Your Cyber Path: How to Get Your Dream Cybersecurity Job

What's next after season 2?

About this Episode

In the grand wrap-up of season two of the podcast 'Your Cyber Path', hosts Kip Boyle and Jason Dion reflect on their four-year podcast journey. They also reveal that for the time being, there won't be a season three as originally planned.

Several factors have influenced this decision, the primary being their venture Akylade – a cybersecurity certification organization. They're also experiencing increased demand for their time and energy due to factors involving Akylade and other projects. However, they highlight the intention of potentially doing a...

SDP 10: Separation of Privileges

About this Episode

In this episode of the Your CyberPath podcast, Kip Boyle and Jason Dion delve into the concept of the separation of privilege as a vital component of their series on security architecture and design principles.

Jason and Kip talk about how the separation of privilege illustrates its significance through real-world examples. They also help showcase its application in technologies, military operations, and financial transactions.

Jason also draws from his military experience to underscore the critical role of separation of privilege in SOVOT...

About this episode

In this episode, Kip Boyle and Jason Dion discuss the importance of cybersecurity in the current digital landscape and focus on comparing two different standards: The NIST Cybersecurity Framework and the CIS Top 18.

The NIST Framework was created to assist organizations in becoming cyber resilient and offers an adaptable and comprehensive approach to cyber risks. The CIS Top 18, on the other hand, provides an actionable and practical checklist of controls that is prioritized and sequenced.

Both of these frameworks provide us with cybersecurity measures that can be used...

In this episode, Kip and Jason cover the Security Design Principle of “Least Common Mechanism”.

The Lease Common Mechanism is the ninth security design principle and focuses on how you can best protect older, legacy systems in large organizations and within the government.

Security Design Principle #9 is a crucial concept in the field of cybersecurity. It advocates for minimizing the amount of mechanisms shared by different users or processes, thereby reducing the chances of a security breach. This principle is rooted in the idea that shared resources or functionalities can become potential vulnerabilities, especially if they...

https://www.yourcyberpath.com/112/

In this episode, Kip and Jason jump into answer questions directly from our listeners!

We share valuable advice and insights into starting and advancing in the cybersecurity field by addressing ways to overcome some common challenges such as imposter syndrome, applying skills from diverse industries, and filling employment history gaps. 

Further, you will get some guidance on gaining relevant experience, understanding job roles, tackling age bias, and displaying self-confidence to potential employers. 

We will then culminate with some valuable tips on overcoming technical skill gaps and making suc...

https://www.yourcyberpath.com/111/

In this episode, Kip and Jason delve into the specific security design principle of Open Design.

Open Design does not equate to open-source software but refers to transparency in revealing the mechanisms and inner workings of security controls.

The hosts discuss the misconceptions surrounding Open Design, emphasizing that it does not require disclosing source code but rather the transparency of security mechanisms. They also stress that Open Design encourages outsiders to review and provide feedback, ultimately enhancing the security of the system.

Kip shares an example of...

https://www.yourcyberpath.com/110/

In this episode, hosts Kip Boyle and Jason Dion discuss the topic of ageism in cybersecurity careers. They address a listener's question about whether it is too late for a career change into cybersecurity at the age of 60-65. The hosts acknowledge that ageism does exist in the industry, but they provide tips and strategies for older individuals to overcome this challenge.

First, they advise career changers to identify their transferable skills and highlight them on their resumes. They also recommend choosing job titles carefully, avoiding entry-level positions that may be...

https://www.yourcyberpath.com/109/

In this episode, we are returning to the Security Design Principles series, this time with Complete Mediation.

Complete mediation means the system checks the user trying to access a file or perform an action is authorized to access this file or perform this action.

Complete mediation is also implemented in the security reference monitor (SRM) in Windows operating systems. The SRM checks fully and completely that a user has access to perform an action each time they try to perform it.

It also ties back to one...

https://www.yourcyberpath.com/108/

In this episode, we discuss a critically important topic which is Selfcare.

Cybersecurity is a great career, however it is not 100% stress free, burning out and working yourself into oblivion is very common. In this episode our hosts Jason and Kip give you some tips to make sure you have your selfcare in check.

The first thing you should do is take time off. It's common to see people who don’t take any time off, and over time it can easily get to you without you being able to...

https://www.yourcyberpath.com/107/

In this episode, we go back to the Security Design Principles series, this time we are discussing Failsafe Defaults.

Failsafe defaults simply means that the default condition of a system should always be to deny.

An example of a failsafe default is the security reference monitor (SRM) that has been implemented in Windows operating systems since Windows NT. The SRM prevents access to any actions like logging on, accessing a file, or printing something unless the user presents a token to prove that they should have access to a...

https://www.yourcyberpath.com/106/

In this episode, we are discussing the much-anticipated topic of Internships!

Internships are not that common in cybersecurity and that's because they are a huge long-term investment, which is risky for lots of organizations especially in the private sector.

Some of the issues that come along with internships are the time and resources that must be invested, and on the side, the risk of all these resources being blown away when the intern decides to not continue with the organization.

You can also expect not to see...

https://www.yourcyberpath.com/105/

In this episode, we are returning to the Security Design Principles series, this time with Work Factor.

Work factor refers to how much work it’s going to take an adversary to attack your assets and succeed in doing so. This is coming directly from the world of physical security that was imported into the cybersecurity realm.

