the reality vs. expectation in cybersecurity.

The I.T as a whole industry is effected by burn out because of the constant up keep in skillsets and technology changes. Doesn't mater if you are a Software Engineers, DevOps Engineers, Sysadmin, Network Engineer... This is expected in this kind of field.

Decided to go back to school for cyber security thinking i would land an entry level job. I passed all of my classes with A's but couldn't get an interview. Was never told to try and get a job in the field while in school. I ended up getting a job in supply chain logistics and killing it because of my experience in SQL. I don't regret going learning and it kind of helped me get into what I'm doing now.

Thanks for being honest with the people. There are a ton of people out there selling something giving people the idea that they can easily get into security. I have 25 years of experience in the industry and it pains me to see some of the ways beginners are being misled.

Grant has done a great job of giving a fat reality check in the field of Cyber. This is a complicated field, only for those truly passionate and dedicated enough to fulfill the missing skill/talent/experience that's needed.

It isn't really about skill or degree it about who you know" facts right there another tech youtuber had said the same connections do matter in this industry.

This is correct , the daily work is mostly of triaging the incidents, closing the tickets on soar , reviewing dashboards, giving shift handovers. The burnout is real when you are the only one to tackle the red team incidents , learning new skill sets but I believe this is what we do as in Cybersecurity. We are on a thrill of not getting the company compromised. Learning new ways to defend and harden the security posture.
Huge Respect to our community and I am proud to be in it.

I'm learning Linux with the expectation of getting into cybersecurity, and your videos have given me so much. I appreciate that you make these honest takes and share them for free for all of us curious souls

I love your honesty you come across as a genuine person. I love that.

Let me start by thanking you for putting together a video such as this stating the nature of such things. I completely agree with you when you stated that if you are not learning something new every day, you feel as if you are going to get left behind or you feel inadequate. That is something that I feel as well when I wake up every day and I go to work. Its a personal struggle for sure for many people not just those in Tech. The Cybersecurity world has a lot of glamour to it and a bit of a romantic side even but the true nature is that it has a lot of information and a lot of constant work need in order to stay one, two, all the steps ahead of an attacker. Thank you for creating this and sharing this with the the ones who truly need to hear/watch it.

I’ve just started working in cyber a few months now, and I can already agree with the points that you bring up in this video, but I wouldn’t want it any other way. Great video Grant!

It is a very interesting industry and the advice I'd give to newcomers would be:
1. Make sure you are having fun (it's a fun job after all)
2. Stay hungry
3. Be curious about everything
4. Work on your work life balance and stress management
5. Knowing when and how to take a break
6. Find friends, colleagues who are passionate about this field. Work on things together, discuss the topic together. You'll grow together
Good luck

I love how real you were in this video. It is needed because a lot of people are selling how easy it is to get into this industry. It requires dedication. I also love how you talked about burn out. It is so true. Thank you for being real.

the reality is that breaking into any major industry is tough. most people are sold on this idea that just getting a degree alone or some certs means you get the job and it's all sunshine and rainbows. it's a lot of work but nothing that should turn you away if you have a passion for this side of the teach industry.

Thank you for the honesty!❤️🙏🏼

Love the honesty, thank You !

I love this video because you were being real. Much respect

Great job setting the record straight, Grant

I'm in industry for over two years as Incident Responder and I agree with most things you mentioned. Getting into this field and maintaining high level of engagement requires dedication. Navigating through different expectations (self included) is challenging and can lead to burnout periods without focus on sustainability. All my cyber people, be brave, choose conscious and be kind to yourself !

Great content man keep it up

Cyber is definitely a constantly changing field

Great video Grant. Made it very easy to hit the subscribe button.

