You're welcome...I'm glad that you enjoyed the content and thank you for the support! Make sure to share the channel with your coworkers/peers/friends/family/etc. if they will get value out of it too.
I was watching the other video, for 2021 Certs, but I found this, for 2022, Nice bro, you are doing a good work for analyzing Cybersecurity Industry, Thank you
Thank you for this amazing video! I'm still senior at high school, but I've already started to think about getting a certification that would help me get a decent cyber sec job in the future. And you're really good at helping people!
I'm glad that you enjoyed the video! The demand for Cyber Security is growing all the time and it continues to be a great time to break into the career field.
Thank you for the video! It helped focus my path. I have 9yrs of experience in IT, I have my CEH and Security+. I'm halfway done with my MS in Cybersecurity Information Assurance and I am also studying for my PMP. I'll definitely be looking into the Blue Team for the hands on certification and I had been avoiding CISSP, but it looks like I'll have to such it up and get that too lol.
@@JonGoodCyber Hey Jon, nice list. I have Security + ,and I am having problems getting into the Cyber Security field even finding entry-level position here in Toronto-Canada. I should mention that I am currently doing PAM analyst work but I am more interested in Information/Cyber Security field. I wanna get your opinion or thoughts on obtaining CEH, or CCNA Cyber Ops or eJPT certifications.
Unfortunately no certification will guarantee you a job but it is one componenet that can help you at least get an interview. I recommend grabbing my free eBook ( www.jongood.com/getstarted/ ) for a roadmap of skills and certifications that I recommend pursuing and that will put you in the best spot with what employers are looking for in cyber security staff. Are you getting interviews? If not, your resume probably needs to be improved and geared towards the kind of role that you want. I recommend checking out my video on resumes if that's the case. Also, just to be clear PAM (Privileged Access Management) or IAM, is a cyber-related job role. Regarding the three certifications that you list, the Cisco Cyber Ops Associate (hasn't carried the CCNA title for a few years now) is the most valuable of those three but I would refer to my eBook roadmap for what I specifically recommend.
After watching this video, I am definitely going to complete the certification in CompTIA, I have already been learning the command guide while studying for certification in cyber security and networking in Australia. Learning coding, especially Python, is also an advantage.
Hey Jon, currently tackling CISSP and I passed the AWS CCP earlier this year. I Wanted your thoughts on the AWS Certified Security Specialty vs the CCSP. I feel as though the AWS path is still quite technically focused. As someone in GRC, aiming for management/CISO positions…Which do you think would be best to aim for?
You are correct in that the AWS path will require more technical knowledge and skills. Typically I advise people down the AWS Solutions Architect Associate path before they get the Security Specialty because frankly the CCP won't give you enough knowledge about AWS outside of basic services. The CCSP is an acceptable alternative if you are just looking for broad knowledge of how cloud and cloud service providers operate, although it's not as widely recognized. Depending on the specific GRC/management role, the CCP might be good enough for a while on cloud knowledge and something like the CISA might make more sense. Every situation is different but if we are talking in general and just looking at the AWS certificate versus the CCSP, then in your situation the CCSP might make more sense. For GRC and management positions, you aren't typically going to need deep-level technical knowledge, however if you work at smaller companies you might find yourself being more "hands on" even in a management role.
@@JonGoodCyber I am new to this field, here studying for my first certification, security+. Would it make sense to do both AWS and network+? I am hoping to seek an entry level position aftr passing security+. Also, I want to pursue another cert immediately after. What's your recommendation? I still trying to find out what area suits me most.
You absolutely need to know about networking for any job in IT or cyber security because it's the foundation of everything and it's going to be pretty hard to land a job without knowing how networks and systems communicate. Cloud isn't necessarily required for entry level jobs but long term and as you start to get experience it will set you apart from your peers. I recommend checking out my free eBook ( www.jongood.com/getstarted/ ) where I provide a roadmap of skills and certifications for getting into Cyber Security.
@@JonGoodCyber I am currently studying cert 3 in IT (cyber security) at Tafe, once I complete the course I will do cert 4. Tafe offer network administration and networking. After reading your comments, would pursuing these qualifications definitely secure a career as a penetration tester? I am also studying Kali Linux and learning how to code in Python, Arduino and Android.