What you need to understand is you don’t need perfect security. You don’t have to create an impregnable system (if that even existed) to be able to protect yourself from most d...

https://www.yourcyberpath.com/104/

In this episode, our awesome host Jason Dion is back again with another episode of the Your Cyber Path podcast. This time, he’s accompanied by an amazing guest, Meridith Grundei. Meridith is a renowned public speaking coach and owner of Grundei Coaching who specializes in public speaking and presentation skills.

Meridith explains that understanding your client and doing your due diligence of research and studying will help you immensely in your attempts to simplify any complex concept to any level of audience. You need to figure out your objective, point ou...

https://www.yourcyberpath.com/103/

In this episode, we are back with our Security Design Principles series, this time discussing Compromise.

In the constantly evolving tech world, we are constantly bombarded with new products, updates, and software changes. To navigate through this ever-changing landscape, we require a foundation of stability. This is precisely where the Security Design Principles step in.

In simple words, Compromise Recording simply refers to the logging and alerting. If you are familiar with the three As of security - Authorization, Authentication, and Accounting, Compromise Recording refers to the Accounting part...

https://www.yourcyberpath.com/102/

In this episode, we are back with one of our favorite guests, Ed Skipka, to talk about his latest achievements, studying and passing both CISSP and CISM exams.

To start, Ed goes on about how you should find your own way of studying and figure out the most efficient way to digest information, whether that is online video training, reading books, or attending bootcamps. Finding a study route that you enjoy is one of the easiest ways to ensure you stay on track.

He then goes on to explain...

https://www.yourcyberpath.com/101/

In this short episode, we are back discussing the Security Design Principles, with the third principle, Economy of Mechanism.

Jason and Kip explain the principle of Economy of Mechanism and how you want to apply it in your career as a cybersecurity professional without falling into the trap of overcomplicating things and most importantly, staying within the limits of your budget.

You should always keep things simple and practical and focus on providing value instead of following tedious complex processes.

Economy of Mechanism can be simplified in...

https://www.yourcyberpath.com/100/

We're celebrating the 100th episode of Your Cyber Path podcast with a special edition episode. It's going to be a little different this time.

We are going to sit back and reflect on all our 100 previous episodes and take in the things that we learned, so basically welcome to the highlight reel of the Your Cyber Path podcast!

Our hosts are Kip Boyle, a cybersecurity hiring manager who started in the Air Force, and Jason Dion, who has over 20 years of experience in the defense industry, including positions at...

https://www.yourcyberpath.com/99/

In this episode, we are going over the latest trend in AI and NLP, ChatGPT, with our guest, Sean Melis, seasoned multi-modal developer and designer and the founder of bot•hello.

In the beginning, Sean explains how chatbots work and the main difference between them and ChatGPT, explaining that ChatGPT leverages a huge dataset, unlike chatbots that use canned responses.

However, it is worthy of mention that although ChatGPT is very beneficial and could prove useful to a lot of people, it is still a computer. It might not al...

https://www.yourcyberpath.com/98/

In this episode, we are back discussing Security Design Principles, and this time we are focusing on Psychological Acceptability.

The Security design principles are crucial for your work as a cybersecurity professional, they will not only help you do really well, they will also help your work stand out.

Psychological Acceptability is defined as “the protection mechanism should be easy to use, at least as easy as not using it” and here comes the struggle of wanting to make controls easier to use while still providing high level security.

https://www.yourcyberpath.com/97/

In today’s episode, we discuss the emerging topic of passwordless authentication with our guest James Azar, CTO and CSO of AP4 group who are well known for their work in critical infrastructure.

Passwords have been here for decades, but with the ever-changing nature of the technology industry, passwords are becoming a little weak for our needs.

Our hosts take the time to discuss what passwordless authentication is, how it can be implemented, and why there is a move towards passwordless.

After that, they go over the is...

https://www.yourcyberpath.com/96/

In this episode, we unpack the first of the Security Design Principles, Least Privilege.

If you have never heard of it before, Least Privilege is the act of giving a person the most minimal amount of privilege for them to be able to do their job.

Our hosts take the time in this short episode to discuss the ups and downs of Least Privilege and why it’s not utilized as widely as it should be.

Then they go over how Least Privilege should be implemented at ho...

https://www.yourcyberpath.com/95/

In the beginning, our hosts Jason Dion and Kip Boyle talk a little bit about their new company Akylade, which is going to provide affordable cybersecurity training. They discuss their initial motivations to start the company, what the plan for the company is, and what's the road map for Akylade.

Then, we get into the topic of our episode, introducing our guest, Samuel Bodine, a cybersecurity sophomore, and the leader of the cyber defense team at Liberty University in Virginia.

Sam discusses the different aspects of the competitions they...

https://www.yourcyberpath.com/94/

To start off this episode, our hosts go on a short chat about ChatGPT and how it can be useful for cybersecurity professionals and job hunters. They also highlight the difference between transitional and transformational tech.

Then, they get into the episode topic which is an introduction for a 10-part series that is going to come out in the following months which is Security Design Principles.

Kip mentions in the beginning how these design principles are not laws, but they are very important guardrails for the safety of any...

https://www.yourcyberpath.com/93/

In this special episode, we are going to share with you a live webinar hosted by the North Texas Information Systems Security Association. They invited our own Jason Dion and Kip Boyle for the CyberWIDE Panel’s InfoSec Certification Soup to discuss careers, hiring, resumes, and of course, certifications.