Thank you for this honest clip

Thank you so much for this video! Keep them coming brotha, I love the realistic take.

the alert fatigue really hit home. as i just started gettin into IT and i have other interests that require alot of studying. my time management has gotten more tight, i personally have to work intervals throughout the day and then take a walk or stretch and eat or something. as well as planning time to take a step back from everything (perhaps a vacation) when u can. i do look at the internet/techonolgy as the digital universe and just like our universe, theres so much to cover, adapt to and take in.

You are doing good work with these vids bringing out the reality of things. I think the industry is getting a reality check for years of unrealistic expectations over the years. You definitely have to have a passion for it too - burnout is so real lol so thanks for bringing that up

Hey Grant! Great video, also loved your last one on IABs. Been subscribed for a while now, we were on similar paths when I found your channel as I went back to college from 2018-2021 and got an IT and Cybersecurity degree. Ended up in a do-it-all type of IT position in local government. This is random af but would you want to start a podcast? I think it would be cool for us to be able to talk about our real world experiences as early career IT professionals that could really help a lot of people exploring or getting into the industry. Could also talk about hot topics in IT and I think we would mesh well together. Either way, keep up the great work man and I continue to follow your journey!

I agree with all the points you just mentioned. I am a fresh graduate with CS background and am jumping into cybersecurity.

Thank you for sharing the information and the experience you went through

Love that quote "more of a talent and experience gap".
Interesting you are seeing the politics side of cybersecurity after year 2. Its 100% a company culture issue. Not every company is all in with their cybersecurity program. The most valuable skill you can grow (over any technical skill) is to learn how to "sell" the needs of the Cybersecurity program BEFORE a breach.

Getting my associates degree next semester and I’ve come to realize that there is still tons of information that I have yet to learn. I’ve also had no luck finding a internship or job in any IT related role. Although this sort of makes me want to just give up I’m going to keep on learning new material and implementing it any chance I get. Your videos are very influential and realistic compared to other channels big s/o to you for keeping it real!!

Maan, you are spot on what I am feeling. This is reality. I have been working as a non-experienced cybersecurity analyst and all 3 point are exactly what I have been realizing, it is a lovely career but you can not stop learning, there is just so much to learn.

Great video. For me as a person who is working at non-skilled job and learning some python programming for data science and data analysis at online university courses. I already know a lot about the tough realty that I live in. Companies are hiring people with recent experience.

You post and I drop everything almost immediately to hear what you have to say. lol. Going into year 3 myself and I feel burnout often. I do security, privacy, AND compliance on my team and they all take different approaches. I have to know some of everything from securing infrastructure to knowing different laws and even project management and auditing. I run off the clock at 5 and don’t look back.

This applies to many IT positions, or even many skilled, non sales positions. Definitely how hard it is to break in, but also the hurdles to accomplish anything as a junior associate.

automatic follow after this video. I am currently half way through my degree and this is the most important thing I have consumed. I appreciate the content

I'm a Cyber Threat Analyst for a MSSP and I thoroughly enjoy it. Surprisingly, it's not the actual job that I enjoy the most it's the environment that I work in. I've been able to reach out to cross team members and have them train me on certain things and be apart of different projects to upskill. Looking at logs all day has gotten pretty mundane and I'm searching for more of a challenge.

I just landed an analyst position with a market leader and I think it was more timing than anything that landed me the role. There's literally hundreds of jobs advertised, but they all require years of experience, so as a student without professional experience you are going to be fighting to get your foot on the ladder. That being said, it's not impossible, just keep working towards it and take any IT job to get your experience started.

Decided to change careers late in life …15 years of loss prevention/investigations and now studying for my A+ and Security+. Learning a whole new skill set and looking to break into an entry level IT job. Thanks for an honest video. Lots of these boot camps just make it seem like you’ll have a job lined up after completing it and that probably isn’t the truth always.

humble and honest.

Intellectual curiosity and self motivated lifelong learning are both things that really help as well..

Thanks for another great vid

Thanks for sharing, I'm about to start my first job in the industry after a long period of studying and working hard to get into it. Excited to be on the journey

Thank you, Grant.