Nothing will guarantee you a specific job in this career field but there are certainly ways to improve your chances. If you want to be a penetration tester, then I recommend getting a good solid foundation in the basics first (networking, operating systems, cloud, and preferably some basic scripting/programming) that are all outlined in my eBook. Additionally, I highly recommend getting involved with bug bounty programs because that is a direct example of your abilities and is the closest thing to being a penetration tester without having the title from an employer. Don't skip one for the other because you need to build your knowledge and skills, and then actually prove your abilities.
CySA+ and BTL1 are geared towards a similar audience but you'll get more benefit out of the hands-on learning with BTL1 especially if you want to work in a Security Operations Center (SOC).
Cysa+ meets DOD 8570 at the IAT II and multiple CSSP roles. BTL is way too new. CCNA CyberOps certification is best for working in a SOC. It covers everything and it requires hand on practice knowledge.
I've never seen somebody favor the CySA+ over the Security+ to meet the DOD 8570 (now 8140) but of course that doesn't mean there aren't exceptions. The CCNA CyberOps is definitely another comparable certification in that category. I wouldn't do the CCNA CyberOps unless you had the official training, which costs about 50% more than the BTL1 but of course Cisco has a lot more money to make their training top notch.
Currently i work on SOC. And i have experience hands on SIEM monitoring with azure sentinels and Qradar. Also for SOAR i hands on with resilient. For firewall i hands on F5, fortigate. And for now i learn with udemy course and youtube for aws security specialists. I hope i will pass the exams
Please kindly make a video of what are the top best free Cybersecurity certifications, I and many other people's doesn't belongs from any fortunate, well to do families or countries, so it will be very very useful for us
Unfortunately there aren't really any free certifications that are worth pursuing. I would check out my videos on how to get experience so that you can work towards either having the budget to pursue the high demand certifications or landing a job with a company who is willing to fund your studies. You will also want to be on the lookout for scholarships that you can apply to with Cisco, CompTIA, ISC2, etc. where you might be able to get free training (sometimes even certification attempts).
Hi I'm m in the process of obtaining the following for 3 certifications from SANS ... SEC275 Foundations & GFACT Certification... The second course you will take is SEC401 Security Essentials & GSEC Certification.... The third and final course you will take is SEC504 Incident Handling & GCIH Certification ... I have zero IT experience and just wanted to know upon completion of these certifications what type of job can I get?
No certification will guarantee you a job but GIAC certifications are certainly beneficial to possess. The GFACT isn't really going to do much but the GSEC and GCIH are absolutely certifications that employers like to see, especially in SOC (Security Operation Center) staff. The GIAC certifications will absolutely give you a good security foundation but you won't get some of the IT foundation that you should have in the career field. I recommend also looking at the roadmap in my free eBook ( jongood.com/getstarted/ ) to identify and resolve any gaps in knowledge/skill that you might have. From there it will be about how well you present yourself to employers and your ability to find an opportunity matching your skill/knowledge level, which in theory should be plenty for an entry level security role.
Hey I need ur help to get me to understand my type of technology.. I like to watch analyze isp/traffic and making corrections what feild is that??? Plus these are the list of certificates I'm able to get 1( computer sciences)2( computer systems and security privacy)3( information technology management) plus I work for Amazon so they pay for schooling $2,625 and 5k yearly. Can u please explain which field is best for me I consider myself a a watcher
The term that you are referring to is network monitoring or network security monitoring (NSM), but can you clarify what you mean by "making corrections?" IT teams monitor network traffic to make sure everything is working properly and they will make corrections, however in many situations, security roles are moving into more of an auditor-focused role instead of making corrections themselves. As far as the certificates that you mention, #2 is the only one that I would expect to talk about network monitoring or NSM in any capacity.
It actually says that it's "intended for individuals who perform a security role and have at least two years of hands-on experience securing AWS workloads"...not that you must have two years experience. They are basically saying that it will make things a whole lot easier to prepare and pass if you've been working in a job that is responsible for securing AWS.
Q: as an 18 year old struggling with college i wanna get my cybersecurity certification and was wondering if i start lower with security+ to gain experience would i have a better time working my way up with certifications through the years?