We begin the episode with a brief discussion of how Jason and Kip got into the world of cybersecurity, moving over to some valuable information about how you should go about starting your cyber career and how to know which career is fi...

https://www.yourcyberpath.com/92/

In this short episode, our hosts Jason Dion and Kip Boyle discuss the critically important topic of password managers.

In the beginning, Jason quickly describes password managers, their use cases and how they work, highlighting both the security and convenience aspects of using a password manager.

Then, Kip goes over how to choose a password manager and what criteria you should consider when choosing the best software, emphasizing that attack resistance comes first, and all other criteria comes second to it.

After that, our hosts discuss the...

https://www.yourcyberpath.com/91/

Haseeb Awan is the Founder & CEO at EFANI Secure Mobile. In this episode, we'll hear about Haseeb's cyber path, and we'll explore some of the biggest mobile phone risks and what you can do about them.

In the beginning, Haseeb tells the story of how his phone number was compromised not once, not twice, but three times, with basically the same type of attack and how that forced him into cybersecurity.

Then, Kip and Haseeb go over some of the risks that mobile users can be a victim of...

https://www.yourcyberpath.com/90/

In this episode our host Jason Dion goes over the very exciting topic of how to get your first job as a Pentester with Chris Horner, banking expert turned Security engineer and Penetration tester and together they go through Chris's background, how he got into banking and why he made the switch to Cybersecurity.

Chris discusses his transition story and how it's not the cliche zero to hero in 90 days, explaining that it took him a long time to transition where he is today, highlighting that his networking experience and soft...

https://www.yourcyberpath.com/89/

In this episode our host, Jason, interviews Ayub (@WhiteCyberDuck) about how he got into the Cybersecurity industry

This time we go over a very common case where people tend to study something in college that does not relate to Cybersecurity and then shift over to the Cyber world after graduation.

Ayub mentions that you are going to have to deal with a lot of silence and rejections when applying for your first job and that it took him 134 applications to get only 5 interviews.

A CTF or Capture...

https://www.yourcyberpath.com/88/

In this episode we arrive at the end of our five-part series talking about the CIA NA Pentagram, this time discussing the last pillar, Authentication.

Authentication is always associated with passwords and how you can prove that you are who you say you are.

When you hear Authentication, always have things like tokens, digital certificates, multi factor authentication or two factor authentication in mind but remember that Authentication will keep changing and evolving over the years and new ways, techniques or protocols could be introduced to the field.

https://www.yourcyberpath.com/87/

In the fourth video of this five-part series discussing the CIA-NA pentagram, Kips and Jason talk about nonrepudiation.

In simple terms, nonrepudiation means you can't say you didn't do the thing that you did.

Jason and Kip go over some examples of nonrepudiation in both the physical realm and the digital world highlighting that you should always use some type of example when you're asked about a specific term like nonrepudiation.

They also dive deep into digital signatures, public keys, and how these are utilized in software...

https://www.yourcyberpath.com/86/

In this episode, Kip and Jason discuss everything that makes the A in the CIA Triad, Availability.

Availability is when you like to use a system and it's there ready for you to use, because no matter how secure a system is, if you cannot access it when you need to, it serves no purpose.

Kip explains how the way you think about availability is also going to change depending on the industry you're in and the niche you interact with the most.

Jason mentions some terms...

https://www.yourcyberpath.com/85/

In this episode, Kip and Jason discuss the second pillar of the CIA pentagram, Integrity.

 The whole idea of integrity is making sure any entity that you interact with has not been modified after creation and exists where it needs to be.

 Jason mentions how it's not always a perfect balance between all the pillars of the pentagram but depending on the real-world situation, the solution tends to lean towards one or more of the pillars.

 Kip explains how digital signatures work and what are the best use...

https://www.yourcyberpath.com/84/

In this short episode, Jason and Kip discuss the first aspect of the CIA Triad which is Confidentiality.

 They break down the critically important confidentiality point and how it works in the real world, highlighting that it's not about the information itself but more likely about where that information is in the flow.

 They also mention how confidentiality is brought up in certification exams and how it's always connected to encryption.

 They finish up by doing some mock interview questions about things like secure erase, encryption, and sec...

https://www.yourcyberpath.com/83/

In this episode, we go more in depth with the NIST RMF, answering extremely important questions about the different steps of the process and the checklist mentality that can be developed when implementing RMF.

Rebecca Onuskanich, CEO of the International Cyber Institute, is here to share with us some of her knowledge gained throughout her 20 years of experience with security compliance and how eMASS is used to implement RMF and its real-world adaptation.

Alongside Kip, Rebecca goes over her experience with RMF discussing how different backgrounds can influence the...

https://www.yourcyberpath.com/82/

In this episode, we get to learn about our guest’s inspirational story as he went from truck driver to Cybersecurity Analyst in less than 15 months.

Mike Hillman, former truck driver and current SOC Analyst, goes over his exact roadmap to transition into Cybersecurity without any previous experience, the certifications he acquired, and the courses he took.

Jason and Kip share with us how hiring managers think when they are looking for a new hire, and highlight some of their tips to get hired with no experience.

Yo...

https://www.yourcyberpath.com/81/

In this episode, we listen to Kip and Ed go over how Ed managed to get a 25% pay raise in a very short period of time and the whole details of his situation.

Edward Skipka, a vulnerability management analyst, goes over his experience and how he managed to double his pay in just over two and a half years. He highlights that doing your best and solving problems can take you to another level within your company.

