Really glad I found your content, I’m currently half way thru my associates degree in cyber and I’ve hit the wall of “not knowing the path” I would like to take. Your videos are a great help
I need your advice Nicole. i have a Diploma in Computer System Technician, and i want to become Security Auditor. please guide me how and where to learn only security auditor as a couurse . thanks
Hey, I’m taking Gerald Auger master class but am still wondering if I need sec + to land a job? Also, if I studied the Nist frameworks you mentioned would I actually be able to implement on the job? I can’t seem to find anything lab related
For just about any GRC job, you should have basics certs like Sec+. Having Sec+ will help you work with technical SMEs so that you're not lost in the dark when some technical terms come across the papers you're reading or through conversation with them (e.g., meetings). In addition to Sec+, get a GRC cert such as CISM, CISSP, CAP, etc. CAP for example is 90% RMF which is perfect if you have knowledge of NIST pubs.
In your professional opinion. Is it crazy for a 51yr old man that worked 26+yrs in many hospitals (the operating rooms) with no IT degree. To start a career change out of healthcare and into Cybersecurity?? I would like to somehow tie all my knowledge and exposure to HIPPA and patient information protection, to what Cybersecurity has to offer. Basically still work for or within healthcare doing cybersecurity stuff.
That isn't crazy, it also shouldn't be that difficult. You have tons of information on HIPPA and medical field and that is gold. Check out Gerald Auger channel for getting into GRC.
Mike, I’m in somewhat of the same boat as you. 45 and considering the change. I have signed up for a boot camp at UW Madison. I know she made a video about degrees/boot camps but I like the structure and learn better in that environment. If you want to bounce ideas off me or chat about it feel free to reach out. I know we can do this!
These salaries are garbage rubbish untrue max 100-150k top level which only a few will reach if that would be easy to get 400k job everyone would be doing it
Hi - I apologize for going off topic but someone recommended your channel to me & I wanted to post this question to your latest video to increase my odds of getting a response. I'm older and looking to change career paths. I have a mostly blue collar work background and also a few years of experience in the B2C sales industry. I want to secure a remote help desk position in IT and I'm looking for advice/guidance on what would be the quickest & most realistic route to achieve this goal. I do have a decent amount of informal/personal hands on experience with working on and with computers and electronics but by no means am I an expert - nor do I have any official technical training in the IT field. Any guidance you could provide would be greatly appreciated. Thank you :)
Enjoyed the vid. This was a nice talk through on GRC job niches. I've been through some coursework as well as some experience on this and it could make a nice career.
Hi Nicole So far I been doing the modules or try hack me to learn the cybersecurity concepts and things to that nature I need help, I wanted to see what I need to do to get a cybersecurity job in the healthcare field. I already work in the healthcare field and have a Masters in Healthcare Administration. Is there like a certification I specifically need for that or are there courses I can take to learn so I can get my foot in the door. THanks!
I am in law enforcement (adult probation officer) and am interesting in digital forensics. Recently enrolled in Cybersecurity classes to obtain certification at technical college. Are there additional steps that would be helpful?
I watch some of your video's and I love them my thing is that I don't know where to start. I'm 52 and so done with Auto Insurance claims. I'm remote which is nice but I work some times 10 to 12 hrs a day to keep up and not to mention weekends. I truly need to start a new profession and need to make a change. Two issues I have is 1 guidance and 2 faith. Hahahaha Asking for help to go in the right direction..
Can I message you somehow? I have questions in regards to school. I was about to sign up for IT at SJVC but they told me I’d have to get all certificates on my own … I can just learn the stuff for free right ? I feel like school would be a waste of money ??
It took less than three minutes to to realize she doesn't really know what she's talking about. She's clearly struggling to read the slides she includes. She talks about protecting the "confidentiality, integrity, and availability of your business _[sic]_ " when it's the _data_ that is being protected. She talks about the importance of knowing "HIPPA," _[sic]_ apparently not knowing that the acronym for the Health Insurance Portability & Accountability Act is "HIPAA." Of course, she has a course.
