What do you think?
Rate this book
Cybersecurity Career Master Plan: Proven techniques and effective tips to help you advance in your cybersecurity career
Start your Cybersecurity career with expert advice on how to get certified, find your first job, and progress
Purchase of the print or Kindle book includes a free eBook in PDF format
Key FeaturesLearn how to follow your desired career path that results in a well-paid, rewarding job in cybersecurityExplore expert tips relating to career growth and certification optionsAccess informative content from a panel of experienced cybersecurity expertsBook DescriptionCybersecurity is an emerging career trend and will continue to become increasingly important. Despite the lucrative pay and significant career growth opportunities, many people are unsure of how to get started.
This book is designed by leading industry experts to help you enter the world of cybersecurity with confidence, covering everything from gaining the right certification to tips and tools for finding your first job. The book starts by helping you gain a foundational understanding of cybersecurity, covering cyber law, cyber policy, and frameworks. Next, you'll focus on how to choose the career field best suited to you from options such as security operations, penetration testing, and risk analysis. The book also guides you through the different certification options as well as the pros and cons of a formal college education versus formal certificate courses. Later, you'll discover the importance of defining and understanding your brand. Finally, you'll get up to speed with different career paths and learning opportunities.
By the end of this cyber book, you will have gained the knowledge you need to clearly define your career path and develop goals relating to career progression.
What you will learnGain an understanding of cybersecurity essentials, including the different frameworks and laws, and specialtiesFind out how to land your first job in the cybersecurity industryUnderstand the difference between college education and certificate coursesBuild goals and timelines to encourage a work/life balance while delivering value in your jobUnderstand the different types of cybersecurity jobs available and what it means to be entry-levelBuild affordable, practical labs to develop your technical skillsDiscover how to set goals and maintain momentum after landing your first cybersecurity jobWho this book is forThis book is for college graduates, military veterans transitioning from active service, individuals looking to make a mid-career switch, and aspiring IT professionals. Anyone who considers cybersecurity as a potential career field but feels intimidated, overwhelmed, or unsure of where to get started will also find this book useful. No experience or cybersecurity knowledge is needed to get started.
Table of ContentsNew Career in Cyber... “Who Dis?”Which Career Field Is Best for You?Different Strokes for Different FolksExploring Certifications and CollegeGetting Hands-On Experience with No ExperienceTime to Brand Yourself – Not the Burning TypeHow to Land a Jay-Oh-Bee! Giving Back to Others and YourselfTrusting the Process
Purchase of the print or Kindle book includes a free eBook in PDF format
Key FeaturesLearn how to follow your desired career path that results in a well-paid, rewarding job in cybersecurityExplore expert tips relating to career growth and certification optionsAccess informative content from a panel of experienced cybersecurity expertsBook DescriptionCybersecurity is an emerging career trend and will continue to become increasingly important. Despite the lucrative pay and significant career growth opportunities, many people are unsure of how to get started.
This book is designed by leading industry experts to help you enter the world of cybersecurity with confidence, covering everything from gaining the right certification to tips and tools for finding your first job. The book starts by helping you gain a foundational understanding of cybersecurity, covering cyber law, cyber policy, and frameworks. Next, you'll focus on how to choose the career field best suited to you from options such as security operations, penetration testing, and risk analysis. The book also guides you through the different certification options as well as the pros and cons of a formal college education versus formal certificate courses. Later, you'll discover the importance of defining and understanding your brand. Finally, you'll get up to speed with different career paths and learning opportunities.
By the end of this cyber book, you will have gained the knowledge you need to clearly define your career path and develop goals relating to career progression.
What you will learnGain an understanding of cybersecurity essentials, including the different frameworks and laws, and specialtiesFind out how to land your first job in the cybersecurity industryUnderstand the difference between college education and certificate coursesBuild goals and timelines to encourage a work/life balance while delivering value in your jobUnderstand the different types of cybersecurity jobs available and what it means to be entry-levelBuild affordable, practical labs to develop your technical skillsDiscover how to set goals and maintain momentum after landing your first cybersecurity jobWho this book is forThis book is for college graduates, military veterans transitioning from active service, individuals looking to make a mid-career switch, and aspiring IT professionals. Anyone who considers cybersecurity as a potential career field but feels intimidated, overwhelmed, or unsure of where to get started will also find this book useful. No experience or cybersecurity knowledge is needed to get started.