Kip mentions how some skills, like curiosity, can’t be taught and th...

https://www.yourcyberpath.com/80/

In this episode, Kip and Jason, along with special guest Drew Church, take a closer look at the NIST risk management framework to help facilitate selecting the right kind of security for your system and help clarify how to direct resources towards the right controls.

Drew Church, RMF expert and global security strategist at Splunk, is here to talk about the different steps of RMF, the importance of preparation work, and understanding the bigger picture of what you want your system to accomplish.

They also go through the seven...

https://www.yourcyberpath.com/79/

In this episode, Kip and Jason are joined by Steve McMichael who has rapidly climbed the cybersecurity career ladder. Within 2 years, Steve was able to move up to the position of Director of Governance, Risk, and Compliance for a large, publicly traded company after transitioning from a position in accounting and financing.

They talk about governance, risk, and compliance (GRC) and how those are applied within enterprise-level organizations. Steve also talks about how GRC is conducted at his organization and how they work across numerous departments to achieve their goals.

https://www.yourcyberpath.com/podcast/78/

In this episode, Kip and Jason, with special guest Deidre Diamond from CyberSN, talk about the current state of the cybersecurity industry in regards to hiring. CyberSN is a digital platform that aims to match potential employers with skilled candidates in order to help close the cybersecurity talent gap. 

Deidre Diamond, the founder of CyberSN, has spent decades as a cybersecurity staffing and leadership expert. She is a passionate advocate for building diverse, multi-talented teams, and her company works hard to match the right candidates with their dream employers. 

...

https://www.yourcyberpath.com/podcast/77/

In this episode, Kip and Jason, with special guests Max Shuftan and Winnie Yung, talk about what a talent pipeline is and why hiring managers should be using a solid talent pipeline in order to bring in new people into the cybersecurity industry to meet their staffing needs.

 Max Shuftan, director of Mission Programs and Partnerships at the SANS institute, is here to talk about how their organization helps people get into cybersecurity through the use of their talent pipeline. Our other guest, Winnie Yung, is a graduate of SANS I...

https://www.yourcyberpath.com/podcast/76/

In this episode of Your Cyber Path, Kip and Jason discuss the world of cybersecurity certifications and how you can determine the proper path for you to follow. We bust the myth that the Security Certification Roadmap by Paul Jerimy is a proper roadmap from left to right to follow…but it isn’t!

A certification roadmap or pathway should be something that allows you to outline the skills and certifications you will need in your career for the next few years. A roadmap gives you a plan to follow and...

https://www.yourcyberpath.com/podcast/75/

In this episode, Kip and Jason talk about the value of university degrees in the cybersecurity career. This topic does come up all the time in discussions or when people come up to Kip or Jason and ask them the same thing. And there really is no single answer that would fit everyone because a degree can either hurt or help, depending on the context.

Some people ask whether certifications are better than degrees and vice versa, or whether they need a degree or not. But it really depends on...

https://www.yourcyberpath.com/74/

In this episode, the discussion between Kip and Jason is about the top five mistakes people are making when it comes to negotiating their pay. You need to know what mistakes to avoid when discussing your compensation because it can set you up for a bad experience and affect you for years.

When you start a new position, this is usually when you can take advantage of negotiating your salary. It is important to note that when it comes to annual raises, the likelihood of you receiving a high...

https://www.yourcyberpath.com/73/

In this episode, the discussion between Kip and Jason is about the top five things that will make you stand out from other applicants. These tips will definitely help you get ahead of the pack and have an edge in your job application.

In your job hunting, you want to be an irresistible candidate from the hiring manager's perspective. These top five things will separate you from other applicants. These will make the hiring manager want to have you on their team.

While your application starts with...

https://www.yourcyberpath.com/72/

In this episode, the discussion between Kip and Jason is about DISC profiles.

You need to understand how important it is to choose the right job for you based on your personality.

These are some of the questions you might want to ponder to help you decide what you want.

Do you like to interact with people throughout the day? Do you just want to sit in front of your computer and be left alone all day long? Are you a team player? Do you get tired...

https://www.yourcyberpath.com/71/

In this episode, we are focused on how to make a good impression on your first day at work. Kip and Jason talk about what you can do to impress the organization that you will be working with.

Show the hiring manager who you are while on the job and make a good impression. Know that it's not just your people skills that matter, but also your professionalism, like showing up on time, dressing appropriately, being courteous, and being friendly to everyone. Demonstrate your technical skills and be results-driven. Know where...

https://www.yourcyberpath.com/70/

In this episode, we are focused on job titles. It is important to know the job you are doing, but the job title doesn't really matter that much.

Do realize that there's not just one type of cybersecurity job out there. Even if you know the job by title, it doesn't mean that it is any different from another cybersecurity job. If you are keen on details, you will know what the differences are between job titles.

Kip and Jason talk about five cybersecurity positions so that you will...

https://www.yourcyberpath.com/69/

In this episode, the focus of discussion is what Nancy Hunter, the Vice President, Chief Information Officer, and Data Privacy Officer of the Federal Reserve Bank of Philadelphia looks for in a cybersecurity job seeker at the entry level. According to her, there are transferable skills and personality traits that they find relevant that a job seeker must have.

The discussion also includes what traits and experience to look up to in a mentor, where to look for a job at entry level and several affiliates that you can...

https://www.yourcyberpath.com/68

In this episode, Jason and Kip are focused on how you can demonstrate true passion for cybersecurity. They discuss the six things that you must avoid as they are considered red flags by a hiring manager. These red flags must be avoided at all costs, otherwise they will instantly land you in a hiring manager’s “reject” pile.

https://www.yourcyberpath.com/67

In this episode, we are focused on what the real world looks like in cybersecurity supply and demand and the role of geography and location when looking for a cybersecurity job.