UMMMM Have you created a video? Please do before criticizing. I have over 10 years of experience in cybersecurity & IT. Also, I have dyslexia, so thanks for being a jerk and pointing out how I mispelled something.
@@nicoleenesse -1 point for "Have you created a video?" I'm responsible for errors in _my_ videos. I'm not responsible for errors in _your_ videos. -1 point for playing the victim card. I'm not responsible for your dyslexia, either. If that makes me a "jerk," I accept the opprobrium.
Are ye Scottish? It would be so in keeping with the concept of the School of Art de Enesse! The name "Enesse" practically rhymes with "Claymore!" Robert The Bruce and The Black Douglas!
Hi Nicole! Great vid. I came across your channel while doing some research on GRC. I was looking to enroll in Boyd Clewis’s Baxter a Lewis program. Any thoughts on it? It seems the area your discussing is his specialty.
Would it be possible for a technical writer to break into GRC? I write highly technical documentation and use information from subject matter experts and communicate with departments on a regular basis. My job is to make sure documentation is accurate and fits the needs of users. The attention to detail at my job is crucial so product reputatiton and user experience remains positive. Would these kind of skills work well to get into GRC?
Your videos are so encouraging and full of good info and advice. I am trying to transition from IAM/PAM (Identity Access Management/Privileged Access Management) into something along the line of IT Risk Management & Compliance, Governance but having a great difficulty before I don't have any direct experience in this field. I checked those certifications from ISACA, and everyone of them requires x number of years of experience before you sit for the exam. None of those certifications are considered an entry level. I have over 10 years’ experience as an information technology professional, currently doing IAM/PAM, I am certified Security +, and Microsoft MCP, would like to transition. Please help. Thank you in advance.
Hey! If you don't mind me asking, what's making you want to transition from IAM? I just found out about this position and thought it sounded pretty interesting
@@GabrielleSWalker Hello. I am looking to transition from Identity Access Management into GRC field because for the past few years, most of my IAM work has been on a contract basis, and I am finding myself doing contract after contact and always looking where my jobs will be.. IAM/PAM is of the easiest Technologies that companies can outsource to third party managed service providers and that is what happened to one of my previous IAM position that I lost. There seems to be more demand for GRC professionals, and what I am facing now is lack of experience in this field just like many other IT technology fields, experience plays an important role and is heavily valued. All of ISACA certifications require years of experience before you write the exam. Any idea, suggestions or advice how to get into the GRC field is greatly appreciated.
@@babylonking9896 With your background, you should easily be able to get a job as an external Access Management Consultant or an IT-Auditor. After 1-2 years in one of those jobs, it's quite easy to get a job as an internal auditor, compliance engineer, security analyst, etc. CISA/CISM/CRISR etc are not really required for these jobs, but can certainly help. However since you already have somewhat relevant experience, you might be able to get one of these certs within the 1-2 years of being an external auditor/consultant. Good luck!
" I checked those certifications from ISACA, and everyone of them requires x number of years of experience before you sit for the exam." Not true. You can still take the exam but you won't get certified unless you have the required experience. They will give you some years after passing the exam to then accumulate the required experience and be certified later.
I'm getting my degree in cybersecurity and planning on going towards GRC. I'd love to connect with you about my background and your opinion on a few important details. LMK if you have time.
Thank you for this nice video. I'm currently learning introduction to cyber security with SimpliLearn. Would like to know if SimpliLearn certifications are good enough to land an entry level job in cyber security.
Hey, I’m looking to get a degree in cyber security. I have taken 1 year of community college. Would you recommend finishing community college then transferring to WGU or go straight to WGU?
Lemme offer my unsolicited opinion. I'd say it depends on what's important to you. Saving money and going the community college route or fast tracking and going to WGU. Weight the pros and cons of each school and see which one best fits your lifestyle.