There are plenty of people that struggle in education so make sure that you ask for help early if you need it and take advantage of tutoring or anything else that could help you. I'm not exactly sure what you mean by lower because in reality, everybody starts at the bottom with the foundations. All of my certification and skill recommendations are listed in my free eBook's roadmap ( jongood.com/getstarted/ ).
Yes that is a good idea! I'm also a freshman college student and was able to get my security+, and since then a lot of recruiters have been reaching out to me. Also get hands on experience if you can in your free time.
It depends on what you're trying to accomplish and where you are in your career. If you aren't close or beyond meeting the experience requirement of the CCSP ( www.isc2.org/Certifications/CCSP/experience-requirements ), then I wouldn't recommend even trying to take it until you satisfy the requirement. Beyond that it depends if you want/need general knowledge of how the cloud works and how to secure it or you are actually looking to work in cloud (or cloud security). The CCSP would be good for general knowledge but vendor specific knowledge (AWS / Azure) is great if you need to know more specific details about how things work.
I recommend checking out my free eBook ( jongood.com/getstarted/ ) where I provide a roadmap of the skills and certifications to pursue in the appropiate order.
You can find what AWS recommends here ( aws.amazon.com/certification/certified-security-specialty/?ch=sec&sec=rmg&d=1 ) but you need to make sure you understand how networks work and I would get at least the AWS Solutions Architect Associate so you understand how everything in AWS works.
The intended audience of the CISM is actually pretty small compared to others because it's geared towards those running a security program. The CISM doesn't tend to lead to a big jump in career progression since people who get it tend to already be in management (per the requirements) and likely have a CISSP or several other certifications. The CISM would probably make the cut for an "expanded list" but not for the top choices.
The main appeal for the C|EH these days is that HR departments know what it is. To be honest, even now there are better options that are becoming widely recognized which has led to the C|EH value being minimized.
According to Google, "a certificate is evidence of education, while certification is evidence of passing an exam." BTL1 is not awarded simply on completing the course and requires you to pass an exam, therefore it is a certification. Thank you for watching!
Sir, I just get admission in Bs cyber security so could you please tell me which certification is batter for me. I hope that you will provide me a better advice.
You will definitely want to check out my free eBook ( www.jongood.com/getstarted/ ) where I give a roadmap of skills and certifications. I also talk about degree programs and the types that exist.
The only way to get the experience is to be in a role where you get to lead projects (usually a mid to senior level tech job or higher) or get a job as a project manager. There isn't any way to substitute the experience to meet the requirement.
The official training and topics that you learn are fantastic but when it comes to market awareness and adoption, it's just not there. There are much more appealing certifications to employers.
The criteria that I used can be found at the beginning of the video but specifically the OSCP applies to a smaller amount of jobs when compared to the overall picture. It's not that you can't learn good information from the OSCP but there are better options if you aren't specifically focused on pentesting.
Penetration Testing jobs make up a very small percentage of cyber security jobs and the Pentest+ itself will teach you some good information but it won't turn any heads for those types of jobs. The best certification choices are going to have a high demand and will be focused on how things are evolving in the industry.
Hey! I'm in high school, going to try to go to college for 5 years. Hopefully this is a co-op program. I'm going to get my Bachelor's in Cybersecurity. I want to start off by becoming a Security Architect, and eventually become an Chief Info Security Officer. I'm struggling. I'm only 18. I want to get some of these certifications before starting college. There's many issues with this. #1 - Renewing so many certifications is a lot of money and studying at once #2 - Getting all of the certifications I felt like needed, adds up to 10 certifications just from CompTIA alone. #3 - I don't exactly know what certifications I need to become a security architect realistically. #4 - I don't know what exact degree I should get to excel in the cybersecurity field. I am very intimidated and need guidance, help please! The certs I've got that I want on my list: #1 - CompTIA IT Fundamentals (ITF+) #2 - CompTIA Project+ #3 - CompTIA Server+ #4 - CompTIA A+ #5 - CompTIA Network+ #6 - CompTIA Cloud+ #7 - CompTIA Cloud Essentials #8 - Security+ #9 - CompTIA CASP+ #10 - CompTIA CySA+
My first question is why 5 years in a college program? Standard undergraduate degree programs, at least in the United States, are typically designed to take around 4 years and if it were me, I would opt for part time employment (or internships) over a co-op program that unnecessarily adds an additional year. You can also take summer classes to expedite your program if you want, however the choice is yours...just make sure you evaluate all of your options. Setting out to be a Cyber Security Architect is a great goal, but keep in mind that an architect position is not typically entry level. People most commonly go from Analyst > Engineer > Architect, however some will go from either Analyst or Engineer directly Architect. The main point here is that as an Architect, you need a higher level of understanding for how everything works together, which comes with experience because it's not just about how things work in theory (from books or trainings). As far as certifications, getting everything that CompTIA offers is unnecessary. Check out my eBook's roadmap ( jongood.com/getstarted/ ) where I have already provided a path of what to learn and when. Also keep in mind that certifications lose value over time, which means if you run out and get a bunch right now before you are working in the field, both their value in the eyes of employers and your knowledge "gained" will have diminished. Additionally, technology changes over time so you would also have to keep up with a bunch of topics that you aren't likely using, which will be both painful and unproductive.