Jason Dion will walk us through cyberseek.org for a cybersecurity job. He will discuss how to explore the heatmap of the site so that you will understand why you need to consider the location, given data about a certain position, and even certifications when hunting for a job.

For those who don’t want to relocate but wo...

https://www.yourcyberpath.com/66

In this episode, we are focused on how to make yourself into an irresistible candidate for hiring managers. Today, Naomi Buckwalter, another hiring manager, joins Kip and Jason.

What do hiring managers really look for candidates? What makes them irresistible to hire? All the hiring managers in this episode are saying that soft skills, aptitude, and integrity matter. Hence, to be irresistible, you should be the person you have written on your resume.

Experience is also important. If you want to be a penetration tester, then you need to...

https://www.yourcyberpath.com/65

In this episode, we are focused on preparing for a role in a security operations center (SOC). To be effective in a SOC, you need to understand how everything works, including promotions, how to work with other people, the skills you need to be hired in the first place, and a good understanding of the tools to use to perform the job successfully.

When working for a security operations center, you usually need to be willing to work 24/7/365, since cybersecurity analysts often work on shifting schedules. After all, the...

https://www.yourcyberpath.com/64

In this episode, our special guest, Sebastian Whiting will talk about his mid-career transition into the cybersecurity industry. In his previous career, he was in the Navy working on nuclear submarines, and now he is working as a cybersecurity analyst.

 Together with Kip and Jason, Sebastian covers the step-by-step process of what he did to transition from one career field to another. If you are like Sebastian was and working in a career that you aren’t passionate about, you will learn how to shift your passion into the world of cyb...

https://www.yourcyberpath.com/63

In this episode, we discuss the top five reasons why you may not be getting a job in the cybersecurity industry right now. After working in the cybersecurity industry for many years, Kip and Jason have identified the five most common reasons that a person does not land their dream cybersecurity position. Job seekers often do not see the bigger picture or understand the challenges that the hiring manager has in filling the position, which is one of the main things that keeps them from their dream job.

To help you...

https://www.yourcyberpath.com/62

In this episode, we cover the importance of the NIST Cybersecurity Framework (NIST CSF) and its use in managing risk as a business process within your organizations. The NIST Cybersecurity Framework was developed by the National Institute of Standards and Technology in collaboration with cybersecurity experts across the world.

The framework is divided into three parts: the Framework Core, the Framework Implementation Tiers, and the Framework Profile. The Framework Core contains the five concurrent and continuous functions performed by a cybersecurity organization: identify, protect, detect, respond, and recover. The Framework Implementation...

https://www.yourcyberpath.com/61

In this episode, we talked with John Strand (Founder of Black Hills Information Security and Antisyphon InfoSec Training) about the importance of skills-based certification and training. John’s goal is the provide world-class skills-based training to everyone at an affordable price using a unique pay-what-you-can model.

Skills-based certification is different from traditional certifications in that they do not use multiple-choice exams to test your knowledge of the material and instead require candidates to prove their knowledge through real-world, work-related exercises. These skill-based certification courses are short in duration and extremely hands-on in...

https://www.yourcyberpath.com/60

In this episode, we discuss the top five positions that allow you to two-step your way into a new role in the cybersecurity industry. Often, people have a difficult time breaking into the cybersecurity industry due to the lack of entry-level positions or they can’t afford to take start at the beginning of a traditional career path by making $15/hour working in the help desk.

By utilizing a two-step approach to landing a cybersecurity position, you can leverage your existing skills to move laterally into a similar position in a cy...

https://www.yourcyberpath.com/59

About This Episode

In this episode, we learn about the five things you should know before getting a job in the cybersecurity industry.

First, we discussed what the reality is in terms of entry-level cybersecurity jobs. Even entry-level cybersecurity roles require previous experience in a related position. These include network administrator, system administrator, or auditor, and show employers you are ready to move into cybersecurity. Unlike many industries, there is no direct entry-level positions in cybersecurity, and this can confuse a lot of people and make it...

https://www.yourcyberpath.com/58

In this episode, we’re going to learn how one person was able to overcome the catch-22 of getting a cybersecurity job when you don’t have experience, but you cannot get experience because no one will hire you. 

Our guest, Ed Skipka, a professional vulnerability management analyst, shares his personal experience of how he overcame this catch-22 and provides some great recommendations for others who find themselves in this same position. 

So, how does someone get the position if you didn't already have experience?

During the interv...

https://www.yourcyberpath.com/57

About This Episode

In this episode, we are discussing the different hiring seasons in the cybersecurity industry. After all, understanding the different hiring seasons is essential to reaching your goal of getting hired into your dream cybersecurity role. Many people don’t realize that there are high periods and low periods of hiring throughout the calendar year, so in this episode we are going to discuss the three key hiring periods that occur each year and the reasons behind them. 

Looking for a job can be challenging, so...

https://www.yourcyberpath.com/56

In this episode, we provided an introduction to cybersecurity careers in the defense sector within the United States. This discussion can provide you with a great starting point for understanding how to get a cybersecurity position within this sector of the industry.

