Your Cyber Path: How to Get Your Dream Cybersecurity Job

https://www.yourcyberpath.com/66 In this episode, we are focused on how to make yourself into an irresistible candidate for hiring managers. Today, Naomi Buckwalter, another hiring manager, joins Kip and Jason. What do hiring managers really look for candidates? What makes them irresistible to hire? All the hiring managers in this episode are saying that soft skills, aptitude, and integrity matter. Hence, to be irresistible, you should be the person you have written on your resume. Experience is also important. If you want to be a penetration tester, then you need to collect some experience (either paid or unpaid) in this field so that a hiring manager will take a chance on bringing you onto their team. From day one, you need to bring value to the company through your existing knowledge and experience, which is why hiring managers primarily value your past experience. What You’ll Learn ● What qualities hiring managers are looking for ● What soft skills are ● How important integrity is in the hiring process Relevant Websites For This Episode ● www.YourCyberPath.com Other Relevant Episodes ● Episode 19 - Fascinate Us with Your Resume Summary Statement ● Episode 21 - Your Reputation Matters to Us ● Episode 25 - Evaluating Team Fit & Direction

https://www.yourcyberpath.com/65 In this episode, we are focused on preparing for a role in a security operations center (SOC). To be effective in a SOC, you need to understand how everything works, including promotions, how to work with other people, the skills you need to be hired in the first place, and a good understanding of the tools to use to perform the job successfully. When working for a security operations center, you usually need to be willing to work 24/7/365, since cybersecurity analysts often work on shifting schedules. After all, the bad actors out there don’t stop hacking just because it's 2am on a Saturday morning. If you’re a jobseeker, it is imperative to ask for the organization's staffing so that you can know what that schedule will look like. For example, you could find yourself working 8-hour or 12-hour shifts, and it could include holidays and weekends. There are 5 skills and tools that you need to be able to do your job well - knowing how to read log analysis, packet analysis, how to use security information and event monitor, vulnerability scanning and patch management. In this lesson, we dive into each of these to give you the resources needed to learn these skills and be effective when working in a security operations center. What You’ll Learn ● What skills are needed to conduct log analysis ● What full packet capture is ● How to use a security information and event monitor system ● Why cybersecurity organizations need vulnerability scanning and patch management Relevant Websites For This Episode ● www.YourCyberPath.com Other Relevant Episodes ● Episode 30 - Cybersecurity Job That Fits Like A Glove ● Episode 31 - All The Jobs in A Large Cybersecurity Organization ● Episode 37 - Security Operations Overview

https://www.yourcyberpath.com/64 In this episode, our special guest, Sebastian Whiting will talk about his mid-career transition into the cybersecurity industry. In his previous career, he was in the Navy working on nuclear submarines, and now he is working as a cybersecurity analyst. Together with Kip and Jason, Sebastian covers the step-by-step process of what he did to transition from one career field to another. If you are like Sebastian was and working in a career that you aren’t passionate about, you will learn how to shift your passion into the world of cybersecurity and gain motivation to continue to learn and grow during your transition. Jason and Kip also discuss the importance (or lack of importance) placed on a college degree during this transition, as well as the right time to get either a bachelor's degree or a master’s degree, since those can affect the hiring process for certain roles with certain organizations. Understanding which organization’s value a degree can help put you on the path to college, or allow you to bypass it completely while saving you a lot of time and money. What You’ll Learn ● How to transition from your current into the cybersecurity industry ● Whether a bachelor’s degree or master’s degree is relevant and required for a position ● When certifications may be important in the hiring process Relevant Websites For This Episode ● Your Cyber Path (https://www.yourcyberpath.com) Tags: Cybersecurity Certification, Security Analyst, Cybersecurity Other Relevant Episodes ● Episode 28 - Five Principles to Help You Get Your Dream Cybersecurity Job ● Episode 29 - Job Hunting on LinkedIn ● Episode 38 - Wes’ Job Hunt