@@JonGoodCyber Thank you!! So I'm going to try to get into a co-op program at my college. Which is why they add an additional year unfortunately. Regardless, my goal is making $100,000 a year. But I found the Architect position closest to a fit of what I wanted to do as well. Since the certifications will lose value if I do them very early on... What can I do now to set myself up for success?
As I referenced in my previous comment, check out the roadmap in my eBook. The path that I've provided will keep you from cramming unnecessary learning into your journey with enough flexibility so that you can complete your degree program. Keep in mind that doing well in a degree program is probably more difficult than you're expecting coming out of high school so your number one priority should be the program courses, not certifications or anything external.
CISM is really only worth it if a specific job posting is asking for it and because HR has heard about it so adds it to the list. CISSP checks all the boxes anyways, CISM is overlap and a “gravy” cert.
Agreed...the CISM focuses on management positions in charge of security programs, not the operational aspects that most professionals are going to be doing day-to-day. This makes the audience much smaller unless you are working in the defense arena in the U.S. where they will accept CISSP or CISM for a lot of the same positions.
The eJPT is an entry-level penetration testing certification and although it has good information, when compared to all of the cyber security certifications that exist it doesn't make the list of top choices.
Employers/ recruiters don’t give a damn most of the certifications, instead they value skills/ hands on experience. People w/ a couple of certifications struggle to get jobs while people w/ no single cert. but with hands on skills get hired right away.
There are a lot of factors that go into landing a job and there is no question that certifications PLUS experience look far better than just having one or the other. In regards to your statement, I would highly encourage people to not disregard certifications because they do hold professional value and if nothing more they help employers sort through candidates that look about the same on paper.
![Gunna - HIM ALL ALONG [Official Visualizer]](http://i.ytimg.com/vi/HiCxoDeo0hc/mqdefault.jpg)
I've been watching a lot of your older videos, it's amazing how you have progressed in your presentation skills. keep up the good work!
Thank you for the feedback and I'm glad that you enjoyed the video!
Can I just say a HUGE THANKYOU for this channel!
You're welcome...I'm glad that you enjoyed the content and thank you for the support! Make sure to share the channel with your coworkers/peers/friends/family/etc. if they will get value out of it too.
I was watching the other video, for 2021 Certs, but I found this, for 2022, Nice bro, you are doing a good work for analyzing Cybersecurity Industry, Thank you
Glad you liked it and thank you for the feedback!
Thank you for this amazing video! I'm still senior at high school, but I've already started to think about getting a certification that would help me get a decent cyber sec job in the future. And you're really good at helping people!
I'm glad that you enjoyed the video! The demand for Cyber Security is growing all the time and it continues to be a great time to break into the career field.
Thank you for the video! It helped focus my path. I have 9yrs of experience in IT, I have my CEH and Security+. I'm halfway done with my MS in Cybersecurity Information Assurance and I am also studying for my PMP. I'll definitely be looking into the Blue Team for the hands on certification and I had been avoiding CISSP, but it looks like I'll have to such it up and get that too lol.
Glad to help and thank you for sharing! Looks like you are off to a great start.