The defense sector consists of three main categories of positions: military members, government civilians, and government contractors. The defense sector is a huge area of growth in the cybersecurity industry, with over 50% of all federal government cybersecurity spending being dedicated to the Department of Defense’s budget for digital se...

https://www.yourcyberpath.com/55

In this episode, we are focused on the ever-divisive question of the importance of certifications in the cybersecurity industry. The answer to this question has changed over time from certifications being unimportant, to them being extremely important, to well, it depends.

Certifications can be extremely important for several reasons, including their ability to help your resume get through the Applicant Tracking System (ATS) filters used by the human resources and recruiting team, but they are not a silver bullet that will instantly land you a job.

As Jason Dion...

For the past year, my good friend Wes Shriner has been my cohost. We’ve created some great episodes together, which I hope have helped you. These days Wes is super busy in his new role as Chief Information Security Officer, and I couldn’t be happier for him. So now that Wes has graduated from being my cohost, I’ve invited Jason Dion to cohost. 

Some of you may already know about Jason from his online certification prep courses. Maybe you’re already a customer of his? Well, it turns out that Jason is much more tha...

For the past year, my good friend Wes Shriner has been my cohost. We’ve created some great episodes together, which I hope have helped you. These days Wes is super busy in his new role as Chief Information Security Officer, and I couldn’t be happier for him. So now that Wes has graduated from being my cohost, I’ve invited Jason Dion to cohost. 

Some of you may already know about Jason from his online certification prep courses. Maybe you’re already a customer of his? Well, it turns out that Jason is much more than a ce...

"This week we have hosts, Kip Boyle, CEO of Cyber Risk Opportunities, Jake Bernstein, CISSP from K&L Gates, and Chris Brumfield, CPCU, ARe, a Professional Liability Advisor and no-fee independent insurance broker present a rapidly changing yet crucial cyber risk management tool in this CLE recording from September 15th, 2021.

All cyber risk managers need to understand Cyber Insurance, and so should all of us!

This is the second CLE we have hosted in a webinar format, and will be doing another one on December 15, 2021! If you want to be a part of this...

"This week we have hosts, Kip Boyle, CEO of Cyber Risk Opportunities, Jake Bernstein, CISSP from K&L Gates, and Chris Brumfield, CPCU, ARe, a Professional Liability Advisor and no-fee independent insurance broker present a rapidly changing yet crucial cyber risk management tool in this CLE recording from September 15th, 2021.

All cyber risk managers need to understand Cyber Insurance, and so should all of us!

This is the second CLE we have hosted in a webinar format, and will be doing another one on December 15, 2021! If you want to...

This week we are highlighting one of our popular episodes!

First covered back in Episode 40, we covered the topic of Security Awareness Training, and wanted to revisit it again in this epsiode.

Looking for a nontechnical job in Cybersecurity?! This might be a good option for you! In today's episode, we have a very special guest, Gabriel Friedlander, the founder of Wizer Security and Co-founder & CTO of ObserveIT. Join experienced hiring managers, Wes Shriner, Kip Boyle, and Gabriel Friedlander as they explore Governance Risk and Compliance (GRC) and Security Awareness and training from the Common...

In episode 50, we showed you the first half of Kip's presentation with Ritsumeikan Asia Pacific University, where Kip talked with the students about Cybersecurity Management. This is the second half of this 2 part series, where we did open Q&A. They asked a lot of good questions!  

 If you missed the first half, check out EP 50 here: https://youtu.be/HmS4AuGrD-c  

Interested in my book?! It is available in paperback, kindle, and audible. 

Check it out here: https://www.amazon.com/Fire-Doesnt-Innovate-Executives-Practical-ebook/dp/B07M7KTZWX     

Can playing capture the flag als...

"Recently, I was asked to be a guest speaker for Professor Kevin Cooney at Ritsumeikan Asia Pacific University, to talk with his students about Cybersecurity Management. I have split this up into two sections, the first half which is this episode is the lecture and then the next podcast will be the open Q&A I did with them. I was so honored to talk with this group of students and to learn that they have been using my book, Fire Doesn't Innovate, as one of their textbooks.

Interested in my book?! It is available in paperback...

In today’s episode I want to answer a common question that I get: “Why do all the cybersecurity job postings ask for 5 years of experience but they're labeled as entry level positions?”

Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! 

Check out our step-by-step guide: https://www.YourCyberPath.com/pdf

---

Send in a voice message: https://anchor.fm/yourcyberpath/message

Due to recent Cyber Attacks, we are going to share a replay of a continuing legal education course that Kip Boyle and Jake Bernstein have recently done. In this session, they will walk you through two different ransomware attacks that they have handled in ordinary language. This will include how the attack started, how the client recovered, and what the role of the attorney is throughout the incident.                                                                                                                                                                                                                                                                                            Download slides from previous episodes here: https://try.YourCyberPathcom/cyber-org

---

Send in a voice message: https://anchor.fm/yourcyberpath/message

Our guest Marc Menninger joins Kip Boyle in this episode. Marc is the Director of Information Security with A Place For Mom. He is also a cybersecurity hiring manager. Listen to the tips he gives on how to use your transferrable skills and present yourself during an interview!   

Download slides from previous episodes here: https://try.YourCyberPathcom/cyber-org  

Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf

---

Send in a voice message: https://anchor.fm...

Our guest Arthureen Brown joins Kip Boyle in this episode. Arthureen is a Business Information Security Officer (BISO) with Altria. She is also a cybersecurity hiring manager. Listen to the tips she gives on how to get your resume noticed through the applicant tracking system AND her bonus tips on how to present yourself during an interview!  Download slides from previous episodes here:

https://try.YourCyberPathcom/cyber-org  

Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! 

