Excellent vid! Didn’t know Splunk had its own series of tutorials. I’m currently completing my ATS in IT and taking Google Cyber Sec. Cert. on spare time. Highly theoretical for someone who’s more of a kinetic learner but eventually, I’ll build a few labs and begin in-depth exposure to SIEM tools. Thank you for highlighting these resources!
I'm preparing for security+ and waiting for november to apply for newer cert. I'll go for CISCO SOC, after pausing google cybersecurity cert from coursera. Not many people have give unbiased review about googles cert because I know that theory won't take you far.
Out of curiosity, why are you waiting for the new version of the Security+? You might want to look at the video I recently published about the new exam version. I'm more concerned with getting people the information they need/want than worrying about what others are or aren't doing.
will this cert be valid for 10-11 months if I give this right now? Retirement date for Security+ is July 2024. I will have to renew it again after July or I just need it one time to put it on your resume and should have more practical knowledge if i'm targeting SOC analyst position or any other roles? @@JonGoodCyber
Retirement in this context doesn't mean that all prior versions will expire on that date. You'll receive the standard window regardless of which version you take. The only thing that the "retirement" date means is that you cannot take the older version at that point.
Q: for learning splunk- can you specify which one of the splunk free training courses I should take to know enough to get an entry level SOC analyst job?
If you're going to try to learn Splunk, you should learn as much as you can from any available options. Keep in mind that learning Splunk is only one aspect of working in a SOC, and without the fundamentals you will not meet the minimum requirements to fill a SOC Analyst job.
Jon, Got a question for you. I might be over thinking this, but I'm wondering if I can rightfully add "Incident Response" to my resume. Basically my day consists of reviewing alerts, closing out the false positives, from the ones that need further attention. And this usually means that I identify the malicious activity, identifying steps the client can take to address the issue and escalating the issue to the client. Does this fall in the realm of "Incident Response" and can I rightfully list it in my resume, or would it be misleading if I did so? Thank you.
Based on what you've explained, it sounds like you have some early involvement in the identification of possible incidents, which if identified, would start the Incident Response process. Although this does have a connection to IR, you need to be cautious about how you label that. When most people think about Incident Response, they are thinking about the people who get called if something suspicious is identified and will dive deeper into an investigation about it. If you are doing the investigation, I think it's reasonable to assume you are involved in IR, but you need to make that determination.
SOC analysts are now paid $17 to $25 an hour, especially Tier One due to everyone flooding into these jobs from the promise of high salary. Now you have hundreds of people with no previous IT experience on Reddit whining about how they can’t get a cybersecurity tier one job after their training. But guess who is making a lot of $$$ off this artificial wave? The people making the training courses of course… buy their training course guys $$$$ 😂, you be in cybersecurity in no time.
The numbers that you stated are wildly inaccurate for a cybersecurity job. Every once in a while, there will be a Tier 1 professional making ~$50k, but they generally aren't very qualified and happened to get lucky in their job search. Suppose you go to a company paying less than that for a cybersecurity job. In that case, you're not only getting underpaid but also taken advantage of in a work environment that is probably horrible. The fact that you take Reddit as a source of truth is a bad sign, and I highly recommend changing where you get your information.
@@genjioto I don't need to see your links, as I have seen much of the existing propaganda that tends to come from less-than-reputable sources. Many of the issues causing this are actually related to companies giving "cyber" related titles to jobs that are clearly incorrect. I've seen things like Cybersecurity Help Desk, IT Security Support, and even traditional SOC Analyst titles for IT jobs. People can believe whatever they want, but out of all the people I've helped land jobs (spoiler alert, it's a lot of them), all of the cyber jobs have been ~20% more or greater than the top end of what you listed.
There is no free training that's going to give you certifications like the ones that you've listed. Vendors like CompTIA will occasionally offer scholarships but you can find that information on their website(s) when they offer it.
SIEM is a fairly broad topic so you'll need to be more specific. I do however already have a video on Splunk For Beginners: ua-cam.com/video/3CiRs6WaWaU/v-deo.html
QRadar isn't as popular of a SIEM tool as others but I recommend starting with searching on job boards to see the kinds of results that are returned. It's probably not going to be possible to do a video on QRadar because IBM doesn't appear to be friendly about giving a trial version, especially without talking to sales reps.
You really shouldn't be diving into any cybersecurity specific training until you have a solid foundation and certainly networking is included in that requirement.