@@JonGoodCyber Hey Jon, nice list. I have Security + ,and I am having problems getting into the Cyber Security field even finding entry-level position here in Toronto-Canada. I should mention that I am currently doing PAM analyst work but I am more interested in Information/Cyber Security field. I wanna get your opinion or thoughts on obtaining CEH, or CCNA Cyber Ops or eJPT certifications.
Unfortunately no certification will guarantee you a job but it is one componenet that can help you at least get an interview. I recommend grabbing my free eBook ( www.jongood.com/getstarted/ ) for a roadmap of skills and certifications that I recommend pursuing and that will put you in the best spot with what employers are looking for in cyber security staff. Are you getting interviews? If not, your resume probably needs to be improved and geared towards the kind of role that you want. I recommend checking out my video on resumes if that's the case. Also, just to be clear PAM (Privileged Access Management) or IAM, is a cyber-related job role.
Regarding the three certifications that you list, the Cisco Cyber Ops Associate (hasn't carried the CCNA title for a few years now) is the most valuable of those three but I would refer to my eBook roadmap for what I specifically recommend.
After watching this video, I am definitely going to complete the certification in CompTIA, I have already been learning the command guide while studying for certification in cyber security and networking in Australia. Learning coding, especially Python, is also an advantage.
Awesome! Thank you for sharing and good luck.
Hey Jon, currently tackling CISSP and I passed the AWS CCP earlier this year. I Wanted your thoughts on the AWS Certified Security Specialty vs the CCSP. I feel as though the AWS path is still quite technically focused. As someone in GRC, aiming for management/CISO positions…Which do you think would be best to aim for?
You are correct in that the AWS path will require more technical knowledge and skills. Typically I advise people down the AWS Solutions Architect Associate path before they get the Security Specialty because frankly the CCP won't give you enough knowledge about AWS outside of basic services. The CCSP is an acceptable alternative if you are just looking for broad knowledge of how cloud and cloud service providers operate, although it's not as widely recognized. Depending on the specific GRC/management role, the CCP might be good enough for a while on cloud knowledge and something like the CISA might make more sense. Every situation is different but if we are talking in general and just looking at the AWS certificate versus the CCSP, then in your situation the CCSP might make more sense. For GRC and management positions, you aren't typically going to need deep-level technical knowledge, however if you work at smaller companies you might find yourself being more "hands on" even in a management role.
@@JonGoodCyber I am new to this field, here studying for my first certification, security+. Would it make sense to do both AWS and network+? I am hoping to seek an entry level position aftr passing security+. Also, I want to pursue another cert immediately after. What's your recommendation? I still trying to find out what area suits me most.
You absolutely need to know about networking for any job in IT or cyber security because it's the foundation of everything and it's going to be pretty hard to land a job without knowing how networks and systems communicate. Cloud isn't necessarily required for entry level jobs but long term and as you start to get experience it will set you apart from your peers. I recommend checking out my free eBook ( www.jongood.com/getstarted/ ) where I provide a roadmap of skills and certifications for getting into Cyber Security.
@@JonGoodCyber I am currently studying cert 3 in IT (cyber security) at Tafe, once I complete the course I will do cert 4. Tafe offer network administration and networking. After reading your comments, would pursuing these qualifications definitely secure a career as a penetration tester? I am also studying Kali Linux and learning how to code in Python, Arduino and Android.
Nothing will guarantee you a specific job in this career field but there are certainly ways to improve your chances. If you want to be a penetration tester, then I recommend getting a good solid foundation in the basics first (networking, operating systems, cloud, and preferably some basic scripting/programming) that are all outlined in my eBook. Additionally, I highly recommend getting involved with bug bounty programs because that is a direct example of your abilities and is the closest thing to being a penetration tester without having the title from an employer. Don't skip one for the other because you need to build your knowledge and skills, and then actually prove your abilities.
Thanks for sharing this great info. What are your views on CySA vs BTL1.
CySA+ and BTL1 are geared towards a similar audience but you'll get more benefit out of the hands-on learning with BTL1 especially if you want to work in a Security Operations Center (SOC).
Cysa+ meets DOD 8570 at the IAT II and multiple CSSP roles. BTL is way too new. CCNA CyberOps certification is best for working in a SOC. It covers everything and it requires hand on practice knowledge.
