For us I will list our level of certs. Level 1 cert is C.A.P.= certified authorize professional and security + Level - 2 is the CISSP and CISA Level - 3 is CEH and any cloud cert
I work in an Infosec GRC role, and I’m heavily considering switching over to audit for a while. They are pretty similar, and I work a ton with audits already. I am going to go for the CISA this year once the updated material has been released in May. Salaries have gone way up for IT audit, so hopefully I get a nice bump too 😊
Do you have any advice for people starting from an accounting/CPA background to earn a more technical role later on? I have a double focus in accounting/information systems and want to know if I need to go back and get my masters or if companies will take a chance on me with the right certifications. I don’t think I want to move on to internal audit which seems like a common jump for a lot of external it auditors. Will those certifications help differentiate me enough from my audit background?
If you want to go the IT audit route, then earning a CISA should be more than enough upper certification wise. A good source for IT audit would be through ISACA. For IT audit, your core frameworks that you most likely would see from a banking perspective would be FFIEC, GLBA, NIST, COBIT etc.
I love development but I'm considering the audit route just because I see how important it is to have good guardrails in place but it makes absolutely no use if I am doing it alone. The whole company needs to be compliant so that we don't ship sh*t products. Also, I don't even feel like I am up to standard enough so I really would like to learn everything that needs to be done to ensure robust systems and development practices. But it is a really big shift...
Hey Sandra! Can you do a video on what does a cybersecurity researcher do? I've been always curious but upon googling, seems like its a broad field itself. Skills like low level programming like assembly is needed. Would be great to get your insight!
Hi Samuel, ofc thanks for bringing this up! It’s definitely more unique than other roles in cyber security, will be adding this to my backlog! Happy holidays 😁🥳
Thank you very much for creating this video. I just completed my Security+ and I am Interested in the Compliance and Policy setting for IT. If you could. Please elaborate on more job titles for entry positions.
Thank you for the video, Sandra. Really useful to have info on the less glamorous side of cyber sec! I'm actually thinking of going into GRC/auditing after my Master's. Would you say that this route is less competitive than eg. pen testing?
Hey thanks so much for watching! :) and congratz on almost completing your Masters, I think this route is definitely less competitive than something like pentesting and also requires less niche experience compared to those more “popular” roles so I’d say definitely go for it! There are many Jr. IT Auditor/compliance officer roles and they actually can pay more than Jr Pentesting roles. Keep me updated, i’m confident you’ll do great in whatever you choose to do! And happy holidays 😁
@@WithSandra Thank you for the reply! Happy to hear your thoughts, this video has really inspired me to move into the sector. My current job is closely related to compliance, I guess that old habits die hard! Glad to hear that technical pen testing knowledge will be useful and that a Master's won't be wasted. Happy holidays to you and Luca. Greetings from the UK!
Great video and tremendous information! However I am as interested in audits as I am in root canals!! Went through it when I was in the coast guard. Dental work is much more fun! Thank you beautiful lady!! Lol!
Thanks so much John! :) And funny thing, I just had a root canal this morning LOL.. so this hits pretty close to home rn. Definitely not a role for everyone tho, takes a special personality type for sure! Thanks for watching 😁😁
This was soo helpful 🥲 I’m an auditor.. in the healthcare industry but I’m transitioning into IT.. I’m excited cause I know I have a lot to learn but I think I have experience.. well the basics to get into this industry 😅
Hi Sandra, thank you so much for posting this. I just really really need some insight for a clear direction. I currently have been working in compliance audit and control testing in the financial sector but I don't know how to clearly speak towards this as a IT Auditor. Its the same but I don't know how to speak towards it. Can you please provide any insight??
I work for a regional size bank as an IT Auditor. A lot of the audits you would work with with be cloud, IT governance, Information security (probably the most frequent), Business continuity/IT Resiliency and your SOX/SOC1 audits. Which would cover your access management, incident management, change management, back-ups etc. I highly recommend using ISACA as a good study tool reference to look at standards around these types.
I have the same aspirated and goal set in my mind to complete and wanted to ask you with your experience is cloud computing commonly outsourced overseas?
I really have been looking through your videos for what podcasts you recommend but I cant find it. Could you please reply with a link or something with that information. Also I am loving your content!!!