Check out our step-by-step guide:  https://www.YourCyberPath.com/pdf

...

Today Kip Boyle is joined with Glen Sorensen to look at three anonymous, but real, resumes of people trying to get their dream cybersecurity job. What makes a good resume? How can your resume start making you appear irresistible to hiring managers? Listen to today's podcast for the scoop.

Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? 

Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf

---

Send in a voice message: https://anchor.fm/yourcyberpath/message

Kip Boyle and Wes Shriner are on vacation this week, so we're going to revist one of their most popular episodes together. Do you know all the different jobs inside a typical large company cybersecurity department? And, which ones are a good fit for you? In what was the first of a brand new series of episodes, Wes and Kip will take you on a grand tour so you can find out what's going on behind that locked cybersecurity career door...                                                                  

Download the slides here:    

https://try.yourcyberpath.com/cyber-org Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check...

Kip Boyle and Wes Shriner talk more about the Service Catalog specifically number 15, Threat Intelligence with the help of our two guests, Mike Sheward, an enthusiastic Information Security Leader, and Gary Brown, an Intelligence Officer, US Airforce, Ret'd.  

We will go over: 

◾ Threat Intelligence Reporting 

◾ The Intelligence Cycle 

◾ Threat Intelligence Processes 

◾ Positions in Threat Intelligence 

◾ Diamond Model 

Comment below and share what you thought about today's episode!  

LinkedIn Profile of our Guests: https://www.linkedin.com/in/mikesheward/ https://www.linkedin.com/in/gary...

Kip Boyle and Wes Shriner talk more about the Service Catalog specifically number 10, Security Strategy in Architecture with the help of our guest, Peter H. Gregory. He is has written about 50 different articles and books on Cybersecurity. He is a wealth of knowledge! So strap in and let's learn all about Security Strategy in Architecture! 

There are 3 Types of Architects that we will go over: 

◾ Enterprise Architect, Security 

◾ Security Strategy Architect 

◾ Security Solution Architect 

Note: there is a 4th but it is actually covered in service catalog #11 Solution Engineering and Archite...

Kip and Wes are on the vacation this week, so instead, you get a very special episode where we are sharing with you an interview we have done in one of our recent Your Cyber Path Office Hours in our Masterclass, How to get your Dream Cybersecurity Job. We are interviewing my friend, Mike Sheward who is a highly experienced network penetration tester, he finds vulnerabilities in web apps and the infrastructure they are hosted on.

---

Send in a voice message: https://anchor.fm/yourcyberpath/message

Looking for a nontechnical job in Cybersecurity?! This might be a good option for you! In today's episode, we have a very special guest, Gabriel Friedlander, the founder of Wizer Security and Co-founder & CTO of ObserveIT. Join experienced hiring managers, Wes Shriner, Kip Boyle, and Gabriel Friedlander as they explore Governance Risk and Compliance (GRC) and Security Awareness and training from the Common Security Service Catalog.

Download the slides here: https://try.yourcyberpath.com/cyber-org​ 

Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide:  http...

All security begins with a Policy! In today's episode, we will be exploring a Policy Administrator position and what you should know about it with the help of our friend Torin Larsen.

Download the slides here:    https://try.yourcyberpath.com/cyber-org

---

Send in a voice message: https://anchor.fm/yourcyberpath/message

Wes recently went looking for his dream cybersecurity job. We’re going to tell you his story. There are quite a few lessons he learned and will share with you. 

You can see us on YouTube:  https://www.youtube.com/YourCyberPath 

Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf

---

Send in a voice message: https://anchor.fm/yourcyberpath/message

Some of the best "entry level" cybersecurity jobs are found in the Security Operations department. In this episode, Kip and Wes will give you a tour with the help of our guest, Steve Winterfeld. 

NEW: You can see us (and the slides) on YouTube:  https://www.youtube.com/YourCyberPath 

Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf

---

Send in a voice message: https://anchor.fm/yourcyberpath/message

Today, we’re going to explain what the Product Security organizational unit does. And we’ll do that with the help of our friend and expert Matt Clapham. NEW: You can see us (and the slides) on YouTube:

https://www.youtube.com/YourCyberPath

Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide:

https://www.YourCyberPath.com/pdf

---

Send in a voice message: https://anchor.fm/yourcyberpath/message

Today, we’re going to focus on the Governance, Risk, and Compliance function. Also called “GRC” with help from our friend and expert Shan Sankaran. 

NEW: You can see us (and the slides) on YouTube:  https://www.youtube.com/YourCyberPath 

Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: https://www.YourCyberPath.com/pdf 

Here's the story of Steve McMichael, who went from accounting to an excellent GRC job: https://www.YourCyberPath.com/steve

---

Send in a voice message: h...

What jobs are in the Security, Engineering, Architecture, and Test organizational unit? In this episode, Kip and Wes break it down with our guest, Brad Gobble, an experienced hiring manager for this org unit. NEW: You can see us (and the slides) on YouTube: 

https://www.youtube.com/playlist?list=PLK1Bn1577F9nbrTcYHYKdXtl4aw79HjZn 

Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: 

https://www.YourCyberPath.com/pdf

---

Send in a voice message: https://anchor.fm...