https://www.yourcyberpath.com/63 In this episode, we discuss the top five reasons why you may not be getting a job in the cybersecurity industry right now. After working in the cybersecurity industry for many years, Kip and Jason have identified the five most common reasons that a person does not land their dream cybersecurity position. Job seekers often do not see the bigger picture or understand the challenges that the hiring manager has in filling the position, which is one of the main things that keeps them from their dream job. To help you understand why you might not be getting hired right now, Kip and Jason discuss how a lack of experience, lack of certifications, lack of salary knowledge, lack of soft skills, and a lack of understanding of your own strengths can lead to rejection when applying for a position. Luckily, there are things you can do to help increase the odds of getting hired, as discussed in this episode. What You’ll Learn · Why experience matters most to hiring managers · Why certifications are important in the cybersecurity industry · Why asking for too much or too little money can hurt your chances at landing a position · Why soft skills are more important than your technical skills · Why understanding yourself is important to a long and satisfying career in cybersecurity Relevant Websites For This Episode · Your Cyber Path (https://www.yourcyberpath.com) · Your Cyber Path Hiring Quiz (https://www.yourcyberpath.com/hiring quiz) · Glass Door (https://www.glassdoor.com) · DISC Profiles (https://www.discprofile.com) Tags: Experience, Certifications, Salary, Soft Skills Other Relevant Episodes · Episode 55 – Which cybersecurity certifications should you get · Episode 49 – Why entry-level jobs aren’t really entry level · Episode 46 – ATS Secrets - Boost your Resume with these Clever Tips Episode 30 – A cybersecurity job that fits you like a glove

https://www.yourcyberpath.com/62 In this episode, we cover the importance of the NIST Cybersecurity Framework (NIST CSF) and its use in managing risk as a business process within your organizations. The NIST Cybersecurity Framework was developed by the National Institute of Standards and Technology in collaboration with cybersecurity experts across the world. The framework is divided into three parts: the Framework Core, the Framework Implementation Tiers, and the Framework Profile. The Framework Core contains the five concurrent and continuous functions performed by a cybersecurity organization: identify, protect, detect, respond, and recover. The Framework Implementation Tiers provides 4 levels of achievement for cybersecurity risk management. The Framework Profiles contains 23 activities and 108 outcomes that can be used to create a profile for your organization to manage its cybersecurity risk. Kip Boyle and Jason Dion spend this episode providing a great overview of the NIST Cybersecurity Framework and its benefits. The team has recently filmed a long-form course that dives into each and every part of the Framework and teaches you how to use it in your own consulting and risk management efforts. You can find the course on the Your Cyber Path website or at our distribution partner’s website, Udemy. What You’ll Learn ● What the NIST Cybersecurity Framework is ● The benefits of using the NIST Cybersecurity Framework ● The three parts of the NIST Cybersecurity Framework ● How to integrate other control methods (ISACA, ISO, RMF) into the NIST Cybersecurity Framework Relevant Websites For This Episode ● NIST Cybersecurity Framework course (https://www.yourcyberpath.com/udemy) ● NIST Cybersecurity Framework (https://www.nist.gov/cyberframework) ● Your Cyber Path (https://www.yourcyberpath.com) Tags: NIST CSF, Courses Other Relevant Episodes ● Episode 50 – What does it take to lead a cybersecurity program ● Episode 53 – How to buy cyber insurance for your law practice

https://www.yourcyberpath.com/61 In this episode, we talked with John Strand (Founder of Black Hills Information Security and Antisyphon InfoSec Training) about the importance of skills-based certification and training. John’s goal is the provide world-class skills-based training to everyone at an affordable price using a unique pay-what-you-can model. Skills-based certification is different from traditional certifications in that they do not use multiple-choice exams to test your knowledge of the material and instead require candidates to prove their knowledge through real-world, work-related exercises. These skill-based certification courses are short in duration and extremely hands-on in nature. During this discussion, we explain the differences between ANSI-based certifications and non-ANSI certifications. The importance of certifications in general to the hiring managers and human resources teams is also discussed because large organizations rely on these ANSI-based certifications. Smaller organizations, though, like Black Hills Information Security who has under 100 employees, don’t necessarily rely on certifications to find qualified candidates. Cyber deception was also discussed, which is a way of setting up honey tokens in your domain servers to identify hackers, attackers, and penetration testers when they try to break into your system. John provides three quick tips to implement cyber deception in your network today! What You’ll Learn · The importance of skills-based certifications · The difference between ANSI and non-ANSI certifications · How to use honeytokens and canary tokens to detect an attacker quickly Relevant Websites For This Episode · Black Hills Information Security (https://www.blackhillsinfosec.com) · Antisyphon Training (https://www.antisyphontraining.com) · Canary Tokens (https://canarytokens.org) · Try Hack Me (https://tryhackme.com) · Hack the Box (https://www.hackthebox.com) · Holiday Hack Challenges (https://www.holidayhackchallenge.com)

