I just retired from a very successful cyber security career. The best thing I did was to get my CISSP. I was a Windows sys admin until 1995, trying to break into IT Security with no nibbles, once I got that cert...doors opened. From there it was still a learning career path. CISA, CISM, CEH, CRISC, CDPSE, CCSP. I got up almost every day at 0500, and studied before work. I almost always paid my own way through these. I ran 3 different DOD cyber teams, one SOC, and 2 GRC.I'd bring in people from other technical teams and teach them the cyber aspects of it. I've been retired for over a year and my phone still rings almost daily with people begging me to return to work.
Man, out of all the guest you had on the show this is the one . Watching just 15 minutes in the video , he touched so many questions I've been trying to figure out for 6 months. This guy is down to earth, don't care and giving straight facts. Keep up the great content and keep going Bearded It guy!!
Hey I’m in the boyd clewis class that he was talking about and it’s crazy cuz a lot of things he says in his class he says here such as tailoring ur resume and looking in other places. I like his program since it focuses on PCI DSS and how to land a job in that field. I’m a month in and have been enjoying the experience but this guy gives great advice.
I live for cybersecurity and to hear someone like ken underhill say something like id be suprised if you havent heard of me is just.. i dunno... ive certainly never heard of him
I worked as an infosec engineer and the amount of colleague who doesn't even know how subnetting and routing protocols work is demotivating and disappointing. Its demotivating you are the only one understands how devices work and communicate.
It’s because guys like this are in charge of hiring lol. They want to play bs games instead of looking at if they can do the job and if they fit with the team. When the hiring process is a clown show, you get clowns hired
My company it's the same as well, a lot of people will only know the system they use. but overall base level knowledge specially network connectivity is like fish out of water. This would be stuff you learn on network+ and security +
Dealing with insomnia, I came across this podcast. I would say Ken is perhaps the most authentic leader in the cybersecurity space. Thank you for speaking the truth.
4:15, yes many people applying to Soc analysts jobs but those are very beginner friendly and very popular opening wise. It’s not going to take 2 years because you chose that path. In fact, that’s one of the easiest and recommended paths as opposed to going straight to for example penetrating, threat hunting, or other paths. I would say don’t limit yourself to just Soc analysts or another path of choice. For now, just try to get into the field.
Didn't expect to get such a wholesome and well-rounded message. This helped me improve my mentality, expectations, and my professional posture. Thank you!
As someone that's been an independent security researcher for 28 years now and me bashing most all the Cybersecurity RU-vid channels and this being the first video I seen of you, I'm a little impressed so far. Will have to check out more videos. Might even bookmark this one.
At 41:42 - that resonates with me because I got my jump into cybersecurity because I offered to teach a group of people on a forum how to shoot skeet (shotgun, clay pigeon targets) for the pleasure of it, no charge. One of them turned out to be a cybersecurity manager, and one thing led to another.
His advice on resumes is awesome. NUmbers are valuable on a resume. I've gotten 4 year jobs from 12 page resumes, btw. It all comes down to answering questions in the interview. Largest panel interview i faced had 12 people in it. They put me in a horseshoe ring in a conf room. Then I used the chair with wheels. Didn't get the job because it turns out it wasn't the job I should have gotten it.
Struggling at the moment with trying to pivot to sales engineering from Dev/Ops. The advice about conveying the desire to make a difference is pure gold. I want to have a voice, which is why I'm looking at sales. I can see where I will add this to my lens that I view submissions through. I have the skills, but I may not be painting the applicable picture. I'm not a practicing theist, but I find religion fascinating. If you want to read a comprehensive bible, you should look at the Eastern Orthodox Bible. It contains the apocrypha that was determined to not be cannon by the Council of Trent. Ethiopia still uses this version. The largest difference between the Geneva & King Jame's are the annotations in the margins. The King considered these notes to be largely seditious. Thank you both for the content.
I'm about half-way through this and haven't heard the best piece. Update your resume online daily. Add a period, remove it the next day. Recruiters sort by most recently updated. When you are hunting, you want to be at the top of their finds.
