A Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on with free/paid resources, tools and concepts to excel.
It will cover but not limited to:
- Common Skills for Security Study Plan
- AWS Security Study Plan
- GCP Security Study Plan
- Azure Security Study Plan
- DevSecOps Study Plan
- Docker Security Study Plan
- Kubernetes Security Study Plan
- Web Penetration Testing Study Plan
- Application Security Testing Plan
- API Security Study Plan
- Network Security Study Plan
I got the idea of creating this repo after seeing coding-interview-security as it echoes the journey that I went through to get into the full-time security role.
I created this study plan to help people who are looking for guidance and help to plan and prepare for a job specific skill sets. If you study 3-4 hours per day for next 6 months, you can literally clear high rewarding jobs provided you do lots of hands-on and go through each necessary topic/concept more than thrice and you are from tech background. This actually worked in my case.
Please note that there are some topics that would be common for any listed security roles. Check common-skills-study-plan
I will try my level best to add study references from the beginners perspective but will have even advanced level coverage too.
All the best for your security journey!
This is to give a study plan to prepare for a specific role. It is of course multi months hard work and dedication which needs a proper roadmap. Hence, this repo would be one point source for all your study plan.
Prerequisites:
- Ready to devote time on daily basis
- from tech background, else it can take little more time but still possible to make a career in cybersecurity.
- Never give up attitude
- Hacker Mindset
- Ready to explore on your own
Please note that there are many job titles under each of these study plans, but I am keeping a generic study plan, so that you can tick out whichever you already know. This way you would know how much you know and how much you still need to learn to grow up the ladder.
Check out the YouTube video on "Cybersecurity Roadmap for Beginners" and "How to make a career in Cybersecurity". Then, you will have a better idea on why to use it and how to use this study plan for your preparation.
If you want to work as a security engineer, these are the skills/topics/concepts you need to know and learn thoroughly..
When I started learning security concepts, everything was new to me, and I wasted lots of time on google search, youtube videos, articles etc. to figure out what's required and what not. I am still learning as cybersecurity is evolving, so we must. My target is to keep this repo up to date, of course with the help of wonderful learners like you.
It takes time to be confident on some skills, treat it as a long plan. It may take months or sometimes a year too, but keep yourself motivated and don't stop learning. However, If you are familiar with a lot of topics already it will definitely take less time for you.
Everything below is like an outline, and you can tick out the items that you have already covered or know in order from top to bottom.
I'm using GitHub's special markdown flavor, including tasks lists to track progress. As a Cybersecurity professional, I would recommend you to learn git and clone this repo for your personal learning purpose.
Before updating or creating a resume for job, please check:
- What job title you are trying for?
- Do you fall in that experience range?
- Check what skills it is looking for?
- Check for job location or is it remote(work from home/anywhere)?
Now, prepare the resume based on above info and your skill sets. Try to be honest here. See, if you can finish your resume in 1-2 pages. Check 1 page resume from below links:
- One page resume template from zety.com
- Easy Resume
- Various Security Resume sample from qwikresume.com
- [How To Write a Security Engineer Resume (With Example)](How To Write a Security Engineer Resume (With Example))
- Network Security Engineer Sample
- Cloud Security Engineer Resume
- AWS Security Engineer Resume
- Lead DevSecOps Resume Example
- Sr. DevSecOps Engineer Resume Example
- Penetration Tester Consultant Resume Sample
You might see hundreds of job openings, some may be from your dream company. But, once you closely look it doesn't match with your skills. It seems job title was little misleading and more of a generic description. Like security researcher or security analyst are just few examples. So, finetune and narrow down the job search with below websites but not limited to:
- Which job title you are targeting?
- What skills you have vs what skills JD requires?
- Years of experience (range) is matching?
Now search or subscribe to below job portal:
- Linkedin. Yes, now a days it's job alert setting does a better job in finding the right job for you.
- Naukri.com (Mostly in Asian countries)
- indeed.com
- monster.com
- instahyre.com
- cutshort.io
- Null Jobs Community
- Cybersecurity Jobs
- Interactive way to find jobs, skills, salary etc.
You can start preparing for the job interview once you have solid knowledge as per the checklist for given role(s). There are few common security questions which you should have a look at it:
- Cybersecurity Interview Questions and Answers - Youtube
- Cybersecurity Questions and Answers by Springboard
- Cybersecurity Questions and Answers form indeed
- 100+ Q&A for Cybersecurity domain from guru99
- How you keep updated yourself in the security domain?
- What would you do typically at the first day of your job?
- What personal achievement are you most proud of?
- What was your last tough vulnerability that you found?
- Why should we hire you?
- What did you learn in last 6 months and how was it relevant to your career/project?
- Where do you see after 5 years working with this organization?
- Common Security Skills for Cybersecurity study plan
- AWS Security Study Plan
- Web Penetration Testing Study Plan
- Application Security Study Plan
- API Security Study Plan - In Progress...
- GCP Security Study Plan
- DevSecOps Study Plan
- Network Security Study Plan
- Docker Security Study Plan
- Kubernetes Security Study Plan
- Azure Security Study Plan
You can check some common answers from here
Want to contribute? Please fork the repo and send PR for review