Going to the offensive side, especially at first, is a lot less common as there's less jobs, which means it's a lot more competitive to land a job. That said, understanding how a SOC works is actually valuable to Penetration Testers as it will help you evade detection. Good luck!
Anybody trying to get into Cybersecurity should follow the roadmap in my free eBook ( jongood.com/getstarted/ ). Many programs don't disclose the fact that there's basically two ways to work towards Forensics, through law enforcement or through a SOC. It's not really an area where people start out their careers for many reasons.
hello sir, do I need previous knowledge before I learn SOC course on coursera, Im taking their cyber security course right now. atm I dont really know what what field of cyber security to pursue.😅 thank you
I always recommend following the roadmap in my free eBook ( jongood.com/getstarted/ ). Without the knowledge in the roadmap first, it's relatively likely that you'll have a more challenging time.
The mission at Cyber Training Pro is to offer training and career services that helps people break into a Cybersecurity career AND advance their journey once they are working in Cybersecurity. There's already quite a bit of training and career services available and we add more all the time.
You can see which training options are available by visiting the Cyber Training Pro website ( www.cybertrainingpro.com/ ). We are adding training all the time and frequently include various tools and technologies in courses, when it's applicable.
Sry for irrelevant question but i have a question Jon,plz reply... if i don't have the experience required to get the full cissp cert but i passed the exam and i got the Associat iso then can i get the actual full cissp cert without passing the exam again when i have the experience required??
We need a break from soc videos being released from all cyber influencers they've been impossible roles to get for at least a year now. Like 2k applications per position. All the other roles are super vague and weird to try to get entry level wise. No clue how ppl can get in without getting a favor or lucky
I have plenty of other videos if you're interested in different topics. It's true that over the last few years we've seen the requirements to be competitive increase but that's because of issues in the market and occasionally poor financial management within companies...which has nothing to do directly with cybersecurity. I can tell you these jobs are still entirely possible as my students tend to have a very high success rate. Unfortunately, I cannot say the same about other advice or programs that you might have seen.
@JonGoodCyber didn't intent to be too negative meant from an overall perspective. Don't want people justbstarting to be discouraged when they see how heavy the interest is right now. No clue how all these tier 3 spots are open but never tier 1 def industry issue
No worries! I have discussed this a lot on this UA-cam channel and on LinkedIn so I won't take away from that content, but there's a lot of reasons for this. People need to be ok with the fact that their first job may not be directly in Cybersecurity and they might have to pivot from IT. There's a lot of implications by hiring a junior team member and not all teams/departments are structured in a way that allows them to handle that situation. Don't get upset or discouraged about it and instead find a way to make the system work in your favor. The Cybersecurity career field is about being resilient because you're going to see a lot of pushback in general throughout this industry.
Hi Jon. I'm new to IT and I'm interested in going into cyber security...would you please send me a link to a guide on how to end up as a cyber security professional, what certificates to start with etc?
Excellent vid! Didn’t know Splunk had its own series of tutorials. I’m currently completing my ATS in IT and taking Google Cyber Sec. Cert. on spare time. Highly theoretical for someone who’s more of a kinetic learner but eventually, I’ll build a few labs and begin in-depth exposure to SIEM tools. Thank you for highlighting these resources!
You're welcome and I'm glad that you enjoyed the video!
Blue team is defense monitoring and detection, counter measures, red team offense or pentration.
Was that meant to be a question or just a statement?
once again, outstanding content! Keep it coming!!
Thanks! Will do!
I'm preparing for security+ and waiting for november to apply for newer cert. I'll go for CISCO SOC, after pausing google cybersecurity cert from coursera. Not many people have give unbiased review about googles cert because I know that theory won't take you far.
Out of curiosity, why are you waiting for the new version of the Security+? You might want to look at the video I recently published about the new exam version. I'm more concerned with getting people the information they need/want than worrying about what others are or aren't doing.
will this cert be valid for 10-11 months if I give this right now? Retirement date for Security+ is July 2024.
I will have to renew it again after July or I just need it one time to put it on your resume and should have more practical knowledge if i'm targeting SOC analyst position or any other roles?
@@JonGoodCyber
Retirement in this context doesn't mean that all prior versions will expire on that date. You'll receive the standard window regardless of which version you take. The only thing that the "retirement" date means is that you cannot take the older version at that point.
thanks Jon for clearing this misconception. I'll get to the security+ and clear it as soon as possible. I appreciate it@@JonGoodCyber
Thanks, Jon it is interesting to listen you! I prefer to learn SOC analysts at CISCO
I'm glad that you enjoyed the content! There are certainly many different options that exist and these are just a handful of choices.