Interesting guest, intriguing conversation. Ken is hilariously blunt, and kept hitting the nail right on the head. I will subscribe to your RU-vid channel and learn what you got to offer, thanks to my best bearded IT host here beside David Bombal 😊
I have been working in tech for 6 years... Last year I got laid off and spent 10k on Boyd's program...Completed everything I was told to do and worked my butt off... I still don't have a job...
Hi sir, please consider providing episode on devops journey as well. Would be great for people who desire to transform to devops. Thanks for valuable podcasts!
I was afraid of this happening when I first learned about the industry almost 2 years ago. That's why I've been rushing to get my first job and secure a position now before it become ridiculous.
@@Tu51ndBl4d3because you are applying for "entry level Cybersecurity" but in reality no cyber security job is entry level. Gett a job that involves networking and potential for security operations and pivot that's it.
ken, if you've listened to his podcast, he's said on numerous occasions that his course is only for experienced professionals who want to level up in GRC. And that extra boost would get you six figures. Not cool to misquote people while questioning their integrity.
Never "way back when" other people except in a friendly way. You never know what you are up against. My first DBA cert was 1981; Sperry-Univac. Using punch cards. And I get one-upped on that. :)
Awesome content! I love Ken. He is amazing. The Top Book Recommendations! linking to equipments not to books. Can you plz check? Thank you for the video.
Currently on the help desk for a US company but I live in Belize and was wondering how I can start learning about Cybersecurity. Honestly these videos really help with motivation a the advice is really great.
This was a great video. He shared so much information i will watch this again. Loved the jewel about how when he sees candidates teaching on their own sites he views them in a light wherein they can teach new onboarding hires.
Cybersecurity seems to be a frustrating niche to break into. There is no black and white roadmap to follow. You have to get all these additional certs to get your resume thru HR. Only to be told that the certs don't matter much by the actual manager doing the hiring. I'm still gonna do it but I see many people being discouraged and pivoting to other careers.
I decided that the most entry level CS role is still a very advanced role for my experience level (literally zero) so I decided to study software, data analysis, networking and cloud structure and squeeze my way into CS
Bro massive thanks to both for this video. I’m at the beginning of my journey to IT from a nursing background. Your videos have been really helpful and inspiring.
I still can't find an entry-level position that applies to about 100 jobs, so I will teach IT networking in high school. It sucks I went back to school and nothing.
I dont know SOC is not a position people are looking for. now days everyone was to be a hacker so you see people doing anything and everything to be on the offensive side. in fact SOC is the only cyber security job that is always in the look out for people.
Could have been a 10m vid So I have to be a content creator??? Network - hear this all the time, so vague, what can I do for someone else…who am I helping out?? Also, I thought resume should be tailored to job listing…yet if it doesn’t match LinkedIn you are a liar?? 🤥
There is no help out there , the networking thing constantly being mentioned just shows that the person who happens to know someone will have an easy path . No one is walking up to random people and asking "hi do you work in tech ? "
Cybersecurity is really difficult to get in if your young like in your 20s 25’s.. all these older guys and veterans switched careers and screwed all the young students over.
I’m a veteran. I think it more likely that your poor grasp of grammar is what impedes your career progression, rather than my 26 years of service, including over a decade of leadership in combat. It’s “…if you’re young…”. And, you’re welcome
@w0ode198 I think your comment got deleted 😆 It showed up in my e-mail but seems to have fallen through the YT cracks! "Work hard, Study, Earn your Stripes" resonates with me. Cheers!
59:00 --> Jesus Spoke Aramic Language not english or hebrew and we muslims believe that bible has been changed(by jews that didn't believe in jesus) why?? because if you compare the bible from like 1000 or 1500 years ago with now almost everything is different(search it you'll find it) but with the quran(muslims book) it's the same in the last 1400 years.
I had to stop listening at 12:42 because of the loud alarm blasting in my ears. Thank you for the interview and I would really love to finish listening to the next one if possible.
This guy is a full-blown clown act. I hope he isn't typical of infosec leadership, but if he is it certainly explains why everything is getting hacked.