Thank you for the information! I am looking to pivot careers entirely into the cyber security field, and GRC sounds fascinating. I currently hold an BS in Business management as well as an MBA. I recently completed Sec+. I currently work in a Financial Aid Office at a university, working on auditing financial aid account. With transferable auditing skills, what should my next steps be in landing a Security Auditor or GRC analyst position?
cybersecurity is not for beginners. If I were you, I would do the google course on IT, and then the google course on cybersecurity. And then focus on the GRC.
Hello Nicole, as somebody who is wanting to get into cybersecurity from another career and I don't have a bachelors in Information technology but I do have one in business administration. If I get a masters from WGU in cybersecurity, is that sufficient for those wanting a college degree or do they also look for a bachelors degree in IT or cyber? I don't want to get both a bachelors and masters when I can get just a masters. As always love your channel.
Well Cloud is VERY broad... There is GRC specifically that applies to cloud. INE training also has a lot of good courses to test out various niches in cyber
They could be interchangeable job titles depending on the company and responsibilities. I worked in GRC/Audit/Risk for a year and I found it extremely boring. I would only go for it if you want a less technical job and more people oriented. Most big 4 firms will hire new graduates in audit and salary is great with experience.
Hi, I checked this video out as I am interested in moving into GRC. I work in Cyber Sec (as do you I understand) and would like to offer my feedback: * The principles of Confidentiality, Integrity and Availability relate to the DATA hosted in a business,, not to the Business itself. * The Framework you refer to twice for the Healthcare industry, is actually HIPAA, not HIPPA. A few other important frameworks are ISO27001, PCI DSS for the Financial Services and GDPR (For EU). * I am not sure mentioning that CISOs are thrown under a bus is conducive to inform viewers about the role. A CISO role is a huge achievement at the end of a long and challenging career, made of serious study (not coursera), serious certification (Like ComPTIA) and a mixture of hands-on experience in both technical and administrative roles.
Really glad I found your content, I’m currently half way thru my associates degree in cyber and I’ve hit the wall of “not knowing the path” I would like to take. Your videos are a great help
This is my job - CyberSec GRC, specifically focussed on Governance & Compliance pieces. This is a good video.
Do you like it? What skills did you have to get this job? Thanks
I am writing this prior to finishing the video, but this seems right up the alley of disaster recovery within the field of cyber. great so far!
Yeap, that is one part of a very LARGE field
hi! i started a freelance gig in GRC focusing on iso27001 compliance i'm doing fine (based in france) :)
oh awesome!
wow thats intresting Sir
can u share how has the experience been
Could you recommend portfolio projects, please?
What are some similar titles to this because I don't see it as often
DLP
I need your advice Nicole. i have a Diploma in Computer System Technician, and i want to become Security Auditor. please guide me how and where to learn only security auditor as a couurse . thanks
Hey, I’m taking Gerald Auger master class but am still wondering if I need sec + to land a job? Also, if I studied the Nist frameworks you mentioned would I actually be able to implement on the job? I can’t seem to find anything lab related
For just about any GRC job, you should have basics certs like Sec+. Having Sec+ will help you work with technical SMEs so that you're not lost in the dark when some technical terms come across the papers you're reading or through conversation with them (e.g., meetings). In addition to Sec+, get a GRC cert such as CISM, CISSP, CAP, etc. CAP for example is 90% RMF which is perfect if you have knowledge of NIST pubs.
Hiya! Really liked the video, it seems the resume template is kind of borken though. I put in my name and email and it brings me to a 404 page.
Nice one. !
In your professional opinion. Is it crazy for a 51yr old man that worked 26+yrs in many hospitals (the operating rooms) with no IT degree. To start a career change out of healthcare and into Cybersecurity?? I would like to somehow tie all my knowledge and exposure to HIPPA and patient information protection, to what Cybersecurity has to offer. Basically still work for or within healthcare doing cybersecurity stuff.
That isn't crazy, it also shouldn't be that difficult. You have tons of information on HIPPA and medical field and that is gold. Check out Gerald Auger channel for getting into GRC.
