Getting Into Cybersecurity: Blue Team

 

The Path I Am Choosing

    I mentioned in my first post that I just wanted this one to be about which way I want to head in the huge field of cybersecurity. Again, I have been off and on researching the many different options for the past couple years and honestly I really enjoy all facets I have looked into. My choice comes from many factors and obviously could be different than a lot of people. Though I find the red team/ethical hacking side fascinating,  I decided I really want to start as a SOC Analyst or Cybersecurity Analyst to hone my skills before diving more into Pen Testing.

    As a starting point I believe this is the best option I have found for me and there is a lot about it that is very interesting. It seems like in this role you get to work a lot with other teams to bridge gaps when resolving issues. This means there is a chance to learn what those other teams do both for seeing if that might be something I would want to do in the future and just to continue learning. On that note, it would also mean it could be easier to pivot within a company rather than having to search again for something else. I have also seen open positions that are remote, which could be a good option for me to have a better work/life balance. It would also give me the chance to look other places for jobs besides my current city/state. These are some of the reasons I landed at this point.

My Learning Path

    Holy cow there are so many resources out there to learn about cybersecurity. Most of what I have found has been free or low cost. I just want to share the path that I will be taking and some of the resources and information that I have found so far. This will be to keep me on track and moving through specific topics as well as hopefully showing others a good starting point or path to take.

    By focusing on just going for SOC Analyst specifically I can just go to any job search site or Google and look for responsibilities or pre-requisites pertaining to that role. I can then make a list of possible certifications I can try to obtain, software I should know, and knowledge I need to do that job. 

    Most jobs show some sort of certification as part of their pre-requisites and for a SOC Analyst the main one is CompTIA Security+. I am currently studying the material for this exam through both Professor Messer on YouTube and a course I bought on Black Friday from Plural Sight. The CompTIA website itself also has an overview on what the exam entails so you know what to look for. While I would like to obtain the actual certification at some point, it is not my focus. I would rather study the material and prove I know it another way at first. Also, with most of my learning, I like to have the information from multiple sources just to have it reiterated or see if I can learn anything else from a different perspective.

    Another big part is knowing a how to navigate a SIEM (Security Information and Event Management). I chose to start learning one of the more well known ones, which is Splunk. I just started on this and came into it knowing nothing at all about SIEMs. Splunk makes it easy with a bunch of free learning for their platform right from their site. I'm looking to do a post about SIEMs soon after learning more and to, again, learn by explaining it on here.

    In addition to just looking at job posting there are a couple really good guides I have found that provide a solid roadmap of what to learn. The first one is just through Try Hack Me and their learning paths. These are amazing and in depth as far as the amount of different concepts in each path. I am current going through the Cyber Defense path and it starts with networking basics and goes all the way into Malware Analysis. I have also found I really good SOC Analyst Study Guide that was made by Jay Jay Davey. This great guide is on a Notion board where it outlines skills needed to get into a job in cybersecurity, links to where to get those skills (usually free), and the ability to keep track of your progress for each.

    Throughout all this learning I will also be going back to the basics when needed. I want to make sure I really know things like Linux and networking concepts. This blog also has the added benefit of learning technical writing and documentation which is another thing I find on most job postings.  While I don't know a lot about this I'm ready to learn and apply it here when writing about the different technical aspects of being a SOC Analyst.

The journey so far...

Where It Started

    As of recently I have fallen more and more into the rabbit hole that is Cyber Security. This started back in 2018 when I was in a job that I was no longer fond of at all so I started looking around for other jobs that were in a completely different industry and skills I might need for types of jobs I wanted. This lead me to start learning the coding language, Python. 

    Like all my hobbies and interests, I dove head first into this and started to research different ways and places to learn. This can be my downfall sometimes where  I am spending more time on researching the different ways to learn instead of just doing the thing I am trying to learn. I watched a bunch of YouTube videos and read some blogs before finally jumping into purchasing classes on Udemy and signing up for sites like SoloLearn, Codewars and Codecademy. I definitely learned a lot from all that but can whole heartedly say that I am still very much a beginner. 

    In 2019 I did find a job in a different industry, just not in tech. I obtained a job at a brewery that I really liked and that actually slowed down my learning a lot. Fast forward to 2021 and I am still at the same job and still enjoy it but becoming a father for the second time (yay!). Leading up to and while on paternity leave I starting looking into ways I could help support my family by making money on the side or getting a remote job to stay home with a baby or just a better paying job in general. This lead me to look back at Python and what kind of jobs I could actually get if I really kept learning it. Some of the jobs, like Data Scientist, would pay a lot and could probably be remote but it looked like it would take awhile to achieve the qualifications needed to get into that field. Looking back I'm sure I could be there by now if I was dedicated but at the time I was looking for something faster. In my research for what I could do with Python I found David Bombal's YouTube channel where he talks about using Python for network automation but also has other videos on topics like ethical hacking.

Where I'm At

    Ethical hacking and cybersecurity were not completely new to me, being on the more tech side of YouTube, but for some reason this really grabbed me. Once again I went all in on researching everything about these topics. 

    I now have over 50 bookmarks of sites for classes, blogs, tools, and YouTube. I'm on TryHackMe, HackTheBox, PentesterLab, XSSRAT's Ethical Hacking Guide, Web Security Academy and Hacker101. I have two courses for getting the CompTIA Security+ certification and a whole Notion board for what to learn. I have Twitter and ten Discord channels just to follow Infosec and Cybersecurity industry people. I've watched 100's of YouTube videos on how to get into cybersecurity, what certifications to get, videos on those certifications, ethical hacking, bug bounties, pentesting, malware analysis, Linux and more. I've listened to every Darknet Diaries and follow 5 other cybersecurity podcasts.

     I know most people that read this don't care that I got into all that but my point is that the overarching topic of Cybersecurity is vast and it has been hard for me to focus on just one thing and just really deep dive into that.  Now I have started this blog to try to do just that.

Where It's Going

Security Certifications 2022

    My goal for this is to lock down what I actually want to do when I get into cybersecurity and my journey getting there. This blog is mostly for me to keep me on track, have somewhere for potential employers find out more about me and teach myself better by having to recap what I have learned. If I happen to also help other people find a way into cybersecurity that is also a plus! To start, on the next blog I'll be going over what route I'm looking at taking and how I have come to that conclusion. 

Thank you for reading, cheers!