Great list. Simply Cyber Academy also just launched a new course on NIST Cybersecurity Framework which is very relevant to GRC work. I'm the instructor and wide open to any questions.
Thank you so much for replying and being open to assist those interested! I was wondering what you think a realistic time frame would be to getting a job in GRC? Is the market more plentiful for this side of cyber or is this a more specialized side that does not boast as many opportunities as ?
Thanks for covering my Simply Cyber GRC Analyst Master Class Sandra. I really enjoy the compare and contrast to other courses and outlining how students may want to select one over another. Great work! 💙
Hello Sandra, long time follower of yours on LinkedIn as well as UA-cam 😊 I have spent this year earning my Google Cybersecurity Certificate, CompTIA Security+, Azure Fundamentals along with hours of labs and home projects. I am interested in an entry level GRC role but no luck yet. At this stage should I be applying for jobs or getting more certs? Thanks so much! 🥰
Hello Sandra. Between the Unixguy and Simply Cyber GRC courses which one is better if I learn better with more hands on learning with real world practical labs or assessments?
That roadmap is pretty overwhelming. I like how Unix Guy for example simplifies to some key certs. For GRC a good progression is Security+ > GRC Masterclass > CISA > CISSP. Outside certs and education, relationships and experience career development plan goals are also key.
For me to cross over from accounting I used a T-shaped skill strategy. I was solid in access in change management controls but pretty new to security operations, service engineering, networking, software development etc. So I focused on my strength area to add value from day 1 and then worked to develop a broad understanding of the other domains (the top of the T). Generally GRC Analysts are striving for a 20% depth of technical knowledge, broadly across the domain. If you have business administration, project management or similar skills those can also add a lot of value in GRC as it works with more technical teams.
Thnx for sharing this valuable information! It would be fantastic if you could also provide links to GRC beginner or remote job opportunities. This would be incredibly helpful for those just starting out in the field.
Happy Sunday! 😄🌟
GRC Courses mentioned:
- GRC Mastery (UnixGuy): www.grcmastery.com/courses/cyber-security-consulting-grc?affcode=1703194_24dkmpxa
- SimplyCyber GRC Analyst Master Class (Gerald Auger, PhD): academy.simplycyber.io/p/the-definitive-grc-analyst-program?affcode=1148220_ecdcaewe
- NIST Risk Management Framework: csrc.nist.gov/projects/risk-management/rmf-courses
- UC Irvine Security Governance & Compliance (Coursera):
www.coursera.org/learn/security-governance-compliance
- GRC Approach to Managing Cybersecurity (Coursera):
www.coursera.org/learn/grc-approach-to-managing-cybersecurity
You can get 50% off Keeper Password Manager with code WITHSANDRA at www.keeper.io/with-sandra
Great list. Simply Cyber Academy also just launched a new course on NIST Cybersecurity Framework which is very relevant to GRC work. I'm the instructor and wide open to any questions.
Thank you so much for replying and being open to assist those interested! I was wondering what you think a realistic time frame would be to getting a job in GRC? Is the market more plentiful for this side of cyber or is this a more specialized side that does not boast as many opportunities as ?
@@sameishdiffday that would be a good discussion for the Simply Cyber or Study GRC Discord servers if you’re ok to google search for and join those.
This great information didn't know about 3 of those
Thanks for covering my Simply Cyber GRC Analyst Master Class Sandra. I really enjoy the compare and contrast to other courses and outlining how students may want to select one over another. Great work! 💙
GRC: a career where people ignore everything you say
Some ppl may never learn until the consequences hit them 😅 thats one of the struggles with the job
But if we are paying a guy to say it, no one can sue us right???
So basically I just need to do all these courses 😂.
Thanks always Sandra 😊❤!!
Hello Sandra, long time follower of yours on LinkedIn as well as UA-cam 😊
I have spent this year earning my Google Cybersecurity Certificate, CompTIA Security+, Azure Fundamentals along with hours of labs and home projects.
I am interested in an entry level GRC role but no luck yet. At this stage should I be applying for jobs or getting more certs?
Thanks so much! 🥰
Hello Sandra. Between the Unixguy and Simply Cyber GRC courses which one is better if I learn better with more hands on learning with real world practical labs or assessments?
Is the Paul-Jerimy Security Certification Roadmap relevant to industry-recognized tiers, and how does it rank each certificate?
That roadmap is pretty overwhelming. I like how Unix Guy for example simplifies to some key certs. For GRC a good progression is Security+ > GRC Masterclass > CISA > CISSP. Outside certs and education, relationships and experience career development plan goals are also key.
Which courses have you taken yourself?
From where do i get the notes of Grc
How long it takes to get through the GRC Mastery course?
So you don’t need to have technical experience to start working in GRC?
For me to cross over from accounting I used a T-shaped skill strategy. I was solid in access in change management controls but pretty new to security operations, service engineering, networking, software development etc. So I focused on my strength area to add value from day 1 and then worked to develop a broad understanding of the other domains (the top of the T). Generally GRC Analysts are striving for a 20% depth of technical knowledge, broadly across the domain. If you have business administration, project management or similar skills those can also add a lot of value in GRC as it works with more technical teams.
Well the courses are not free. Why you wrote this in caption?
Have you completed CDSA yet? If you have, can you make a video of your experience with it?
You have to agree to their NDA violating it will result in a revoke of your certification
Thnx for sharing this valuable information! It would be fantastic if you could also provide links to GRC beginner or remote job opportunities. This would be incredibly helpful for those just starting out in the field.
Why don't you work for NSA???
I actually hadn’t previously considered working for a national organization, thanks for the recommendation though, maybe I need to reconsider 🧐
Thank you 🙏