I've never seen somebody favor the CySA+ over the Security+ to meet the DOD 8570 (now 8140) but of course that doesn't mean there aren't exceptions. The CCNA CyberOps is definitely another comparable certification in that category. I wouldn't do the CCNA CyberOps unless you had the official training, which costs about 50% more than the BTL1 but of course Cisco has a lot more money to make their training top notch.
Great content 💪💪🔥
Glad you think so!
Currently i work on SOC. And i have experience hands on SIEM monitoring with azure sentinels and Qradar. Also for SOAR i hands on with resilient. For firewall i hands on F5, fortigate. And for now i learn with udemy course and youtube for aws security specialists. I hope i will pass the exams
Good luck! Let me know how it goes on the exams.
Thanks for posting the list.
No problem!
Please kindly make a video of what are the top best free Cybersecurity certifications, I and many other people's doesn't belongs from any fortunate, well to do families or countries, so it will be very very useful for us
Unfortunately there aren't really any free certifications that are worth pursuing. I would check out my videos on how to get experience so that you can work towards either having the budget to pursue the high demand certifications or landing a job with a company who is willing to fund your studies. You will also want to be on the lookout for scholarships that you can apply to with Cisco, CompTIA, ISC2, etc. where you might be able to get free training (sometimes even certification attempts).
Hi I'm m in the process of obtaining the following for 3 certifications from SANS ... SEC275 Foundations & GFACT Certification...
The second course you will take is SEC401 Security Essentials & GSEC Certification....
The third and final course you will take is SEC504 Incident Handling & GCIH Certification ... I have zero IT experience and just wanted to know upon completion of these certifications what type of job can I get?
No certification will guarantee you a job but GIAC certifications are certainly beneficial to possess. The GFACT isn't really going to do much but the GSEC and GCIH are absolutely certifications that employers like to see, especially in SOC (Security Operation Center) staff. The GIAC certifications will absolutely give you a good security foundation but you won't get some of the IT foundation that you should have in the career field. I recommend also looking at the roadmap in my free eBook ( jongood.com/getstarted/ ) to identify and resolve any gaps in knowledge/skill that you might have. From there it will be about how well you present yourself to employers and your ability to find an opportunity matching your skill/knowledge level, which in theory should be plenty for an entry level security role.
Security + , AWS Security, CISSP, and PMP. Over 3 Years. LETS GO. Poggers
Good luck!
Hey I need ur help to get me to understand my type of technology.. I like to watch analyze isp/traffic and making corrections what feild is that??? Plus these are the list of certificates I'm able to get 1( computer sciences)2( computer systems and security privacy)3( information technology management) plus I work for Amazon so they pay for schooling $2,625 and 5k yearly. Can u please explain which field is best for me I consider myself a a watcher
The term that you are referring to is network monitoring or network security monitoring (NSM), but can you clarify what you mean by "making corrections?" IT teams monitor network traffic to make sure everything is working properly and they will make corrections, however in many situations, security roles are moving into more of an auditor-focused role instead of making corrections themselves. As far as the certificates that you mention, #2 is the only one that I would expect to talk about network monitoring or NSM in any capacity.
It says I need at least two years of hands-on experience in securing AWS workloads, what gives me that experience?
It actually says that it's "intended for individuals who perform a security role and have at least two years of hands-on experience securing AWS workloads"...not that you must have two years experience. They are basically saying that it will make things a whole lot easier to prepare and pass if you've been working in a job that is responsible for securing AWS.
Q: as an 18 year old struggling with college i wanna get my cybersecurity certification and was wondering if i start lower with security+ to gain experience would i have a better time working my way up with certifications through the years?
There are plenty of people that struggle in education so make sure that you ask for help early if you need it and take advantage of tutoring or anything else that could help you. I'm not exactly sure what you mean by lower because in reality, everybody starts at the bottom with the foundations. All of my certification and skill recommendations are listed in my free eBook's roadmap ( jongood.com/getstarted/ ).
Yes that is a good idea! I'm also a freshman college student and was able to get my security+, and since then a lot of recruiters have been reaching out to me. Also get hands on experience if you can in your free time.
Great video as always thank you.
Glad you enjoyed it
Nice job 👍🏻
To add to that I really appreciate your enthusiasm how you present is great as well.
Thank you for the feedback! I'm glad that you enjoyed the content.