Thanks for your content it's very enjoyable! - Keep up the good work!

I think to cure of the negative aspect of cybersecurity, the best way is to work remotly while travelling with a disciplined time management, or just freelancing , this is how I reduce stress and burnout , the whole thing is about companies.

thank you for saying that all!

Still in my first year as a cyber security analyst and it's been non stop learning. Previously, a L2 support for 4 years, but this one year alone has shown me how little I really know. That said, it's a rewarding role since you're constantly learning day in, day out.

I hear the Cybersecurity domain map helps a lot when it comes to finding a way in based the path you want to take

Currently in my last semester of undergrad studying cybersecurity and I'm realizing that I really should've taken the time through my studies to maintain my technical skills. I've got Sec+ and currently "backtracking" to Net+ to get a decent refresher on networking. I'd say my biggest regret was not trying to get experience while in school but I'm optimistic about the getting into the field end goal rn is pivoting into cloud security.

Completely agree with your comments about an organization's culture and people impacting how security happens at a company, and wanted to add that I think there's a gap between "skills that people think are needed" and "skills that are needed." My first role in security came after 14 years of working in other industries and slowly floating in the security direction. My current role is 80% non-technical and I feel an enormous pressure to upskill and am doing so, but also find that I'm able to make big impacts by more general business/communication skills, like running productive meetings, following up on emails that I haven't gotten a response to, and remembering that last time I talked to X person, their pet was at the vet, so asking about that.
I, too, am coming up on over two years in my first security role and am trying to build longevity in the industry. Figuring out what to learn and do next is tough - there's SO much! Thank you for posting and sharing your thoughts. Good luck to you!

I am just getting into it and so far I love it. Sometimes it can get overwhelming but I've always loved to learn new things and be that guy that Is always finding a program or a better way to be efficient. I get board i love solve problems. I also quit and all my cards are on the table. I'm hoping once I gain a little bit more experience I hope I can find an entry level job. 😅

wow so relatable mate! Sometimes I think to switch careers to become a developer.

Not exclusively in cyber security but the IT burn out is real. Been in it 8 years and I'm starting to wish I was cutting lawns for a living. At least I'd be outside lol.

Really appreciate your effort and do watch your videos thank you Mr)

Those cybersecurity carreer videos lead me to reevaluate and rethink some important stuff i need to come to terms with since my last burn out in the industry. I'm writing a journal about it, and i find your content inspirational. Thanks for the upload!

Been trying to break into it for 2 years now. Stuck on Hell Desk, which is also repetitive.
I have no illusions about the grass being greener on the other side, but getting a company to take a chance on you so you can at least earn experience in the field to put on a resume is daunting.
Not much else can be done about the situation other than continuing to upskill outside of work.
Great video btw.

Bravo to you Gran

My experience from working on and off in it support for 3 years is that i got burned out from it. It sucks to lose your passion for something. A part of me wants to stay in it, but another part of me wants to do something else. It's frustrating being stuck like this.

I've been a firefighter for 7 years now and I wish I knew how much I would be struggling financially before I jumped into this career. Don't get me wrong, I love my job and no matter what I decide to do this will forever be the best job I'll ever have. Unfortunately, it doesn't pay well. I've been thinking about getting into cyber security and it stresses me out thinking I might not be able to land a job for a couple of years after I have all my certifications and entry level jobs such as front desk might not pay well either.