Hey Scott, thanks so much for watching! I mostly watch self-growth/finance podcasts and my faves are On Purpose (Jay Shetty), Mindset Mentor, ChooseFI, So Money, Afford Anything, etc. BUT some cyber podcasts I've started listening to are Cyberwire daily, Darknet Diaries, and Unsupervised learning. Happy holidays! :D
Hi captaincal, I just viewed your comment just moments away from applying for an IT Audit role. I’m super Enthusiastic about it. Do you have any specific advice concerning it, maybe in regards to the Big 4?
lots of cuts on the videos, like in 30 sec video you have 5 cuts.. also highly complicated video and fast video.... please be crisp and clear what you want to convey. there is nothing more clear in the video other than your beautiful eyes.
Hi Suyash, thanks for watching! IT audit is less technical than other cybersecurity roles so you have a higher chance of getting into it with a business background, I’d try to get experience working with regular audit or compliance teams on the business side to help you get your foot in the door as well so It’s definitely doable, good luck! 😁
I am a fresh graduate with cybersecurity degree, should I go for IT audit jobs? Am I able to become software engineer in the future? I have this question because I think software engineer career path will be better in the future.
Those two roles will require pretty different skills, I'd start with getting the technical skills first and get your foot in the door for the role you're most interested in, you can always make a pivot later on in your career or find a role that has some auditing/GRC requirements, good luck!
Your super cute. With those nice sculpted cheek bones and feminine demeanor, lol. But for seriously. This video gave me a nice breakdown on this topic. Thank you.
Lol Craven, I think she speaks at a good speed. She crammed a lot in less than 15 minutes which I appreciate because I often speed up talking videos when people speak too slowly for me. You can adjust the video's playback speed.
Upcoming vids in the Cyber Career Series: Malware Analysis & Cyber Intelligence :) Lmk any other cyber roles you'd like me to cover!
As someone who recently got their compTIA security+, I am happy to hear about IT compliance/Governance
more people need to talk about these roles cause I am so interested in working on this side!!
For us I will list our level of certs.
Level 1 cert is C.A.P.= certified authorize professional and security +
Level - 2 is the CISSP and CISA
Level - 3 is CEH and any cloud cert
Thanks so much for sharing Jason! 😁😁
I work in an Infosec GRC role, and I’m heavily considering switching over to audit for a while. They are pretty similar, and I work a ton with audits already. I am going to go for the CISA this year once the updated material has been released in May. Salaries have gone way up for IT audit, so hopefully I get a nice bump too 😊
Were you able to clear CIsa? I am considering to do it.
@@amrithamanmadhan7475 I actually changed careers entirely, so I didn't end up doing it.
Guess I just found my dream IT role after 2 years into university!
My biggest issue was never knowing what tools people use in cybersecurity but now i know. Thank you
Np, thanks so much for watching!😁😁
Extremely helpful and answered a lot of my questions on the topic, thank you.
Thanks pretty gal, the info was well and in depth. Hope you are having a wonderful year.
Do you have any advice for people starting from an accounting/CPA background to earn a more technical role later on? I have a double focus in accounting/information systems and want to know if I need to go back and get my masters or if companies will take a chance on me with the right certifications. I don’t think I want to move on to internal audit which seems like a common jump for a lot of external it auditors. Will those certifications help differentiate me enough from my audit background?
If you want to go the IT audit route, then earning a CISA should be more than enough upper certification wise. A good source for IT audit would be through ISACA.
For IT audit, your core frameworks that you most likely would see from a banking perspective would be FFIEC, GLBA, NIST, COBIT etc.
Great information! Thank you 😊
I love development but I'm considering the audit route just because I see how important it is to have good guardrails in place but it makes absolutely no use if I am doing it alone. The whole company needs to be compliant so that we don't ship sh*t products. Also, I don't even feel like I am up to standard enough so I really would like to learn everything that needs to be done to ensure robust systems and development practices. But it is a really big shift...
Hey Sandra! Can you do a video on what does a cybersecurity researcher do? I've been always curious but upon googling, seems like its a broad field itself. Skills like low level programming like assembly is needed. Would be great to get your insight!
Hi Samuel, ofc thanks for bringing this up! It’s definitely more unique than other roles in cyber security, will be adding this to my backlog! Happy holidays 😁🥳
@@WithSandra Thanks loads Sandra! You too!!
This was a great video. Very insightful. You got my subscription!
Hi Sandra! New to your videos, loved it! Just wondering if it would be difficult to exit from IT audit to cyber security?