Is it better to get CCSP cloud certification from ISC or AWS cloud certification?
It depends on what you're trying to accomplish and where you are in your career. If you aren't close or beyond meeting the experience requirement of the CCSP ( www.isc2.org/Certifications/CCSP/experience-requirements ), then I wouldn't recommend even trying to take it until you satisfy the requirement. Beyond that it depends if you want/need general knowledge of how the cloud works and how to secure it or you are actually looking to work in cloud (or cloud security). The CCSP would be good for general knowledge but vendor specific knowledge (AWS / Azure) is great if you need to know more specific details about how things work.
Ahhhh I’m just more confused now.
So can I just take the aws course and nothing else??
I recommend checking out my free eBook ( jongood.com/getstarted/ ) where I provide a roadmap of the skills and certifications to pursue in the appropiate order.
What about the CISM!?
The CISM has value but it isn't as valuable as a standalone certification compared to those on this list.
Do I need any kind of background before getting the AWS Security cert? I currently have the A+ and Security+ with some IT support experience.
You can find what AWS recommends here ( aws.amazon.com/certification/certified-security-specialty/?ch=sec&sec=rmg&d=1 ) but you need to make sure you understand how networks work and I would get at least the AWS Solutions Architect Associate so you understand how everything in AWS works.
I noticed CISM is not listed in the top 5. Why?
The intended audience of the CISM is actually pretty small compared to others because it's geared towards those running a security program. The CISM doesn't tend to lead to a big jump in career progression since people who get it tend to already be in management (per the requirements) and likely have a CISSP or several other certifications. The CISM would probably make the cut for an "expanded list" but not for the top choices.
Awesomesauce!
I'm glad that you enjoyed the video!
I noticed you did not mention CEH? I heard it’s not taken seriously anymore.
The main appeal for the C|EH these days is that HR departments know what it is. To be honest, even now there are better options that are becoming widely recognized which has led to the C|EH value being minimized.
Blue Team is not a cirtification it's a certificate. There is a difference.
According to Google, "a certificate is evidence of education, while certification is evidence of passing an exam." BTL1 is not awarded simply on completing the course and requires you to pass an exam, therefore it is a certification. Thank you for watching!
Sir, I just get admission in Bs cyber security so could you please tell me which certification is batter for me.
I hope that you will provide me a better advice.
You will definitely want to check out my free eBook ( www.jongood.com/getstarted/ ) where I give a roadmap of skills and certifications. I also talk about degree programs and the types that exist.
How do you get the experience leading projects for the pmp?
The only way to get the experience is to be in a role where you get to lead projects (usually a mid to senior level tech job or higher) or get a job as a project manager. There isn't any way to substitute the experience to meet the requirement.
Does actual hands on security officer experience benefit the resume at all? Or is it all about cyber tech
It depends on the type of job but some will value it more than others because they can leverage that skill set (red teams, compliance teams, etc.).
Can u suggest an entry level certification for cyber security in 2022?
Check out my video on entry level certifications for 2022: ruclips.net/video/Ic51WOEhsOs/видео.html
Jon Good post a video , I watch 🤷🏽♂️ simple man !
Thank you for the support!
What about cisco cyberops? How it looks vs other certs?
The official training and topics that you learn are fantastic but when it comes to market awareness and adoption, it's just not there. There are much more appealing certifications to employers.
what about OSCP?
The criteria that I used can be found at the beginning of the video but specifically the OSCP applies to a smaller amount of jobs when compared to the overall picture. It's not that you can't learn good information from the OSCP but there are better options if you aren't specifically focused on pentesting.
How about the pentest+ how does that stack up
Penetration Testing jobs make up a very small percentage of cyber security jobs and the Pentest+ itself will teach you some good information but it won't turn any heads for those types of jobs. The best certification choices are going to have a high demand and will be focused on how things are evolving in the industry.
Hey! I'm in high school, going to try to go to college for 5 years. Hopefully this is a co-op program. I'm going to get my Bachelor's in Cybersecurity. I want to start off by becoming a Security Architect, and eventually become an Chief Info Security Officer. I'm struggling. I'm only 18. I want to get some of these certifications before starting college. There's many issues with this.