I agree with your take on it. Realistic expectations are important.
I've had several people ask me how to get into the space from unrelated careers and I'm self taught on everything with over a decade of professional IT experience alone and 25+ years as a passionate hobbyist tech nerd, so I have no idea how to even answer that, other than to tell them to focus on building their skill set - it's all employers care about, including me when I'm scouting for new team members.
To understand security, you have to first understand how everything works before you can understand how to secure it - it's the first thing everyone should learn but the last thing to be capable of fully understanding. It's not something anyone can easily just jump into - you level up your skills over time and expect to start small, especially if you're not technically inclined and have no experience - no one's gonna pay you 80k a year if you've been working at Kohl's the past decade unless you can show you have the skills to be worth that much.
Can you do the job or not? - is all that matters to employers.
But once you have the skills and are armed with knowledge, you can go anywhere, certs or no certs, and just be like "K. Ask me shit doe." Answer their questions and they're gonna want you like the hot girl at the dance

The silver lining about those entry-level jobs vs the higher paid positions is that once you finally break in, you begin to understand exactly how you can grow into those higher up positions. I'll be hitting that 1 year milestone this year and I feel like I'm basically in the same spot as you. On top of the alert fatigue, I've noticed that sometimes I'm the only one taking a critical approach to our processes. Which is good for me, but it kind of puts me in a lose-lose situation because if I identify a new issue, guess who gets assigned all the work to fix it? 🙃

I agree with everything you said Especially the skills gap. They key is if your company is not huge with lots f different types of cyber professinoals you have to real continue to learn and study outside of your job laerning new things. If you dont do that you will stagnate and have a hard time moving up. Interviewing alot of candidates for mid to senior positions alot are too tool oriented without fully understanding the fundamentals of logs, what a compromised device would potentially look (lateral movement, exfiltration, kerberos attacks, etc..) If you have a solid understand of those things without using qradar or crowdstrike I think quite a few hiring managers would take anyone for junior- mid positions.

I'm a SWE with 6 YOE. I am looking to make the switch over to cyber security (have a road map of the certifications i want to get). Once I am ready would i still be applying to entry level positions or would my SWE experience let me apply to more mid level?

There are not unfilled jobs in cybersecurity. Maybe there should be to protect our data but there is no money for it. Security is always considered optional and is the first thing to be cut.

#3 is common for IT in general. At one of my job, alot of people were new to IT (1-3 years) and I can tell they were suffering from burnout. Once you hit the 5 year mark in IT you are a lifer and that's really when you can get the high paying jobs

To help with overload/learning is to do it at work if possible and once you're off....DONT THINK ABOUT IT. Sure I'll read an article here and there but being able to close my laptop and go on with my day/life is great and needed to be fresh.

I’m literally in the same position as you were in, I just finished my degree and have a few certs under my belt. Iv been applying for jobs online since I graduated 2 weeks ago. How would you recommend getting my foot into the door? Looking for internships/graduate programs?

Dude I’ve been recently experiencing every single thing you said about feeling like you’re not growing, falling behind and even imposture syndrome. I appreciate you mentioned this is something you have to deal with, but I was curious to know, how you deal with this on a day to day. I recently experienced heavy burn out on my consultant/pentest job by over working my self because of those reasons you mentioned, and I wanted to know what your approach to this is. I know it’s not a straightforward answer but even a small advice can go a long way as I know it’s a process.

The defense in depth buzz word is important, it's a really sound strategy for hardening.

I started my first job in cybersecurity a little over a year ago, after about 3 1/2 years in support and I have to admit that I got a little burned out after about 6 months. Mainly, I think I went a little "too hard" my first several months and was literally doing nothing but "cybsersecurity related" activities (finishing school, HTB, reading, podcasts, other things). I definitely found that you need a balance like any other job and it's okay to not further your knowledge every second you're not working. After I found a balance, I've definitely been more at ease and enjoy the space more.

Sometimes i feel the hardest part of the security side of IT is not, knowing what the attacks are, how to defend against them, or even how to perform them. The hardest part is just convincing the companies and their users to go along with solutions and pay for them when necessary. You have to be more of a salesman than an IT professional. Especially because if there is a major security incident, even if you offered a solution that was rejected that would have prevented it, you're still going to be blamed for it.