https://www.yourcyberpath.com/60 In this episode, we discuss the top five positions that allow you to two-step your way into a new role in the cybersecurity industry. Often, people have a difficult time breaking into the cybersecurity industry due to the lack of entry-level positions or they can’t afford to take start at the beginning of a traditional career path by making $15/hour working in the help desk. By utilizing a two-step approach to landing a cybersecurity position, you can leverage your existing skills to move laterally into a similar position in a cybersecurity adjacent role and then gain experience to land a full role in cybersecurity. This episode focuses on the top five roles used in the two-step approach. The first is network and system administration since it serves as the traditional feeder role for people entering cybersecurity. The second is IT and cybersecurity auditing which utilizes skills from bookkeeping, finance, and accounting. The third is software development which can be leveraged into bug bounty hunting or DevSecOps positions. The fourth is project management when applied to cybersecurity and IT projects. The fifth is physical security which can be used to gain a security clearance and land a cybersecurity position in the defense contracting world. These positions often allow someone with a few years of experience in another field to take a position in or around the cybersecurity industry at their current pay level without having to start over at the beginning. The two-step is a great approach to use for mid-career professionals looking to move into the cybersecurity industry. What You’ll Learn · What is a two-step into a cybersecurity position · Which positions and prior experience can help your two-step into cybersecurity · How can you move into a cybersecurity position without starting at the help desk Relevant Websites For This Episode · Your Cyber Path (https://www.yourcyberpath.com) · Dion Training (https://www.diontraining.com)

https://www.yourcyberpath.com/59 About This Episode In this episode, we learn about the five things you should know before getting a job in the cybersecurity industry. First, we discussed what the reality is in terms of entry-level cybersecurity jobs. Even entry-level cybersecurity roles require previous experience in a related position. These include network administrator, system administrator, or auditor, and show employers you are ready to move into cybersecurity. Unlike many industries, there is no direct entry-level positions in cybersecurity, and this can confuse a lot of people and make it difficult to get their career started. To land an entry-level cybersecurity position, you will need extra knowledge and expertise before you can get hired. Second, we discussed the relative importance of a cybersecurity degree in landing your first cybersecurity position. Contrary to popular belief, a higher-level education without any matching experience is not the key to landing your first position. In fact, in most cases, certifications are more likely to help you land an interview than a degree. Third, we discussed the importance of experience in landing your first position. As a hiring manager, the three things that are evaluated are your experience, certifications, and degrees, in that order. We also discussed some ways for you to gain experience even if you haven’t landed your first position, yet. Fourth, we discussed some realistic salary expectations for you to have when looking for your first cybersecurity position. Many new entrants to the cybersecurity industry have misguided expectations of the salary they can command in their first position. When determining your initial salary, employers will consider your experience, certifications, and degrees, as well as the location of the corporate headquarters, your local office, or your home office when making an offer. Finally, we discussed some different jobs that exist in the cybersecurity industry world that go beyond penetration testing. For some reason, most new entrants to the cybersecurity industry believe that penetration testing is the only cybersecurity role, but that simply isn’t true. In the final part of this episode, Jason and Kip discuss some of their favorite cybersecurity roles that people can find as they enter the industry. * There are no real entry-level cybersecurity jobs * A cybersecurity bachelor or master’s degree is not essential to getting hired * You must have some experience to land your first position * You need to have realistic salary expectations * There are more than just penetration testing roles in cybersecurity What You’ll Learn · A more realistic view of the cybersecurity industry · What to expect in a typical cybersecurity role · What things hiring managers consider in hiring a candidate · How your salary is determined for a position · How to best position yourself to land your first role in the industry Relevant websites for this Episode Your Cyber Path (https://www.yourycberpath.com)

https://www.yourcyberpath.com/58 In this episode, we’re going to learn how one person was able to overcome the catch-22 of getting a cybersecurity job when you don’t have experience, but you cannot get experience because no one will hire you. Our guest, Ed Skipka, a professional vulnerability management analyst, shares his personal experience of how he overcame this catch-22 and provides some great recommendations for others who find themselves in this same position. So, how does someone get the position if you didn't already have experience? During the interview, Ed answers this by talking about how he landed that first IT job. Many of our listeners struggle with getting their first job, and hearing how others have navigated this challenge in the hiring process can help you get some ideas that you can apply to your own job search. Ed shares his certification experience and the different positions he chosein order to land his first “real” cybersecurity role. Ed went from zero experience and working in a bike shop to being a vulnerability management analyst in 18 months. His story shows that you can break through the catch-22 through certifications, networking, and your own personal ambition. Ed also talks about how he wanted to move up within his current company, but when there were no roles for him there he didn't give up and landed a position at a new company. The moral of Ed’s story is that even if you are "just" working a field service role, you never know where your NEXT role is going to come from, so always impress your bosses, your customers, and those you interact with daily. Network, network, network. Relevant Websites For This Episode Hired in 21 Days (https://www.hiredin21days.com)Dion Training (https://www.diontraining.com)USA Jobs (https:// www.usajobs.gov)