Mike, I’m in somewhat of the same boat as you. 45 and considering the change. I have signed up for a boot camp at UW Madison. I know she made a video about degrees/boot camps but I like the structure and learn better in that environment. If you want to bounce ideas off me or chat about it feel free to reach out. I know we can do this!
@@gbr1ryder Are you currently working in healthcare looking to transition into GRC?
@@nicoleenesse I didn't see the free "How to land a job in cybersecurity" in the description box. Can you link it up please?
@@nicoleenesse Yes Dr. Auger is awesome!!
Awesome, Nicole! Keep the uploads coming.
Thanks Shane!!
Can i still get a job in cybersecurity without a bachelors thanks
Your videos helped me decide to go back to school and hopefully get into GRC. Thank you!
That is awesome!!
These salaries are garbage rubbish untrue max 100-150k top level which only a few will reach if that would be easy to get 400k job everyone would be doing it
Hi - I apologize for going off topic but someone recommended your channel to me & I wanted to post this question to your latest video to increase my odds of getting a response. I'm older and looking to change career paths. I have a mostly blue collar work background and also a few years of experience in the B2C sales industry. I want to secure a remote help desk position in IT and I'm looking for advice/guidance on what would be the quickest & most realistic route to achieve this goal. I do have a decent amount of informal/personal hands on experience with working on and with computers and electronics but by no means am I an expert - nor do I have any official technical training in the IT field. Any guidance you could provide would be greatly appreciated. Thank you :)
Lee Mark Thompson Karen Garcia Eric
Hi Nicole, great video!! Any help on where I can find the GRC frameworks for industries such as Financial Services and Insurance/Reinsurance?
Enjoyed the vid. This was a nice talk through on GRC job niches. I've been through some coursework as well as some experience on this and it could make a nice career.
Thank for sharing. It's deff and underated career pathway
Hi Nicole
So far I been doing the modules or try hack me to learn the cybersecurity concepts and things to that nature
I need help, I wanted to see what I need to do to get a cybersecurity job in the healthcare field. I already work in the healthcare field and have a Masters in Healthcare Administration. Is there like a certification I specifically need for that or are there courses I can take to learn so I can get my foot in the door. THanks!
CISA requires 5 years of experience
It is actually *HIPAA.. Otherwise, a really fantastic video. I'm hoping to get into GRC.
Everyone outside of healthcare, and even a good percentage in healthcare, gets this wrong... So definitely don't feel bad.
I am in law enforcement (adult probation officer) and am interesting in digital forensics. Recently enrolled in Cybersecurity classes to obtain certification at technical college. Are there additional steps that would be helpful?
I watch some of your video's and I love them my thing is that I don't know where to start. I'm 52 and so done with Auto Insurance claims. I'm remote which is nice but I work some times 10 to 12 hrs a day to keep up and not to mention weekends.
I truly need to start a new profession and need to make a change. Two issues I have is 1 guidance and 2 faith. Hahahaha
Asking for help to go in the right direction..
Can I message you somehow? I have questions in regards to school. I was about to sign up for IT at SJVC but they told me I’d have to get all certificates on my own … I can just learn the stuff for free right ? I feel like school would be a waste of money ??
SJVC rocks!
Want to cut through the Bullsh*t and learn the serious skills for cyber? Click the link to apply and work with me upskilltocyber.com
Hey! Is GRC an entry-level role?
It took less than three minutes to to realize she doesn't really know what she's talking about. She's clearly struggling to read the slides she includes. She talks about protecting the "confidentiality, integrity, and availability of your business _[sic]_ " when it's the _data_ that is being protected. She talks about the importance of knowing "HIPPA," _[sic]_ apparently not knowing that the acronym for the Health Insurance Portability & Accountability Act is "HIPAA."
Of course, she has a course.
UMMMM Have you created a video? Please do before criticizing. I have over 10 years of experience in cybersecurity & IT. Also, I have dyslexia, so thanks for being a jerk and pointing out how I mispelled something.