Love the take, but as someone who was born in a poor community trying to get into cybersecurity I can never be burn out of it just because the financial gain of it. Its my motivating factor for me to get more certs, more networking with people, going to tech conferences, learning something etc. Idk who can relate but thats my take on being burnt out.

i was hoping to get some tips on if i should go to college for cybersecurity or not? community college, or just getting certifications online? thanks!

Hey Grant, I am currently seeking a change in career and I was looking into the tech world like coding or cyber security. But was planning on taking on a bootcamp. Would it be worth it to do that? Or is it best to look for another career path, your input would be huge to me. Thank you!

I have recently thought about how much psychology would be beneficial for cybersecurity such as criminal psychology and organizational psychology. At the same time I am about 9 months away from having my degree and will be starting my job hunt soon.

I have 30 years experience in Networking and Office IT and Data management... what certifications do you think I need to pursue ?
Also what Apps /software or hardware is common to detect network attacks and subsequent fixes ? Are most networks UNIX ? or Windows ? or does it even matter ??
Thanks for your hard work.

So true so right 😢 mutual feelings

What certifications do you have ? As fir secyryry penetration testing?

Do you think going through modules on HTB academy, doing CTF's and getting certificates count as experience? Would a junior system administrator with one year of experience even qualify for a SOC analyst job?

as someone who’s looking to get into Cyber can anyone who has a job in it tell me if they still have time for hobbies such as meeting up with friends or playing new story games when they come out?

so, I am just now (in my early 30's) moving to try and get into Cybersecurity. working on my Sec+ now actually. I skipped the college route when I was young because I went to a technical school as part of a High School program and got my A+ cert and did a lot of hands on CCNA training. Jumped right into the IT industry and I've been in general IT desktop support tier 1, 2, and now consider myself more at a 2.5/3 level after over 10 years in. I am concerned that even when I get my Sec+ cert it wont be enough without a degree at most places. Its hard to find advice since a lot of what I find out there about "breaking into the industry" has to do with fresh students coming into the field vs other IT professionals transitioning in. Would you have any advice for what I could do to help get a foothold in, or something I can do to my "portfolio" to maybe stand out?

Would you think it’s a better route to take Software Development vs Cybersecurity? Both of these fields are growing significantly with the latter increasing based on what I’ve researched. Though, to get your foot in the door requires projects to present to potential employers as your “hands on “ experience. The degree and or certificate can help, but need to showcase your ability to either code or know the intricacies of either of these two career paths.

Hey great video. Thanks for sharing this with everyone! I have a question. I am considering getting into this line of work and have a window of maybe 2 or 3 years where I’m financially set to go for a new career. I have a (pretty poor) honours degree in accounting and finance, but didn’t like it. Got a job in a tech company working in merchant service (like customer service) and moved my up to be a senior specialist and have been there 7 years. But I find the career going nowhere and want a change into something more challenging but also something I can spend hours on and build a better career from. I’m 34 tho. I’m not sure if that will have a big impact on what I can do. Would you have any advice as to where someone like me should start, and have people come from technical support backgrounds into cybersecurity… like is that something you’d see as being advantageous in anyway?
Thanks again!!

Hey man, thank you so much for your videos. I'm in the process right now of looking into cybersecurity schools and they are rather costly, I also do have roughly 2 years as a cybersecurity analyst for a startup company that unfortunately never really took off by doing the job was awesome and I really enjoyed learning how to do different things like threat assessment and penetration testing and ethical hacking. I was going to ask you if there would be any chance I could set up a quick phone call with you to just ask you some questions and get more info because I'm very scared of investing 10 grand into a school and basically not being able to get a job when I'm done. Would that be at all possible to set up? Thanks again

I find a lot of the information confusing on trying to find a road map to follow to change into this career. I finished my Google Cyber Certificate, but the more I watch your videos and Unix Guy it seems like a few well rounded certs and practical skill projects is the way to go. I have worked in the Electronics field since 2004 in the military, automobile manufacturing, and currently in the medical field. Through all of my interviews the only thing that the employers cared about outside of experience is being able to demonstrate practical skills. All of my interviews were hands on and based on the position/process I was hired for. Is this the same in cyber security?

im a student trying to get into network admin or cybersecurity and im undecided which one i really want to pursue im trying to get my foot in the door with IT. Im finishing up school here within the next couple of months but i have my A+, AI-900 currently will take my LPI linux essentials exam soon, and then also get net+ sec+ and az-900. But i love to learn i love IT and i would love any resources tips and advice anyone has to offer me.
Thanks in advance; PEACE!