Q: for learning splunk- can you specify which one of the splunk free training courses I should take to know enough to get an entry level SOC analyst job?
If you're going to try to learn Splunk, you should learn as much as you can from any available options. Keep in mind that learning Splunk is only one aspect of working in a SOC, and without the fundamentals you will not meet the minimum requirements to fill a SOC Analyst job.
Appreciate the tips, personally been loving the Splunk training because its very interactive.
Glad you enjoyed it and thanks for sharing!
@@JonGoodCyber do you think learning splunk still or wait as they have done a deal with Cisco?
The merger shouldn't impact your decision to learn Splunk.
Jon,
Got a question for you. I might be over thinking this, but I'm wondering if I can rightfully add "Incident Response" to my resume. Basically my day consists of reviewing alerts, closing out the false positives, from the ones that need further attention. And this usually means that I identify the malicious activity, identifying steps the client can take to address the issue and escalating the issue to the client. Does this fall in the realm of "Incident Response" and can I rightfully list it in my resume, or would it be misleading if I did so?
Thank you.
Based on what you've explained, it sounds like you have some early involvement in the identification of possible incidents, which if identified, would start the Incident Response process. Although this does have a connection to IR, you need to be cautious about how you label that. When most people think about Incident Response, they are thinking about the people who get called if something suspicious is identified and will dive deeper into an investigation about it. If you are doing the investigation, I think it's reasonable to assume you are involved in IR, but you need to make that determination.
SOC analysts are now paid $17 to $25 an hour, especially Tier One due to everyone flooding into these jobs from the promise of high salary. Now you have hundreds of people with no previous IT experience on Reddit whining about how they can’t get a cybersecurity tier one job after their training. But guess who is making a lot of $$$ off this artificial wave? The people making the training courses of course… buy their training course guys $$$$ 😂, you be in cybersecurity in no time.
The numbers that you stated are wildly inaccurate for a cybersecurity job. Every once in a while, there will be a Tier 1 professional making ~$50k, but they generally aren't very qualified and happened to get lucky in their job search. Suppose you go to a company paying less than that for a cybersecurity job. In that case, you're not only getting underpaid but also taken advantage of in a work environment that is probably horrible. The fact that you take Reddit as a source of truth is a bad sign, and I highly recommend changing where you get your information.
@@JonGoodCyber I’d be happy to send you a few links to some primary resources.
@@genjioto I don't need to see your links, as I have seen much of the existing propaganda that tends to come from less-than-reputable sources. Many of the issues causing this are actually related to companies giving "cyber" related titles to jobs that are clearly incorrect. I've seen things like Cybersecurity Help Desk, IT Security Support, and even traditional SOC Analyst titles for IT jobs. People can believe whatever they want, but out of all the people I've helped land jobs (spoiler alert, it's a lot of them), all of the cyber jobs have been ~20% more or greater than the top end of what you listed.
Thank you so much for such important information...
You are most welcome!
Are there any free training that will give the proper certifications to landing a soc job i.e cism, CompTIA CASP+, etc
There is no free training that's going to give you certifications like the ones that you've listed. Vendors like CompTIA will occasionally offer scholarships but you can find that information on their website(s) when they offer it.
Hi Jon,
Can you please do video on SIEM
SIEM is a fairly broad topic so you'll need to be more specific. I do however already have a video on Splunk For Beginners: ua-cam.com/video/3CiRs6WaWaU/v-deo.html
@@JonGoodCyber
Yes Jon, I worked as an admin in IBM QRadar SIEM, wanted to know how the career will be in USA
QRadar isn't as popular of a SIEM tool as others but I recommend starting with searching on job boards to see the kinds of results that are returned. It's probably not going to be possible to do a video on QRadar because IBM doesn't appear to be friendly about giving a trial version, especially without talking to sales reps.
I feel like I need to get a good understanding in Networking before tackling any of these lessons.
You really shouldn't be diving into any cybersecurity specific training until you have a solid foundation and certainly networking is included in that requirement.
Thank you!
You're welcome!
Thanks Jon
You're welcome!
what if i go for Offensive side at first then will go for soc analyst
Going to the offensive side, especially at first, is a lot less common as there's less jobs, which means it's a lot more competitive to land a job. That said, understanding how a SOC works is actually valuable to Penetration Testers as it will help you evade detection. Good luck!