#1 - Renewing so many certifications is a lot of money and studying at once
#2 - Getting all of the certifications I felt like needed, adds up to 10 certifications just from CompTIA alone.
#3 - I don't exactly know what certifications I need to become a security architect realistically.
#4 - I don't know what exact degree I should get to excel in the cybersecurity field.
I am very intimidated and need guidance, help please!
The certs I've got that I want on my list:
#1 - CompTIA IT Fundamentals (ITF+)
#2 - CompTIA Project+
#3 - CompTIA Server+
#4 - CompTIA A+
#5 - CompTIA Network+
#6 - CompTIA Cloud+
#7 - CompTIA Cloud Essentials
#8 - Security+
#9 - CompTIA CASP+
#10 - CompTIA CySA+
My first question is why 5 years in a college program? Standard undergraduate degree programs, at least in the United States, are typically designed to take around 4 years and if it were me, I would opt for part time employment (or internships) over a co-op program that unnecessarily adds an additional year. You can also take summer classes to expedite your program if you want, however the choice is yours...just make sure you evaluate all of your options.
Setting out to be a Cyber Security Architect is a great goal, but keep in mind that an architect position is not typically entry level. People most commonly go from Analyst > Engineer > Architect, however some will go from either Analyst or Engineer directly Architect. The main point here is that as an Architect, you need a higher level of understanding for how everything works together, which comes with experience because it's not just about how things work in theory (from books or trainings).
As far as certifications, getting everything that CompTIA offers is unnecessary. Check out my eBook's roadmap ( jongood.com/getstarted/ ) where I have already provided a path of what to learn and when. Also keep in mind that certifications lose value over time, which means if you run out and get a bunch right now before you are working in the field, both their value in the eyes of employers and your knowledge "gained" will have diminished. Additionally, technology changes over time so you would also have to keep up with a bunch of topics that you aren't likely using, which will be both painful and unproductive.
@@JonGoodCyber Thank you!! So I'm going to try to get into a co-op program at my college. Which is why they add an additional year unfortunately. Regardless, my goal is making $100,000 a year. But I found the Architect position closest to a fit of what I wanted to do as well. Since the certifications will lose value if I do them very early on... What can I do now to set myself up for success?
As I referenced in my previous comment, check out the roadmap in my eBook. The path that I've provided will keep you from cramming unnecessary learning into your journey with enough flexibility so that you can complete your degree program. Keep in mind that doing well in a degree program is probably more difficult than you're expecting coming out of high school so your number one priority should be the program courses, not certifications or anything external.
@@JonGoodCyber Got it. Thanks so much!! Will my employer care about my college GPA?
It's very rare that an employer will even ask about your GPA, let alone care what it was as long as you graduated.
First time here. In a lighter side,I thought u were Simon Pegg
I'll take that as a compliment and thank you for watching!
What about the CASP+?
Although from a knowledge standpoint the CASP+ is useful, the certifications in this list should be a higher priority.
CISM and Sec +?
CISM is really only worth it if a specific job posting is asking for it and because HR has heard about it so adds it to the list. CISSP checks all the boxes anyways, CISM is overlap and a “gravy” cert.
Agreed...the CISM focuses on management positions in charge of security programs, not the operational aspects that most professionals are going to be doing day-to-day. This makes the audience much smaller unless you are working in the defense arena in the U.S. where they will accept CISSP or CISM for a lot of the same positions.
@@davidmarino7894 What is a gravy cert? I can't even find that in the urban dictionary haha.
What about EJPT
The eJPT is an entry-level penetration testing certification and although it has good information, when compared to all of the cyber security certifications that exist it doesn't make the list of top choices.
Employers/ recruiters don’t give a damn most of the certifications, instead they value skills/ hands on experience. People w/ a couple of certifications struggle to get jobs while people w/ no single cert. but with hands on skills get hired right away.
There are a lot of factors that go into landing a job and there is no question that certifications PLUS experience look far better than just having one or the other. In regards to your statement, I would highly encourage people to not disregard certifications because they do hold professional value and if nothing more they help employers sort through candidates that look about the same on paper.
@@JonGoodCyber Cosign
You obviously have not been on the job market over the last year buddy.....
Super secret list? C’mon.
Not a secret anymore! Thank you for watching!
Great content. Thank you! :)
Glad you liked it!