If you want to know where's the most opportunity in a typical cybersecurity organization, follow the money. In this episode, Kip and Wes unpack where the money is spent which will help you figure out where break-in. NEW: You can see us (and the slides) on YouTube: 

 https://www.youtube.com/playlist?list=PLK1Bn1577F9nbrTcYHYKdXtl4aw79HjZn 

Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: 

https://www.YourCyberPath.com/pdf

---

Send in a voice mess...

There are 23 different services performed by a typical large company cybersecurity department. Which ones are best for people who are new to the career field? Wes and Kip tell you in today's episode. NEW: You can see us (and the slides) on YouTube: 

https://www.youtube.com/playlist?list=PLK1Bn1577F9nbrTcYHYKdXtl4aw79HjZn

Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide: 

https://www.YourCyberPath.com/pdf

---

Send in a voice message: https://anchor.fm/yo...

Do you know all the different jobs inside a typical large company cybersecurity department? And, which ones are a good fit for you? In this first of a brand new series of episodes, Wes and Kip will take you on a grand tour so you can find out what's going on behind that locked door. NEW: You can see us (and the slides) on YouTube:  

https://www.youtube.com/playlist?list=PLK1Bn1577F9nbrTcYHYKdXtl4aw79HjZn 

Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our ste...

Our guest hiring manager Anna-Lisa Miller shares her 4-point plan for how to get a cybersecurity job that really fits you.

https://www.linkedin.com/in/anna-lisa-miller

Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide:

https://www.YourCyberPath.com/pdf

---

Send in a voice message: https://anchor.fm/yourcyberpath/message

The best way to get your resume in front of a hiring manager often requires you to connect with that person, or a member of their team. Our guest Glen Sorensen tells us how to do that on LinkedIn in four easy steps.

https://www.linkedin.com/in/glensorensen861398/

Can playing capture the flag also give you cybersecurity job hunting success on LinkedIn? Yes! Check out our step-by-step guide:

https://www.YourCyberPath.com/pdf

---

Send in a voice message: https://anchor.fm/yourcyberpath/message

“Do something you love, and you’ll never work another day in your life." Our guest hiring manager Jeffrey Jones says if you’re looking for your dream cybersecurity job, you need to keep these five principles in mind...

https://www.linkedin.com/in/jeffreyjonescissp

Want to get your dream cybersecurity job? Our highly rated masterclass will put you on your cyber path!

https://www.YourCyberPath.com

---

Send in a voice message: https://anchor.fm/yourcyberpath/message

LinkedIn: How’s your profile? What are you putting out there about you? This is your personal brand, so you need to be thoughtful about what hiring managers are seeing when they look at it. Listen to find out what to do!

Want to get your dream cybersecurity job? Our highly rated masterclass will put you on your cyber path!

https://www.YourCyberPath.com

---

Send in a voice message: https://anchor.fm/yourcyberpath/message

You submitted your resume and job application but they never call you. Did you do anything wrong? It’s possible. Listen to find out what to check for...

Want to get your dream cybersecurity job? Our highly rated masterclass will put you on your cyber path!

https://www.YourCyberPath.com

---

Send in a voice message: https://anchor.fm/yourcyberpath/message

You’ve found a great looking job. Now: How do you evaluate whether you’ll fit into the team? Do you want to go in the same direction as them? And, how do hiring managers evaluate candidates for fit and direction? Listen in to find out.

Want to get your dream cybersecurity job? Our highly rated masterclass will put you on your cyber path!

https://www.YourCyberPath.com

---

Send in a voice message: https://anchor.fm/yourcyberpath/message

What if you have a gap between your current skills and the employer’s required skills for your dream cybersecurity job? How do you navigate that gap? Listen in to find out.

Want to get your dream cybersecurity job? Our highly rated masterclass will put you on your cyber path!

https://www.YourCyberPath.com

---

Send in a voice message: https://anchor.fm/yourcyberpath/message

What goes in the job history section of your resume? How much detail should you include? And, how do hiring managers evaluate that section?

Want to get your dream cybersecurity job? Our highly rated masterclass will put you on your cyber path!

https://www.YourCyberPath.com

---

Send in a voice message: https://anchor.fm/yourcyberpath/message

Your reputation is so important to the hiring manager. And one of the biggest drivers of your reputation is your personal brand. On a related note, how did you left your last job. Did you leave it well?

Want to get your dream cybersecurity job? Our highly rated masterclass will put you on your cyber path!

https://www.YourCyberPath.com

---

Send in a voice message: https://anchor.fm/yourcyberpath/message

The Skills Section of your resume needs to match up to the job you're pursuing. What goes in there? How much detail should there be? How do cybersecurity hiring managers evaluate that section? What common mistakes should you avoid? We'll cover all that and more. Plus, a listener request.

Want to get your dream cybersecurity job? Our highly-rated masterclass will put you on your cyber path!

https://www.YourCyberPath.com

---

Send in a voice message: https://anchor.fm/yourcyberpath/message

As we announced in the last episode, Wes and I have switched to an every-other-week schedule. 

Unfortunately, this is the first "off week" so there's no full episode today.

We appreciate you and we’ll see you next week!

---

Send in a voice message: https://anchor.fm/yourcyberpath/message

Your Summary Statement at the top of your resume is the most important section. It’s your chance to hook us into reading the rest of your resume. Here’s how we’re hoping you’ll write it.

Want to get your dream cybersecurity job? Our highly-rated masterclass will put you on your cyber path!

https://www.YourCyberPath.com

---

Send in a voice message: https://anchor.fm/yourcyberpath/message