What do you think?
Rate this book
Building a Career in Cybersecurity: The Strategy and Skills You Need to Succeed
THE INSIDER'S GUIDE TO LAUNCHING AND ACCELERATING YOUR CYBERSECURITY CAREER Cybersecurity is one of the world's fastest growing, most exciting fields--but that doesn't mean it's easy to enter the industry and succeed. Now there's a complete guide to creating a great cybersecurity career, whether you're migrating to cybersecurity from another field or already a cybersecurity professional. Building a Career in Cybersecurity doesn't teach detailed technical skills you can get from a thousand books and videos. Instead, Yuri Diogenes focuses on make-or-break knowledge you won't find personal strategy, planning, process, mindset, and the critical “soft skills” today's employers are desperate to find. Diogenes is your perfect he's been there and done it all. He is Principal PM Manager for a cybersecurity team at Microsoft, hiring the next generation of practitioners. He's also a professor for a bachelor's degree program in cybersecurity, where he prepares students to become cybersecurity professionals. Diogenes will show you exactly what leaders like him are looking for, and mentor you step-by-step through getting started and moving forward. Don't learn “the hard way” by making costly career mistakes. Get this book, and build your plan to win!
192 pages, Paperback
Published July 8, 2023
2 people are currently reading
16 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 4 of 4 reviews
November 3, 2023
I was a bit disappointed to see Building a Career in Cybersecurity: The Strategy and Skills You Need to Succeed (Addison-Wesley) start with the oft repeated mistaken notion that there are millions of open information security jobs. Figures like that do a tremendous disservice to the information security industry and those considering entering it.
As I wrote in Is there really an information security jobs crisis?, and as Kim Jones and I spoke about on this RSA podcast, there are lots of information security jobs, but it’s not that firms are so desperate to hire people that all a person needs is a pulse to get hired.
Aside from that top-of-the-first-inning mistake, Yuri Diogenes of the Microsoft Cloud Security Group has written a helpful guide for those looking to get into information security as a career. At 160 pages, the book is a brief introduction to what it takes to enter and succeed in information security.
For many other careers, from law and medicine to plumbing and construction, and everything in between, there are well-defined career paths. For example, in medicine, all one needs to do is graduate college and medical school, complete a residency, and then enter the medical field. But when it comes to information security, the path from schooling to starting work as an information security professional is not so well defined.
Here, Diogenes gives the reader a plan in which they can enter information security. His focus is very hands-on, and he emphasizes building a home lab in which a person can build their information security skills. Of course, a home lab is no comparison to a real-world environment, but it is still quite valuable.
If a person wants to become an auto mechanic, building their own shop at home could cost tens of thousands of dollars in tools. But when it comes to information security, cheap hardware, and open-source tools mean that a person can build a quality security lab in their home for under a thousand dollars.
For example, 25 years ago, the equivalent of the over 600 commercial tools in Kali Linux would cost a firm about a million dollars. Now all of those tools are free. That is a powerful advantage for the security job seeker learning to hone their skills.
In the media, information security is often portrayed in a James Bond-like fashion. In the real world, it’s far from it. In fact, no one I have ever worked with has driven an Aston Martin. To that, the book details the many world-life challenges involved in information security. Often the hours are brutal, for those in consulting, the client requirements are unrelenting, and the pressures intense.
Diogenes writes how the challenges of working in information security at one point led to his 100-pound weight gain and other health issues. While his passion for information security resulted in job promotions, the lack of work/life balance came with significant consequences. His experience is a cautionary tale for those considering a career in information technology in general, and information security specifically.
His experiences and challenges with work/life balance are not unique and are a significant problem in the industry. It’s not a new issue either. At the 2012 RSA Conference, a panel with Jack Daniel, Gal Shpantzer, KC Yerrid, and others, spoke about security burnout and stress.
The goal of that RSA session was to raise public awareness and support about the risks associated with burnout among information security professionals and build a community of support. There has been a lot of progression in the 13 years since the panel. But the underlying issue of stress, burn-out, and lack of a work/life balance persists. Something to consider for those looking to get into information security.
While the figures of millions of open information security jobs is preposterous. There are indeed though many openings. Getting that job though is not an easy endeavor. But for those who are considering a career in information security and want to thrive in it, Building a Career in Cybersecurity lives up to its title, and will show you the strategies and skills you need to succeed.
As I wrote in Is there really an information security jobs crisis?, and as Kim Jones and I spoke about on this RSA podcast, there are lots of information security jobs, but it’s not that firms are so desperate to hire people that all a person needs is a pulse to get hired.
Aside from that top-of-the-first-inning mistake, Yuri Diogenes of the Microsoft Cloud Security Group has written a helpful guide for those looking to get into information security as a career. At 160 pages, the book is a brief introduction to what it takes to enter and succeed in information security.