Great video! thank you for posting it. I wish I've seen it last April when I started to work on my sec+. I worked with DOD overseas. decided to change my career to cybersecurity. I was under the impression of having the sec+ with security clearance along with DOD analyst experience would be enough but it's not! the job market is crazy. I am competing against experienced people with a lot more to offer and it's almost impossible to find a cyber position that doesn't require more than 3-5 years of hands on experience! I am regretting it already. I just couldn't be away from family forever so I was hoping to settle having a M-F job in cybersecurity but I guess I was wrong! tired of applying and not hearing back or being ghosted out by interviewers....

hey thanks. that was helpful.

As a cybersecurity student myself, I have been told to look for a job in the industry while still in school. I've been following this advice and looking for a job for a few months now. I am having an extremely difficult time. I don't have a degree, I don't have any certs, and I don't have any experience, so I get turned down for even "entry level" positions. It's rough out here.

i am a freshman in college right now and i have a it security analyst internship right now and working on a few certifications right now is there any advice you would give me?

Took me 2 years on the dot to land a job in Cybersecurity from scratch.
I agree that recruiters are looking for more than technical ability.
Also great point on the culture and awareness piece.
Your videos helped me a lot - thank you.

I’m actually starting a bootcamp thing that’s like 3 months long. You get 5 certifications from it. Doing this while I just make a living from home anyways so i thought why not. There are several different ways you can pay for the training and I chose for it to be deducted from future salary until paid off. They only deduct when you are making a certain amount and you are only required to pay them back if they land you a job which is cool so I said why not. Worst case is I don’t land a job and learn a bunch of stuff for free. Best case I land a job and pay them back, and if they get me a good job I’ll pay them back fast. I mainly want to try it out because I like the field and the remote work.

16 years in the industry, recent role security engineer, this is spot on :)

Got my Sec+ and a Secret Clearance and 4 years of IT Experience still cant break into cyber :( Almost done with my bachelors end of this year tho

Is it beneficial to have a bachelor's degree to get into the field? Or is it more beneficial to find reputable courses to take and get certain certifications?

Im a veteran with no cybersec experience in the military and went back to college for a cybersec degree. Its still disheartening putting in all these applications and getting rejected. Ive often thought of just reenlisting. I hated my life but at least I could afford some more consistent things...

Do you think actually having the network + is valuable for a cyber security career path, or just having the knowledge is enough. I have the A+ now and thinking about learning all the network+ objective, taking a few practice tests to make sure i understand, and then move on to obtaining Security +. I guess in summary i’m wondering if it’s worth the exam cost and if employers will care about the Network+ cert after obtaining the Sec+. p.s. I’ve already been in help desk role for years.

How would you recommend someone gets a job in the industry? Obviously it’s always different. I currently have an IT degree, no experience in the field and I’m working on getting certs currently. Should I just be applying like crazy? Reach out to connections?

Which other job can u get with a cyber security degree because at this point I’m not jumping through hoops to get a job? I could have done nursing and not jumped through all these hoops. I could have already secured a job apparently too.

Thanks for that part of "looking at videos through a lens" very informative. I know I do not want to do networking.. hmmm... Forensics seems cool but imagine seeing graphic images.. that might be tough.. so I'm thinking security.. I have a previous career in physical security.. any thoughts are welcomed. thanks for the video..