https://www.yourcyberpath.com/57 About This Episode In this episode, we are discussing the different hiring seasons in the cybersecurity industry. After all, understanding the different hiring seasons is essential to reaching your goal of getting hired into your dream cybersecurity role. Many people don’t realize that there are high periods and low periods of hiring throughout the calendar year, so in this episode we are going to discuss the three key hiring periods that occur each year and the reasons behind them. Looking for a job can be challenging, so it is often difficult to land your dream job immediately. By understanding the hiring cycles and where they exist on the calendar, you are going to be able to increase your odds of landing a position faster. Depending on the specific portion of the cybersecurity industry you want to work in, there are better and worse times to submit your application. For example, if you want to get a position working for the government, one of the biggest hiring seasons tends to be in October and November because the Government’s new fiscal year begins on October 1st each year. Throughout this episode, we will focus on the three distinct hiring seasons and which is used in which parts of the industry. This includes the January/February, April/May, October/November hiring seasons. Of course, you can find a job at any time during the year, but certain times are better than others as you will learn in this episode. While timing can help increase your odds of success, remember that you still need perseverance, adding value to the organization, and being confident in overcoming challenges to ultimately be successful in your job hunt. What You’ll Learn How does the calendar affect the hiring process?Why do different companies and organization hire more people during specific times of the year?What steps can you take to increase your odds of being hired during that hiring season? Relevant Websites for This Episode https://www.YourCyberPath.comhttps://www.HiredIn21Days.comhttps:// www.usajobs.gov

https://www.yourcyberpath.com/56 In this episode, we provided an introduction to cybersecurity careers in the defense sector within the United States. This discussion can provide you with a great starting point for understanding how to get a cybersecurity position within this sector of the industry. The defense sector consists of three main categories of positions: military members, government civilians, and government contractors. The defense sector is a huge area of growth in the cybersecurity industry, with over 50% of all federal government cybersecurity spending being dedicated to the Department of Defense’s budget for digital security in the United States. This equates to a lot of cybersecurity work and positions being made available within the industry for qualified and cleared individuals. As we went through the episode, we covered all three areas and types of positions available in the defense industry. We discussed the advantages and disadvantages of joining the military or the reserve forces in order to get a cybersecurity position. For example, if you join the military, they will provide you with all of the training and qualifications necessary to become a talented cyber defense professional. We also covered the role of government civilians and the lengthy application process they undergo to land one of these positions. There is usually a lot of competition for these positions and a lot of “preference factors” that they use in determining who to hire for these positions. Finally, we covered the work of government contractors, which consists of the commercial companies involved with conducting business for the government. For many defense sector cybersecurity positions, it is important to maintain a Secret or Top-Secret security clearance. This is another lengthy process, unfortunately, and can take between 6 to 18 months to finalize your investigation and get awarded a clearance. Due to this, those that have already received a validated security clearance have a significant advantage in getting hired those who are waiting for one or simply do not have one yet. The requirements for the Cyber Security Workforce (CSWF) requirements and certifications were also discussed. As we discussed in the episode, there are a lot of other differences between applying for a civilian or contractor job inside of the defense industry, especially in terms of the position description and the way you will write your resume. If you want to land a contract position, you should visit the company’s website or any of the major job boards like LinkedIn, Monster, etc. If you want to land a government civilian position, then you should visit their central repository at USA Jobs. What You’ll Learn ● What is the defense sector? ● What are the three different types of positions available to work for the government? ● What type of requirements are needed to get a job in the defense sector? ● What type of roles are there in the defense sector? ● Are there any differences when applying for a civilian or contractor position? Relevant Websites for This Episode ● www.YourCyberPath.com ● www.HiredIn21Days.com ● www.linkedin.com ● www.monster.com ● www.usajobs.gov