Table of ContentsNew Career in Cyber... “Who Dis?”Which Career Field Is Best for You?Different Strokes for Different FolksExploring Certifications and CollegeGetting Hands-On Experience with No ExperienceTime to Brand Yourself – Not the Burning TypeHow to Land a Jay-Oh-Bee! Giving Back to Others and YourselfTrusting the Process
- GenresNonfiction
280 pages, Kindle Edition
Published September 13, 2021
59 people are currently reading
94 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 11 of 11 reviews
February 9, 2022
An actionable cybersecurity career guide, walking you through choosing a target role to meeting the job requirements to finding and getting a job to advancing in your career. It explains the fields available within cybersecurity, the various pathways to enter, details about education and certifications, gaining experience, and branding yourself. There are many useful resource recommendations.
The co-authors helpfully give examples of how they applied the advice given in the book. I appreciate that they're willing to point out both pros and cons of working in infosec.
The book focuses on these infosec domains: risk assessment, governance, threat intelligence, security operations, security architecture, and learning.
The book could have used more editing to improve the flow, especially because 4 people co-authored the book.
I highly recommend this book to those aspiring to an infosec career and those looking to advance their infosec career.
I requested an advance copy of this book, which I received in exchange for an honest review.
Notes
New Career in Cyber… "Who Dis?"
Cybersecurity job pros
• Flexible hours
• Great salaries
• Remote work
• Variety of cultures
• Diverse positions and specialties
• Recruiters look for you
• You can train yourself (no formal education needed)
Cybersecurity job cons
• Prereqs for even entry-level positions (e.g., SOC analyst)
• Businesses don't understand cybersecurity
• Rapid change, endless learning
• Adversaries don't take breaks
• Serious passion required
• Mental burnout due to mentally taxing work
• Easy to be jack of all trades and master of none
Which Career Field Is Best for You?
Cybersecurity domains
• Physical security
• Risk assessment
• Governance
• Threat intelligence
• Security operations
• Security architecture
• Frameworks, standards, & software
• Development
• Learning
Cyber Threat Intelligence (CTI)
Description: "companies and Threat Intelligence Analysts need to be ahead of the game by staying posted about the most recent attacks, business trends, and even global news. This helps them analyze, predict, and prevent existing and potential cyber attacks. The practice of improving cybersecurity safeguards through sharing, learning, analyzing, and forecasting cyber threats and adversaries is known as Cyber Threat Intel."
CTI components: analytics, research, intelligence.
3 types of CTI
• Tactical: Addresses attacker tactics (attack procedures, vulnerabilities, entry points). Often involves collaboration with IR team, risk analysts, IT.
• Operational: Provides in-depth, highly technical details of threats (motives, attacker tools and techniques, IOCs). Often involves collaboration with IR team, risk analysts, IT.
• Strategic: Focuses on non-technical aspects: risks, impacts, effects on organizations). Helps with defense decisions. Often involves collaboration with GRC analysts.
CTI analysts should stay updated on domestic and global news, attacks, technologies, politics.
Different Strokes for Different Folks
Government work pros
• Many interesting opportunities
• Many resources (e.g., documentation)
• Stability (low likelihood of job loss)
• Pensions (some roles)
• Training budget
• Conference travel
• Well-defined responsibilities (low likelihood of being asked to take responsibilities beyond job description)
Government work cons
• Slow hiring process
• Contract cycles (your work depends on contract renewal)
• Lower salaries than private sector
• Inability to accept gifts from vendors
• Potential to be pigeonholed
Exploring Certifications and College
You can take the CISSP before you have 5 yrs of professional cybersecurity experience, you'll just have the associate title until you reach 5 yrs.
Getting Hands-On Experience with No Experience
Infosec conferences
• Black Hat
• DEF CON
• RSA
• THOTCON
• Grayhat
• Gartner's Identity and Access Management
• CryptoCon
• BSides
Local infosec groups
• (ISC)²
• ISACA
You may be able to convince small to medium businesses to create an internship for you. Contact someone in company's IT or information security department. Explain your situation and say you'd like to help as an intern for 3-6 months. Describe your experience.
Time to Brand Yourself – Not the Burning Type
Finding your why
1. If you could be anything, what would that be and why?
2. What motivates you to achieve better things for your life?
3. When you think about your answer to #2, how does it make you feel?
#2 is your why; it motivates you to achieve #1
Setting goals
1. What's stopping you from becoming your answer to #1 above?
2. What 1-2 things can you do now to reduce or eliminate those things in the previous answer?
3. If all your barriers and fears were gone, what would your ideal title/job be?
4. How would that title/job better support your why?
How to Land a Jay-Oh-Bee!