@@nicoleenesse -1 point for "Have you created a video?" I'm responsible for errors in _my_ videos. I'm not responsible for errors in _your_ videos.
-1 point for playing the victim card. I'm not responsible for your dyslexia, either. If that makes me a "jerk," I accept the opprobrium.
Subbed. Thanks for the talk and the info.
Info for courses please
Hello hello
Can a person learn cybersecurity from scratch with no prior experience in programming?? If yes what is the study plan ?? Please 🙏
I want become GRC for educational institution, what all skills and requirements do i need?? I love watching your vedio.. please give me suggestion
Are ye Scottish? It would be so in keeping with the concept of the School of Art de Enesse! The name "Enesse" practically rhymes with "Claymore!" Robert The Bruce and The Black Douglas!
Thank you for doing a fairly detailed job of explaining GRC. This is helpful.
Where does cybersecurity awareness, training and culture roles fall under? Not under GRC?
I’m new to IT and I want to get into cybersecurity. Should I start with the google IT support certificate and then take the CompTia security+.
Federal government Security Officer, wanting to change careers into GRU role what would be a good field to go into?
Hi Nicole! Great vid. I came across your channel while doing some research on GRC. I was looking to enroll in Boyd Clewis’s Baxter a Lewis program. Any thoughts on it? It seems the area your discussing is his specialty.
I tried to sign up to your training but no one reached out
@nicoleenesse Just a heads up I see that there is no link to Geralds course.
Awesome advice
Would it be possible for a technical writer to break into GRC? I write highly technical documentation and use information from subject matter experts and communicate with departments on a regular basis. My job is to make sure documentation is accurate and fits the needs of users. The attention to detail at my job is crucial so product reputatiton and user experience remains positive. Would these kind of skills work well to get into GRC?
Yes, those skills would be good and very transferable!
What about the CCSK?
That is solid
Your videos are so encouraging and full of good info and advice. I am trying to transition from IAM/PAM (Identity Access Management/Privileged Access Management) into something along the line of IT Risk Management & Compliance, Governance but having a great difficulty before I don't have any direct experience in this field. I checked those certifications from ISACA, and everyone of them requires x number of years of experience before you sit for the exam. None of those certifications are considered an entry level. I have over 10 years’ experience as an information technology professional, currently doing IAM/PAM, I am certified Security +, and Microsoft MCP, would like to transition. Please help. Thank you in advance.
Hey! If you don't mind me asking, what's making you want to transition from IAM? I just found out about this position and thought it sounded pretty interesting
@@GabrielleSWalker Hello. I am looking to transition from Identity Access Management into GRC field because for the past few years, most of my IAM work has been on a contract basis, and I am finding myself doing contract after contact and always looking where my jobs will be.. IAM/PAM is of the easiest Technologies that companies can outsource to third party managed service providers and that is what happened to one of my previous IAM position that I lost. There seems to be more demand for GRC professionals, and what I am facing now is lack of experience in this field just like many other IT technology fields, experience plays an important role and is heavily valued. All of ISACA certifications require years of experience before you write the exam. Any idea, suggestions or advice how to get into the GRC field is greatly appreciated.
@@babylonking9896 With your background, you should easily be able to get a job as an external Access Management Consultant or an IT-Auditor.
After 1-2 years in one of those jobs, it's quite easy to get a job as an internal auditor, compliance engineer, security analyst, etc.
CISA/CISM/CRISR etc are not really required for these jobs, but can certainly help.
However since you already have somewhat relevant experience, you might be able to get one of these certs within the 1-2 years of being an external auditor/consultant.
Good luck!
" I checked those certifications from ISACA, and everyone of them requires x number of years of experience before you sit for the exam."
Not true. You can still take the exam but you won't get certified unless you have the required experience. They will give you some years after passing the exam to then accumulate the required experience and be certified later.
Hi Nicole, do you think cybersecurity bootcamps are a good way to get your foot in the door? I am a healthcare provider. Thank you.