https://www.yourcyberpath.com/55 In this episode, we are focused on the ever-divisive question of the importance of certifications in the cybersecurity industry. The answer to this question has changed over time from certifications being unimportant, to them being extremely important, to well, it depends. Certifications can be extremely important for several reasons, including their ability to help your resume get through the Applicant Tracking System (ATS) filters used by the human resources and recruiting team, but they are not a silver bullet that will instantly land you a job. As Jason Dion (Lead Instructor of Dion Training) shares with us in this episode, certifications can be your ticket to getting an interview, but they alone won’t get you the position. That said, without having that certification on your resume, you can easily be filtered out of consideration before a hiring manager even gets a chance to look over your resume. This makes having the right certifications and experience imperative if you want to land your dream cybersecurity position. Just as a certification isn’t a substitute for a college degree, you will also learn that a college degree is not a substitution for having the right certifications. This is often not an “either-or” thing, but a “yes-and” type of thing that you must achieve for many cybersecurity positions. What You’ll Learn · Why certifications are important in the cybersecurity industry · Are certifications or experience more important to a hiring manager? · Are certifications or college degrees more important to a hiring manager? · Which certifications should you be getting to advance in your career? Relevant Websites For This Episode · Hired in 21 Days (https://www.hiredin21days.com) · Dion Training (https://www.diontraining.com) · CompTIA (https://www.comptia.org) · ITIL® 4 Foundation (https://www.axelos.com/certifications/itil-certifications/itil-foundation) · CREST (https://www.crest-approved.org)

For the past year, my good friend Wes Shriner has been my cohost. We’ve created some great episodes together, which I hope have helped you. These days Wes is super busy in his new role as Chief Information Security Officer, and I couldn’t be happier for him. So now that Wes has graduated from being my cohost, I’ve invited Jason Dion to cohost. Some of you may already know about Jason from his online certification prep courses. Maybe you’re already a customer of his? Well, it turns out that Jason is much more than a certification expert. He’s also an experienced hiring manager. So let’s meet Jason! Applying For Cybersecurity Jobs But Struggling To Get Hired? Take This 2 Minute Quiz To Find Out Where You’re Getting Stuck In The Hiring Process! https://www.hiredin21days.com

"This week we have hosts, Kip Boyle, CEO of Cyber Risk Opportunities, Jake Bernstein, CISSP from K&L Gates, and Chris Brumfield, CPCU, ARe, a Professional Liability Advisor and no-fee independent insurance broker present a rapidly changing yet crucial cyber risk management tool in this CLE recording from September 15th, 2021. All cyber risk managers need to understand Cyber Insurance, and so should all of us! This is the second CLE we have hosted in a webinar format, and will be doing another one on December 15, 2021! If you want to be a part of this comment below and we will make sure we get you on the list!"

This week we are highlighting one of our popular episodes! First covered back in Episode 40, we covered the topic of Security Awareness Training, and wanted to revisit it again in this epsiode. Looking for a nontechnical job in Cybersecurity?! This might be a good option for you! In today's episode, we have a very special guest, Gabriel Friedlander, the founder of Wizer Security and Co-founder & CTO of ObserveIT. Join experienced hiring managers, Wes Shriner, Kip Boyle, and Gabriel Friedlander as they explore Governance Risk and Compliance (GRC) and Security Awareness and training from the Common Security Service Catalog. They will be exploring: ✅ Cybersecurity Awareness Month ✅ Required Training ✅ Behavioral Training ✅ Skills Training Loved this episode and want to learn more about Wizer?! Check out more here: https://www.wizer-training.com/ Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf

In episode 50, we showed you the first half of Kip's presentation with Ritsumeikan Asia Pacific University, where Kip talked with the students about Cybersecurity Management. This is the second half of this 2 part series, where we did open Q&A. They asked a lot of good questions! If you missed the first half, check out EP 50 here: https://youtu.be/HmS4AuGrD-c Interested in my book?! It is available in paperback, kindle, and audible. Check it out here: https://www.amazon.com/Fire-Doesnt-Innovate-Executives-Practical-ebook/dp/B07M7KTZWX Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf --- Send in a voice message: https://anchor.fm/yourcyberpath/message

"Recently, I was asked to be a guest speaker for Professor Kevin Cooney at Ritsumeikan Asia Pacific University, to talk with his students about Cybersecurity Management. I have split this up into two sections, the first half which is this episode is the lecture and then the next podcast will be the open Q&A I did with them. I was so honored to talk with this group of students and to learn that they have been using my book, Fire Doesn't Innovate, as one of their textbooks. Interested in my book?! It is available in paperback, kindle, and audible. Check it out here: https://www.amazon.com/Fire-Doesnt-Innovate-Executives-Practical-ebook/dp/B07M7KTZWX Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf" --- Send in a voice message: https://anchor.fm/yourcyberpath/message