Job search platforms
• Glassdoor
• LinkedIn
• Indeed
• Google
• ZipRecruiter
• CareerBuilder
Infosec job search platforms
• infosec-job.com
• cybersecjobs.com
• ninjajobs.com
• dice.com
• whitetruffle.com
• angel.co
Salary
• High-paying industries: banking, finance, healthcare
• Lower-paying industries: industrial, retail
• Generally, the larger the company, the higher the salary, and the wider the salary range in the company.
• Look up salary ranges on LinkedIn Salary and payscale.com.
Résumé
• Check if your résumé is ATS (Applicant Tracking System) friendly with resumeworded.com and skillsyncer.com.
• Create a master résumé that contains all your info. For each position you apply to, copy the master résumé and customize it to fit the job post.
• Quantify achievements whenever possible (e.g., reduced risk by 70%).
• List your proficiency for skills (e.g., proficient, beginner).
• Include soft skills (communication, mentorship, leadership, teamwork, etc.)
• For each project, experience, or activity, include only 3-5 bullet points (1-2 lines each).
• ResumeGenius.com has free sample résumés and cover letters.
Keep records of all jobs you apply to. Save entire job post (not just URL), as posts can be taken down.
If interview involves a technical assessment and you get stuck, say, "I'd like to do [X], but I'm not sure how to get there. Could you give me a hint?"
Behavioral interview questions
• Talk about a time you solved a conflict with a team member.
• What would you do if your team leader disagreed with you?
• What are your top strengths and weaknesses?
1-2 certificates is enough for entry-level positions.
Giving Back to Others and Yourself
Black Hat is "the professional version of DEF CON."
Cybersecurity employees typically stay with a company for 1.5 - 2 yrs. If a company's cybersecurity employees stay for less than a year, that could be a sign of a bad employer.
The co-authors helpfully give examples of how they applied the advice given in the book. I appreciate that they're willing to point out both pros and cons of working in infosec.
The book focuses on these infosec domains: risk assessment, governance, threat intelligence, security operations, security architecture, and learning.
The book could have used more editing to improve the flow, especially because 4 people co-authored the book.
I highly recommend this book to those aspiring to an infosec career and those looking to advance their infosec career.
I requested an advance copy of this book, which I received in exchange for an honest review.
Notes
New Career in Cyber… "Who Dis?"
Cybersecurity job pros
• Flexible hours
• Great salaries
• Remote work
• Variety of cultures
• Diverse positions and specialties
• Recruiters look for you
• You can train yourself (no formal education needed)
Cybersecurity job cons
• Prereqs for even entry-level positions (e.g., SOC analyst)
• Businesses don't understand cybersecurity
• Rapid change, endless learning
• Adversaries don't take breaks
• Serious passion required
• Mental burnout due to mentally taxing work
• Easy to be jack of all trades and master of none
Which Career Field Is Best for You?
Cybersecurity domains
• Physical security
• Risk assessment
• Governance
• Threat intelligence
• Security operations
• Security architecture
• Frameworks, standards, & software
• Development
• Learning
Cyber Threat Intelligence (CTI)
Description: "companies and Threat Intelligence Analysts need to be ahead of the game by staying posted about the most recent attacks, business trends, and even global news. This helps them analyze, predict, and prevent existing and potential cyber attacks. The practice of improving cybersecurity safeguards through sharing, learning, analyzing, and forecasting cyber threats and adversaries is known as Cyber Threat Intel."
CTI components: analytics, research, intelligence.
3 types of CTI
• Tactical: Addresses attacker tactics (attack procedures, vulnerabilities, entry points). Often involves collaboration with IR team, risk analysts, IT.
• Operational: Provides in-depth, highly technical details of threats (motives, attacker tools and techniques, IOCs). Often involves collaboration with IR team, risk analysts, IT.
• Strategic: Focuses on non-technical aspects: risks, impacts, effects on organizations). Helps with defense decisions. Often involves collaboration with GRC analysts.
CTI analysts should stay updated on domestic and global news, attacks, technologies, politics.
Different Strokes for Different Folks
Government work pros
• Many interesting opportunities
• Many resources (e.g., documentation)
• Stability (low likelihood of job loss)
• Pensions (some roles)
• Training budget
• Conference travel
• Well-defined responsibilities (low likelihood of being asked to take responsibilities beyond job description)
Government work cons
• Slow hiring process
• Contract cycles (your work depends on contract renewal)
• Lower salaries than private sector
• Inability to accept gifts from vendors
• Potential to be pigeonholed
Exploring Certifications and College
You can take the CISSP before you have 5 yrs of professional cybersecurity experience, you'll just have the associate title until you reach 5 yrs.
