www.youtube.com/watch?v=1uArp_bSvmA&list=PLtdZ8oHxJRK63k1sYKN4_8z0COxrXlO87
​
Step 2: Start learning some basic Linux. The majority of business computing is done on a unix type platform, this will not change anytime soon.
​
For Linux, I'd highly recommend "Unix and Linux System Administration Handbook" by Evi Nemeth, et al. The information is presented in a way that is comprehensible to regular people. You can get a used copy of the fourth edition for about $15.00. The second edition got me through my first three jobs back in the day :) https://www.amazon.com/UNIX-Linux-System-Administration-Handbook/dp/0131480057/ref=sr_1_fkmrnull_1?keywords=evi+nemeth+4th+edition&qid=1551450119&s=gateway&sr=8-1-fkmrnull
​
Step 3: Get a techie job, probably in entry level tech support or helpdesk. You have to do a year or two here to get some practical experience. If you can somehow use personal connections to bypass this step, then go for it, but most people will need to show this time on their resume.
​
Step 4: Get the Security+ certification.
​
Step 5: While in your tech support job try to do every security related task you can.
​
Step 6: Attend Bsides conferences (very cheap), there is almost certainly one within a couple hours of you.http://www.securitybsides.com/w/page/12194156/FrontPage
​
Step 7: Join a local hackers group similar to NoVA Hackers or Dallas Hackers.
​
Step 8: Network with everyone you can at security conferences and in your hackers group.
​
Step 9: After you get those certs and some technical work experience, apply for every SOC position you can.
​
Step 10: Take the free online Splunk class while you're waiting.
​
Step 11: Keep going until you get that SOC analyst job.
​
Guess what, you're an infosec professional!
​
That SOC analyst job should pay between $50K and $60K. You'll stay there for a year to eighteen months and get a couple more certifications, then leave for a new job making $75K to $85K. After five years in the tech/cybersecurity industry you should be at $100K+.
Mike Meyers has about the best all in one Network + book out right now, you can get that from Amazon. You can also check out Mike Meyers' channel on Youtube, he has a lot of Network+ videos: https://www.youtube.com/watch?v=TcIV_qc-eOU
For Linux, I'd highly recommend "Unix and Linux System Administration Handbook" by Evi Nemeth, et al. You can get a used copy of the fourth edition for about $15.00. The second edition got me through my first three jobs back in the day :) https://www.amazon.com/UNIX-Linux-System-Administration-Handbook/dp/0131480057/ref=sr_1_fkmrnull_1?keywords=evi+nemeth+4th+edition&qid=1551450119&s=gateway&sr=8-1-fkmrnull
Unix and Linux system administration handbook - Evi nemeth, garth Snyder.. https://www.amazon.com/UNIX-Linux-System-Administration-Handbook/dp/0131480057
I've heard that this is the best handbook for UNIX/Linux administration:
https://toptalkedbooks.com/amzn/0131480057
Go through a good book like https://toptalkedbooks.com/amzn/0131480057
Get this book. https://toptalkedbooks.com/amzn/0131480057