In today’s episode I want to answer a common question that I get: “Why do all the cybersecurity job postings ask for 5 years of experience but they're labeled as entry level positions?” Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf --- Send in a voice message: https://anchor.fm/yourcyberpath/message

Due to recent Cyber Attacks, we are going to share a replay of a continuing legal education course that Kip Boyle and Jake Bernstein have recently done. In this session, they will walk you through two different ransomware attacks that they have handled in ordinary language. This will include how the attack started, how the client recovered, and what the role of the attorney is throughout the incident. Download slides from previous episodes here: https://try.YourCyberPathcom/cyber-org --- Send in a voice message: https://anchor.fm/yourcyberpath/message

Our guest Marc Menninger joins Kip Boyle in this episode. Marc is the Director of Information Security with A Place For Mom. He is also a cybersecurity hiring manager. Listen to the tips he gives on how to use your transferrable skills and present yourself during an interview! Download slides from previous episodes here: https://try.YourCyberPathcom/cyber-org Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf --- Send in a voice message: https://anchor.fm/yourcyberpath/message

Our guest Arthureen Brown joins Kip Boyle in this episode. Arthureen is a Business Information Security Officer (BISO) with Altria. She is also a cybersecurity hiring manager. Listen to the tips she gives on how to get your resume noticed through the applicant tracking system AND her bonus tips on how to present yourself during an interview! Download slides from previous episodes here: https://try.YourCyberPathcom/cyber-org Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf --- Send in a voice message: https://anchor.fm/yourcyberpath/message

Today Kip Boyle is joined with Glen Sorensen to look at three anonymous, but real, resumes of people trying to get their dream cybersecurity job. What makes a good resume? How can your resume start making you appear irresistible to hiring managers? Listen to today's podcast for the scoop. Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf --- Send in a voice message: https://anchor.fm/yourcyberpath/message

Kip Boyle and Wes Shriner are on vacation this week, so we're going to revist one of their most popular episodes together. Do you know all the different jobs inside a typical large company cybersecurity department? And, which ones are a good fit for you? In what was the first of a brand new series of episodes, Wes and Kip will take you on a grand tour so you can find out what's going on behind that locked cybersecurity career door... Download the slides here: https://try.yourcyberpath.com/cyber-org Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf --- Send in a voice message: https://anchor.fm/yourcyberpath/message

Kip Boyle and Wes Shriner talk more about the Service Catalog specifically number 15, Threat Intelligence with the help of our two guests, Mike Sheward, an enthusiastic Information Security Leader, and Gary Brown, an Intelligence Officer, US Airforce, Ret'd. We will go over: ◾ Threat Intelligence Reporting ◾ The Intelligence Cycle ◾ Threat Intelligence Processes ◾ Positions in Threat Intelligence ◾ Diamond Model Comment below and share what you thought about today's episode! LinkedIn Profile of our Guests: https://www.linkedin.com/in/mikesheward/ https://www.linkedin.com/in/gary-brown-infosec-pro/ Download the slides here: https://try.yourcyberpath.com/cyber-org Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf --- Send in a voice message: https://anchor.fm/yourcyberpath/message

Kip Boyle and Wes Shriner talk more about the Service Catalog specifically number 10, Security Strategy in Architecture with the help of our guest, Peter H. Gregory. He is has written about 50 different articles and books on Cybersecurity. He is a wealth of knowledge! So strap in and let's learn all about Security Strategy in Architecture! There are 3 Types of Architects that we will go over: ◾ Enterprise Architect, Security ◾ Security Strategy Architect ◾ Security Solution Architect Note: there is a 4th but it is actually covered in service catalog #11 Solution Engineering and Architecture. But we will go over this in a later episode! Comment below and share what you thought about today's episode! LinkedIn Profile of our Guest: https://www.linkedin.com/in/petergregory/ And/or learn more about him here: https://en.wikipedia.org/wiki/Peter_H._Gregory Download the slides here: https://try.yourcyberpath.com/cyber-org Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf --- Send in a voice message: https://anchor.fm/yourcyberpath/message

Kip and Wes are on the vacation this week, so instead, you get a very special episode where we are sharing with you an interview we have done in one of our recent Your Cyber Path Office Hours in our Masterclass, How to get your Dream Cybersecurity Job. We are interviewing my friend, Mike Sheward who is a highly experienced network penetration tester, he finds vulnerabilities in web apps and the infrastructure they are hosted on. --- Send in a voice message: https://anchor.fm/yourcyberpath/message