I'm getting my degree in cybersecurity and planning on going towards GRC. I'd love to connect with you about my background and your opinion on a few important details. LMK if you have time.
I have a free group, where I have live Q&A . Feel free to join :) www.skool.com/startacybersecuritycareer
Thank you for this nice video. I'm currently learning introduction to cyber security with SimpliLearn. Would like to know if SimpliLearn certifications are good enough to land an entry level job in cyber security.
I have never heard of them. It might depend on your country. In United States they are unknown
I took a grc course a year ago, it was hard to find work . I ended up putting it on hold for next year.
This is definitely the role for me.Thank you Nicole..
Great Detailed Video
Thanks Edwin
i like the content , we always get new thing to discover.
Hey, I’m looking to get a degree in cyber security. I have taken 1 year of community college. Would you recommend finishing community college then transferring to WGU or go straight to WGU?
Lemme offer my unsolicited opinion. I'd say it depends on what's important to you. Saving money and going the community college route or fast tracking and going to WGU. Weight the pros and cons of each school and see which one best fits your lifestyle.
Keeping posting nice content
Is it better to work at a job firm or start a cyber security consultant firm?
Thanks Nicole as always another very helpful video!
Thank you for the information! I am looking to pivot careers entirely into the cyber security field, and GRC sounds fascinating. I currently hold an BS in Business management as well as an MBA. I recently completed Sec+. I currently work in a Financial Aid Office at a university, working on auditing financial aid account. With transferable auditing skills, what should my next steps be in landing a Security Auditor or GRC analyst position?
It is a great career to get in with a LOT of opportunities. It's the backbone of cybersecurity, and not hyped up
This is a good info
can this be and entry level job
cybersecurity is not for beginners. If I were you, I would do the google course on IT, and then the google course on cybersecurity. And then focus on the GRC.
I admire this lady!
1st
Aye! David!
Hello Nicole, as somebody who is wanting to get into cybersecurity from another career and I don't have a bachelors in Information technology but I do have one in business administration. If I get a masters from WGU in cybersecurity, is that sufficient for those wanting a college degree or do they also look for a bachelors degree in IT or cyber? I don't want to get both a bachelors and masters when I can get just a masters. As always love your channel.
Yes, a master's degree will be good, and also a lot quicker. You don't need to get a bachelors degree.
@@nicoleenesse Ok thanks!
Thanks Nicole!!! 😊😊😊
You are so welcome!
Nice intro to GRC 👽🤙
Arnold! Thanks
Great video
Thanks for the visit
Thank you.
You're welcome!
I see your video but i just cant make my mind up where to start? I like cloud so far ! Any ideas? To motivate me even more.
Well Cloud is VERY broad... There is GRC specifically that applies to cloud. INE training also has a lot of good courses to test out various niches in cyber
Thanks, Nicole for your videos. I have a question. Is that worth getting both GSEC and Security+ cert?
No, they are essentially the same thing. CompTIA security+ is the best value
Hi Nicole! Thanks for the video, is security auditor the same thing as IT auditor? I see IT auditor in a lot of job descriptions
They could be interchangeable job titles depending on the company and responsibilities. I worked in GRC/Audit/Risk for a year and I found it extremely boring. I would only go for it if you want a less technical job and more people oriented. Most big 4 firms will hire new graduates in audit and salary is great with experience.
Hi, I checked this video out as I am interested in moving into GRC.
I work in Cyber Sec (as do you I understand) and would like to offer my feedback:
* The principles of Confidentiality, Integrity and Availability relate to the DATA hosted in a business,, not to the Business itself.
* The Framework you refer to twice for the Healthcare industry, is actually HIPAA, not HIPPA. A few other important frameworks are ISO27001, PCI DSS for the Financial Services and GDPR (For EU).
* I am not sure mentioning that CISOs are thrown under a bus is conducive to inform viewers about the role. A CISO role is a huge achievement at the end of a long and challenging career, made of serious study (not coursera), serious certification (Like ComPTIA) and a mixture of hands-on experience in both technical and administrative roles.