For many other careers, from law and medicine to plumbing and construction, and everything in between, there are well-defined career paths. For example, in medicine, all one needs to do is graduate college and medical school, complete a residency, and then enter the medical field. But when it comes to information security, the path from schooling to starting work as an information security professional is not so well defined.
Here, Diogenes gives the reader a plan in which they can enter information security. His focus is very hands-on, and he emphasizes building a home lab in which a person can build their information security skills. Of course, a home lab is no comparison to a real-world environment, but it is still quite valuable.
If a person wants to become an auto mechanic, building their own shop at home could cost tens of thousands of dollars in tools. But when it comes to information security, cheap hardware, and open-source tools mean that a person can build a quality security lab in their home for under a thousand dollars.
For example, 25 years ago, the equivalent of the over 600 commercial tools in Kali Linux would cost a firm about a million dollars. Now all of those tools are free. That is a powerful advantage for the security job seeker learning to hone their skills.
In the media, information security is often portrayed in a James Bond-like fashion. In the real world, it’s far from it. In fact, no one I have ever worked with has driven an Aston Martin. To that, the book details the many world-life challenges involved in information security. Often the hours are brutal, for those in consulting, the client requirements are unrelenting, and the pressures intense.
Diogenes writes how the challenges of working in information security at one point led to his 100-pound weight gain and other health issues. While his passion for information security resulted in job promotions, the lack of work/life balance came with significant consequences. His experience is a cautionary tale for those considering a career in information technology in general, and information security specifically.
His experiences and challenges with work/life balance are not unique and are a significant problem in the industry. It’s not a new issue either. At the 2012 RSA Conference, a panel with Jack Daniel, Gal Shpantzer, KC Yerrid, and others, spoke about security burnout and stress.
The goal of that RSA session was to raise public awareness and support about the risks associated with burnout among information security professionals and build a community of support. There has been a lot of progression in the 13 years since the panel. But the underlying issue of stress, burn-out, and lack of a work/life balance persists. Something to consider for those looking to get into information security.
While the figures of millions of open information security jobs is preposterous. There are indeed though many openings. Getting that job though is not an easy endeavor. But for those who are considering a career in information security and want to thrive in it, Building a Career in Cybersecurity lives up to its title, and will show you the strategies and skills you need to succeed.
December 14, 2025
Honest, Structured, and Inspiring. A Must-Read for Career Builders.
I gave this book 5 stars because it covers a topic that can be very extensive and complex in a clear and straightforward way. I believe that in general, the advice presented here can genuinely help anyone build a strong career and not just in cybersecurity, but in today’s fast-changing job market overall.
What I loved most is how it breaks everything down into a structured, easy-to-follow format. It’s super helpful when you’re trying to figure out where to start and what resources to trust. Plus, the stories and anecdotes mentioned throughout each chapter make it engaging and relatable.
Another point that really sets this book apart is its honesty. The author doesn’t sugarcoat the challenges of cybersecurity, nor does he make it sound impossible, on the contrary. Drawing on years of experience, Yuri gives you the right perspective and touches on all the key points anyone exploring this path needs to know.
I gave this book 5 stars because it covers a topic that can be very extensive and complex in a clear and straightforward way. I believe that in general, the advice presented here can genuinely help anyone build a strong career and not just in cybersecurity, but in today’s fast-changing job market overall.
What I loved most is how it breaks everything down into a structured, easy-to-follow format. It’s super helpful when you’re trying to figure out where to start and what resources to trust. Plus, the stories and anecdotes mentioned throughout each chapter make it engaging and relatable.
Another point that really sets this book apart is its honesty. The author doesn’t sugarcoat the challenges of cybersecurity, nor does he make it sound impossible, on the contrary. Drawing on years of experience, Yuri gives you the right perspective and touches on all the key points anyone exploring this path needs to know.
December 17, 2025
Reading Yuri’s book was a wonderful experience. Although some concepts around Cyber Security careers were challenging to break down, the book made everything much clearer. My niece has been interested in pursuing a career in Cyber Security, and this book helped me confidently guide her. I recommended it to her and her parents, and now everyone feels at ease because she has a better understanding of the career path she wants to follow. This book truly provided direction and reassurance for all of us.
July 5, 2025
Livro muito didático, aborda diversos pontos no quesito de crescimento na área de cibersegurança (onde aborda sobre networking, tópicos a serem estudados dependendo da área de escolha, etc) nas mais variadas vertentes (ramo empresarial, ramo acadêmico e ramo no mercado privado). Bom livro para orientações em escolha e crescimento na carreira em cibersegurança.
Displaying 1 - 4 of 4 reviews