Looking for a nontechnical job in Cybersecurity?! This might be a good option for you! In today's episode, we have a very special guest, Gabriel Friedlander, the founder of Wizer Security and Co-founder & CTO of ObserveIT. Join experienced hiring managers, Wes Shriner, Kip Boyle, and Gabriel Friedlander as they explore Governance Risk and Compliance (GRC) and Security Awareness and training from the Common Security Service Catalog. Download the slides here: https://try.yourcyberpath.com/cyber-org​ Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf --- Send in a voice message: https://anchor.fm/yourcyberpath/message

All security begins with a Policy! In today's episode, we will be exploring a Policy Administrator position and what you should know about it with the help of our friend Torin Larsen. Download the slides here: https://try.yourcyberpath.com/cyber-org --- Send in a voice message: https://anchor.fm/yourcyberpath/message

Wes recently went looking for his dream cybersecurity job. We’re going to tell you his story. There are quite a few lessons he learned and will share with you. You can see us on YouTube: https://www.youtube.com/YourCyberPath Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf --- Send in a voice message: https://anchor.fm/yourcyberpath/message

Some of the best "entry level" cybersecurity jobs are found in the Security Operations department. In this episode, Kip and Wes will give you a tour with the help of our guest, Steve Winterfeld. NEW: You can see us (and the slides) on YouTube: https://www.youtube.com/YourCyberPath Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf --- Send in a voice message: https://anchor.fm/yourcyberpath/message

Today, we’re going to explain what the Product Security organizational unit does. And we’ll do that with the help of our friend and expert Matt Clapham. NEW: You can see us (and the slides) on YouTube: https://www.youtube.com/YourCyberPath Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf --- Send in a voice message: https://anchor.fm/yourcyberpath/message

Today, we’re going to focus on the Governance, Risk, and Compliance function. Also called “GRC” with help from our friend and expert Shan Sankaran. NEW: You can see us (and the slides) on YouTube: https://www.youtube.com/YourCyberPath Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf Here's the story of Steve McMichael, who went from accounting to an excellent GRC job: https://www.YourCyberPath.com/steve --- Send in a voice message: https://anchor.fm/yourcyberpath/message

What jobs are in the Security, Engineering, Architecture, and Test organizational unit? In this episode, Kip and Wes break it down with our guest, Brad Gobble, an experienced hiring manager for this org unit. NEW: You can see us (and the slides) on YouTube: https://www.youtube.com/playlist?list=PLK1Bn1577F9nbrTcYHYKdXtl4aw79HjZn Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf --- Send in a voice message: https://anchor.fm/yourcyberpath/message

If you want to know where's the most opportunity in a typical cybersecurity organization, follow the money. In this episode, Kip and Wes unpack where the money is spent which will help you figure out where break-in. NEW: You can see us (and the slides) on YouTube: https://www.youtube.com/playlist?list=PLK1Bn1577F9nbrTcYHYKdXtl4aw79HjZn Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf --- Send in a voice message: https://anchor.fm/yourcyberpath/message

There are 23 different services performed by a typical large company cybersecurity department. Which ones are best for people who are new to the career field? Wes and Kip tell you in today's episode. NEW: You can see us (and the slides) on YouTube: https://www.youtube.com/playlist?list=PLK1Bn1577F9nbrTcYHYKdXtl4aw79HjZn Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf --- Send in a voice message: https://anchor.fm/yourcyberpath/message

Do you know all the different jobs inside a typical large company cybersecurity department? And, which ones are a good fit for you? In this first of a brand new series of episodes, Wes and Kip will take you on a grand tour so you can find out what's going on behind that locked door. NEW: You can see us (and the slides) on YouTube: https://www.youtube.com/playlist?list=PLK1Bn1577F9nbrTcYHYKdXtl4aw79HjZn Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf --- Send in a voice message: https://anchor.fm/yourcyberpath/message

Our guest hiring manager Anna-Lisa Miller shares her 4-point plan for how to get a cybersecurity job that really fits you. https://www.linkedin.com/in/anna-lisa-miller Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf --- Send in a voice message: https://anchor.fm/yourcyberpath/message

The best way to get your resume in front of a hiring manager often requires you to connect with that person, or a member of their team. Our guest Glen Sorensen tells us how to do that on LinkedIn in four easy steps. https://www.linkedin.com/in/glensorensen861398/ Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf --- Send in a voice message: https://anchor.fm/yourcyberpath/message