Getting Hands-On Experience with No Experience
Infosec conferences
• Black Hat
• DEF CON
• RSA
• THOTCON
• Grayhat
• Gartner's Identity and Access Management
• CryptoCon
• BSides
Local infosec groups
• (ISC)²
• ISACA
You may be able to convince small to medium businesses to create an internship for you. Contact someone in company's IT or information security department. Explain your situation and say you'd like to help as an intern for 3-6 months. Describe your experience.
Time to Brand Yourself – Not the Burning Type
Finding your why
1. If you could be anything, what would that be and why?
2. What motivates you to achieve better things for your life?
3. When you think about your answer to #2, how does it make you feel?
#2 is your why; it motivates you to achieve #1
Setting goals
1. What's stopping you from becoming your answer to #1 above?
2. What 1-2 things can you do now to reduce or eliminate those things in the previous answer?
3. If all your barriers and fears were gone, what would your ideal title/job be?
4. How would that title/job better support your why?
How to Land a Jay-Oh-Bee!
Job search platforms
• Glassdoor
• Indeed
• ZipRecruiter
• CareerBuilder
Infosec job search platforms
• infosec-job.com
• cybersecjobs.com
• ninjajobs.com
• dice.com
• whitetruffle.com
• angel.co
Salary
• High-paying industries: banking, finance, healthcare
• Lower-paying industries: industrial, retail
• Generally, the larger the company, the higher the salary, and the wider the salary range in the company.
• Look up salary ranges on LinkedIn Salary and payscale.com.
Résumé
• Check if your résumé is ATS (Applicant Tracking System) friendly with resumeworded.com and skillsyncer.com.
• Create a master résumé that contains all your info. For each position you apply to, copy the master résumé and customize it to fit the job post.
• Quantify achievements whenever possible (e.g., reduced risk by 70%).
• List your proficiency for skills (e.g., proficient, beginner).
• Include soft skills (communication, mentorship, leadership, teamwork, etc.)
• For each project, experience, or activity, include only 3-5 bullet points (1-2 lines each).
• ResumeGenius.com has free sample résumés and cover letters.
Keep records of all jobs you apply to. Save entire job post (not just URL), as posts can be taken down.
If interview involves a technical assessment and you get stuck, say, "I'd like to do [X], but I'm not sure how to get there. Could you give me a hint?"
Behavioral interview questions
• Talk about a time you solved a conflict with a team member.
• What would you do if your team leader disagreed with you?
• What are your top strengths and weaknesses?
1-2 certificates is enough for entry-level positions.
Giving Back to Others and Yourself
Black Hat is "the professional version of DEF CON."
Cybersecurity employees typically stay with a company for 1.5 - 2 yrs. If a company's cybersecurity employees stay for less than a year, that could be a sign of a bad employer.
October 22, 2025
Most of the book is common knowledge for anyone in cybersecurity, but it’s a good guide for someone new to the field
September 17, 2021
I had the honor of getting an advance copy of Cybersecurity Career Master Plan by 👉🏼 Gerald Auger, Ph.D. , Jax S , Jon Helmus , and Kim Nguyen , for the opportunity to write a review.
And, as I would expect from this crowd, the book is amazing.
If you follow or are connected to these 4, then you already know how great they are and what they bring to the table.
And if you're a fan of Simply Cyber , then you might already know the quality to expect.
This book works well for someone who has no idea what cybersecurity is, but wants to go all-in. And it's great for those who are in the industry but are not sure how to level up and get to that dream job.
The first couple chapters introduce you to cybersecurity from the ground up. It's very well written and it's quite thorough. It even gets into networking, subnetting, and cloud services.
Then there are the chapters on mentoring, connecting, building out your network and social media presence as part of your personal brand.
Going even deeper into the technical, they take you through the steps to create your own home lab and get setup with other training resources.
I highly recommend this book to anyone who is growing in their cybersecurity career.
And, as I would expect from this crowd, the book is amazing.
If you follow or are connected to these 4, then you already know how great they are and what they bring to the table.
And if you're a fan of Simply Cyber , then you might already know the quality to expect.
This book works well for someone who has no idea what cybersecurity is, but wants to go all-in. And it's great for those who are in the industry but are not sure how to level up and get to that dream job.
The first couple chapters introduce you to cybersecurity from the ground up. It's very well written and it's quite thorough. It even gets into networking, subnetting, and cloud services.