I'll go for spunk training
Nice and good luck!
Im a cyber forensic stident how can i start my career
Anybody trying to get into Cybersecurity should follow the roadmap in my free eBook ( jongood.com/getstarted/ ). Many programs don't disclose the fact that there's basically two ways to work towards Forensics, through law enforcement or through a SOC. It's not really an area where people start out their careers for many reasons.
hello sir, do I need previous knowledge before I learn SOC course on coursera, Im taking their cyber security course right now. atm I dont really know what what field of cyber security to pursue.😅 thank you
I always recommend following the roadmap in my free eBook ( jongood.com/getstarted/ ). Without the knowledge in the roadmap first, it's relatively likely that you'll have a more challenging time.
@@JonGoodCyber will the cybertrainingpro membership enough for me to learn and land a job on this field?
The mission at Cyber Training Pro is to offer training and career services that helps people break into a Cybersecurity career AND advance their journey once they are working in Cybersecurity. There's already quite a bit of training and career services available and we add more all the time.
@@JonGoodCyber im sorry if this may sound dumb, but is there a training for splunk,or any siem or any other cybersecurity tools?
You can see which training options are available by visiting the Cyber Training Pro website ( www.cybertrainingpro.com/ ). We are adding training all the time and frequently include various tools and technologies in courses, when it's applicable.
Sry for irrelevant question but i have a question Jon,plz reply... if i don't have the experience required to get the full cissp cert but i passed the exam and i got the Associat iso then can i get the actual full cissp cert without passing the exam again when i have the experience required??
If you perform the maintenance activities, you aren't required to retest.
@@JonGoodCyber What r those maintenance activities? Do u have any idea about it?? And thanks jon...u r really very helpfull.
I recommend looking at the website: www.isc2.org/certifications/associate
We need a break from soc videos being released from all cyber influencers they've been impossible roles to get for at least a year now. Like 2k applications per position. All the other roles are super vague and weird to try to get entry level wise. No clue how ppl can get in without getting a favor or lucky
I have plenty of other videos if you're interested in different topics. It's true that over the last few years we've seen the requirements to be competitive increase but that's because of issues in the market and occasionally poor financial management within companies...which has nothing to do directly with cybersecurity. I can tell you these jobs are still entirely possible as my students tend to have a very high success rate. Unfortunately, I cannot say the same about other advice or programs that you might have seen.
@JonGoodCyber didn't intent to be too negative meant from an overall perspective. Don't want people justbstarting to be discouraged when they see how heavy the interest is right now. No clue how all these tier 3 spots are open but never tier 1 def industry issue
No worries! I have discussed this a lot on this UA-cam channel and on LinkedIn so I won't take away from that content, but there's a lot of reasons for this. People need to be ok with the fact that their first job may not be directly in Cybersecurity and they might have to pivot from IT. There's a lot of implications by hiring a junior team member and not all teams/departments are structured in a way that allows them to handle that situation. Don't get upset or discouraged about it and instead find a way to make the system work in your favor. The Cybersecurity career field is about being resilient because you're going to see a lot of pushback in general throughout this industry.
Helpful posts
I'm glad you enjoyed the video!
I am currently doing the coursera soc, do you get the certification whenever you finish? I plan on doing more in these 7 days during the free trials.
Any certificates associated with courses are awarded once you complete the training.
@@JonGoodCyber thank you man I really appreciate. Is there a way I can better communicate with you to get more insight one direction?
The best way for one-on-one advice is to sign up for Career Coaching on Cyber Training Pro ( www.cybertrainingpro.com/ ).
@jongoodcyber is Cybrary good to learn about Soc analyst
@@felipecard7761 thanks already finished it and 80% done with my security +
Thank you!🫡
You are welcome!
136K for a SOC Analyst?
I'm not sure what your question is exactly?
@JonGoodCyber I think he is asking if 136k could be a annual salary of a SOC analyst
Hi Jon. I'm new to IT and I'm interested in going into cyber security...would you please send me a link to a guide on how to end up as a cyber security professional, what certificates to start with etc?
@@ethand3425 In that case, the answer is yes, but you're not likely to start with that salary if you don't have previous experience.
@@kwameyinkah3676 You can find that information included in my free eBook ( jongood.com/getstarted/ ).
Thank you so much. Im going to check out that mitre information first thing after this video 🦾🥳
You are so welcome!