“Do something you love, and you’ll never work another day in your life." Our guest hiring manager Jeffrey Jones says if you’re looking for your dream cybersecurity job, you need to keep these five principles in mind... https://www.linkedin.com/in/jeffreyjonescissp Want to get your dream cybersecurity job? Our highly rated masterclass will put you on your cyber path! https://www.YourCyberPath.com --- Send in a voice message: https://anchor.fm/yourcyberpath/message

LinkedIn: How’s your profile? What are you putting out there about you? This is your personal brand, so you need to be thoughtful about what hiring managers are seeing when they look at it. Listen to find out what to do! Want to get your dream cybersecurity job? Our highly rated masterclass will put you on your cyber path! https://www.YourCyberPath.com --- Send in a voice message: https://anchor.fm/yourcyberpath/message

You submitted your resume and job application but they never call you. Did you do anything wrong? It’s possible. Listen to find out what to check for... Want to get your dream cybersecurity job? Our highly rated masterclass will put you on your cyber path! https://www.YourCyberPath.com --- Send in a voice message: https://anchor.fm/yourcyberpath/message

You’ve found a great looking job. Now: How do you evaluate whether you’ll fit into the team? Do you want to go in the same direction as them? And, how do hiring managers evaluate candidates for fit and direction? Listen in to find out. Want to get your dream cybersecurity job? Our highly rated masterclass will put you on your cyber path! https://www.YourCyberPath.com --- Send in a voice message: https://anchor.fm/yourcyberpath/message

What if you have a gap between your current skills and the employer’s required skills for your dream cybersecurity job? How do you navigate that gap? Listen in to find out. Want to get your dream cybersecurity job? Our highly rated masterclass will put you on your cyber path! https://www.YourCyberPath.com --- Send in a voice message: https://anchor.fm/yourcyberpath/message

What goes in the job history section of your resume? How much detail should you include? And, how do hiring managers evaluate that section? Want to get your dream cybersecurity job? Our highly rated masterclass will put you on your cyber path! https://www.YourCyberPath.com --- Send in a voice message: https://anchor.fm/yourcyberpath/message

Your reputation is so important to the hiring manager. And one of the biggest drivers of your reputation is your personal brand. On a related note, how did you left your last job. Did you leave it well? Want to get your dream cybersecurity job? Our highly rated masterclass will put you on your cyber path! https://www.YourCyberPath.com --- Send in a voice message: https://anchor.fm/yourcyberpath/message

The Skills Section of your resume needs to match up to the job you're pursuing. What goes in there? How much detail should there be? How do cybersecurity hiring managers evaluate that section? What common mistakes should you avoid? We'll cover all that and more. Plus, a listener request. Want to get your dream cybersecurity job? Our highly-rated masterclass will put you on your cyber path! https://www.YourCyberPath.com --- Send in a voice message: https://anchor.fm/yourcyberpath/message

As we announced in the last episode, Wes and I have switched to an every-other-week schedule. Unfortunately, this is the first "off week" so there's no full episode today. We appreciate you and we’ll see you next week! --- Send in a voice message: https://anchor.fm/yourcyberpath/message

Your Summary Statement at the top of your resume is the most important section. It’s your chance to hook us into reading the rest of your resume. Here’s how we’re hoping you’ll write it. Want to get your dream cybersecurity job? Our highly-rated masterclass will put you on your cyber path! https://www.YourCyberPath.com --- Send in a voice message: https://anchor.fm/yourcyberpath/message

What's it like to try and get a cybersecurity job during the COVID-19 pandemic? It's clear the hiring market has shifted. But how? And what does it mean to you? My guest Wes Shriner is a manager on the cybersecurity team at a Fortune 100 company. Join us as we unpack these questions and more. If you're struggling to get hired checkout out our masterclass "How to Get Your Dream Cybersecurity Job (As Told by Hiring Managers)" at https://www.YourCyberPath.com --- Send in a voice message: https://anchor.fm/yourcyberpath/message

Wes Shriner is a manager on the cybersecurity team at a Fortune 100 company. Over the years, he's hired over 100 cybersecurity professionals. He thinks reviewing resumes isn’t nearly as fun as doing cybersecurity! But he's gotten good at it because he believes hiring is the most strategic thing a management team can do. In this episode, he'll tell you what the resume of a strong candidate looks like. --- Send in a voice message: https://anchor.fm/yourcyberpath/message