Then there are the chapters on mentoring, connecting, building out your network and social media presence as part of your personal brand.
Going even deeper into the technical, they take you through the steps to create your own home lab and get setup with other training resources.
I highly recommend this book to anyone who is growing in their cybersecurity career.
October 19, 2021
The “how to” book your career has been waiting for …
I teach Cybersecurity for CompTIA and was the product manager for the Cisco CCNA Security certification. After years in the field of doing the job of Technical support while at IBM, the inevitable layoffs came and I was faced with “what now in my 50’s.
Along came Cybersecurity and I have never looked back at the help desk. Free yourself and buy this book.
I teach Cybersecurity for CompTIA and was the product manager for the Cisco CCNA Security certification. After years in the field of doing the job of Technical support while at IBM, the inevitable layoffs came and I was faced with “what now in my 50’s.
Along came Cybersecurity and I have never looked back at the help desk. Free yourself and buy this book.
January 2, 2025
Disappointing and Overhyped: Not What I Expected
I picked up Cybersecurity Career Master Plan hoping for an insightful, technical guide to the field of cybersecurity, with introductions to technologies, areas of focus, and actionable advice for breaking into the industry. Unfortunately, this book fell far short of those expectations.
The content feels like generic career advice repackaged under a cybersecurity label. Much of it is repetitive and filled with "common knowledge" that anyone who has ever applied for a job already knows. Worse, most of the information can easily be obtained through a simple Google search or, in today's world, by asking an advanced AI like ChatGPT to provide it in an organized manner.
As a software engineer with multiple jobs under my belt, I was hoping for something tailored to transitioning into cybersecurity—a deeper dive into technologies, roles, and challenges in the field. Instead, I got surface-level career platitudes that provided no real value. For someone with no prior professional experience, this book might be marginally useful, but for anyone with a tech background, it's unlikely to teach you anything new.
If you're looking for a technical introduction to cybersecurity, this is not the book for you. Save your money and invest in a resource that provides practical, hands-on knowledge or specialized insights into the field.
I picked up Cybersecurity Career Master Plan hoping for an insightful, technical guide to the field of cybersecurity, with introductions to technologies, areas of focus, and actionable advice for breaking into the industry. Unfortunately, this book fell far short of those expectations.
The content feels like generic career advice repackaged under a cybersecurity label. Much of it is repetitive and filled with "common knowledge" that anyone who has ever applied for a job already knows. Worse, most of the information can easily be obtained through a simple Google search or, in today's world, by asking an advanced AI like ChatGPT to provide it in an organized manner.
As a software engineer with multiple jobs under my belt, I was hoping for something tailored to transitioning into cybersecurity—a deeper dive into technologies, roles, and challenges in the field. Instead, I got surface-level career platitudes that provided no real value. For someone with no prior professional experience, this book might be marginally useful, but for anyone with a tech background, it's unlikely to teach you anything new.
If you're looking for a technical introduction to cybersecurity, this is not the book for you. Save your money and invest in a resource that provides practical, hands-on knowledge or specialized insights into the field.
February 10, 2024
Very unprofessional and smacks of a cynical rush job by perhaps some cybersec influencers to sell pickaxes during a gold rush. The topics are broad and high level, for absolute beginners; there is no more (and in fact a lot less) substance here than the comments section of a Reddit post, and Reddit commenters' spelling and sentence construction is far, far better. The publishing company is some subscription based outlet for supposed learning materials that I'm sure is as useless and shallow as this book. Save your money. Learn from anything else. Don't believe the handful of friends, family, and perhaps paid shills giving this book good reviews.
February 13, 2023
There are some good points in this book. Published in 2021, some of the information will go out of date within a year or so, relative to statistics, but overall the points are valuable. I especially appreciate some of the guidelines in the "How to Land a Jay-Oh-Bee" section regarding the job search and how to handle resumes.
January 8, 2023
Truly a career master plan that should be emulated for other careers not just cybersecurity. Contain useful techniques, hacks, and tips that make you go “a-ha” and “why didn’t I think that?” moments. Excellent career management book.
December 13, 2021
It’s a great book for anyone who interested in Cybersecurity. I enjoyed reading it and taking notes.
March 3, 2023
A good introduction to cybersec career path. The book explanes to the reader all the "nitty-gritty" of this career and is full of practical advice on how to enter or pivot into cyber.
Read
June 6, 2024This is a perfect book for students, professionals, or anyone seeking to get involved in the Cybersecurity community. I recommend it to anyone who wants to make a career shift to Cybersecurity.
Displaying 1 - 11 of 11 reviews