Thank you very much for creating this video. I just completed my Security+ and I am Interested in the Compliance and Policy setting for IT. If you could. Please elaborate on more job titles for entry positions.
New sub here. Thanks for the video. I am so interested in these roles. Now I have more sense of direction 😊
Thanks Sandra, this was very helpful
Thank you for the video, Sandra. Really useful to have info on the less glamorous side of cyber sec! I'm actually thinking of going into GRC/auditing after my Master's. Would you say that this route is less competitive than eg. pen testing?
Hey thanks so much for watching! :) and congratz on almost completing your Masters, I think this route is definitely less competitive than something like pentesting and also requires less niche experience compared to those more “popular” roles so I’d say definitely go for it! There are many Jr. IT Auditor/compliance officer roles and they actually can pay more than Jr Pentesting roles. Keep me updated, i’m confident you’ll do great in whatever you choose to do! And happy holidays 😁
@@WithSandra Thank you for the reply! Happy to hear your thoughts, this video has really inspired me to move into the sector. My current job is closely related to compliance, I guess that old habits die hard! Glad to hear that technical pen testing knowledge will be useful and that a Master's won't be wasted.
Happy holidays to you and Luca. Greetings from the UK!
This was perfect! Thank you
So glad this was helpful Kira! ☺️☺️
Great video and tremendous information! However I am as interested in audits as I am in root canals!! Went through it when I was in the coast guard. Dental work is much more fun! Thank you beautiful lady!! Lol!
Thanks so much John! :) And funny thing, I just had a root canal this morning LOL.. so this hits pretty close to home rn. Definitely not a role for everyone tho, takes a special personality type for sure! Thanks for watching 😁😁
@@WithSandra hey I hope your mouth isn't hurting!!
@@johnczech7074 haha thank you! So far, it’s not as bad as wisdom teeth extraction 🤣
Lol omg you actually made it, sorry and thank you 🙏😅
Hahaha thanks Josh 😆
0.75 helped me a lot in speed thank God for it
Do you know someone that can train on IT internal Audit ?
This was soo helpful 🥲 I’m an auditor.. in the healthcare industry but I’m transitioning into IT.. I’m excited cause I know I have a lot to learn but I think I have experience.. well the basics to get into this industry 😅
Oh very interesting. Never heard of the role 🥺
Thank you for watching Luca! :)
Hi Sandra, thank you so much for posting this. I just really really need some insight for a clear direction. I currently have been working in compliance audit and control testing in the financial sector but I don't know how to clearly speak towards this as a IT Auditor. Its the same but I don't know how to speak towards it. Can you please provide any insight??
I work for a regional size bank as an IT Auditor. A lot of the audits you would work with with be cloud, IT governance, Information security (probably the most frequent), Business continuity/IT Resiliency and your SOX/SOC1 audits. Which would cover your access management, incident management, change management, back-ups etc. I highly recommend using ISACA as a good study tool reference to look at standards around these types.
Thanks for the great information. I have no background in IT but I am interested in getting into IT auditing. Which class can you offer
I have the same aspirated and goal set in my mind to complete and wanted to ask you with your experience is cloud computing commonly outsourced overseas?
Very awesome. Thanks
Nice 😊 any good places to look for work, did you start with internships
I really have been looking through your videos for what podcasts you recommend but I cant find it. Could you please reply with a link or something with that information. Also I am loving your content!!!
Hey Scott, thanks so much for watching! I mostly watch self-growth/finance podcasts and my faves are On Purpose (Jay Shetty), Mindset Mentor, ChooseFI, So Money, Afford Anything, etc. BUT some cyber podcasts I've started listening to are Cyberwire daily, Darknet Diaries, and Unsupervised learning. Happy holidays! :D
Hi I'm interested in IT Audit/Compliance, is CompTIA Sec+ recommended along CISA and CISSP (or CIA or any other certifications)?
Yes
I was an IT auditor. It's so boring and most IT auditors admit that it is boring. Save yourselves, don't be one.
Hi captaincal, I just viewed your comment just moments away from applying for an IT Audit role. I’m super Enthusiastic about it. Do you have any specific advice concerning it, maybe in regards to the Big 4?
@@emmanuelagbi902you got the job ?
You're not wrong. 2 years in and I've lost my mind working in IT Audit. Re-training in cloud security and it's a hell of a lot better!
Can a person from commerce background have scope in IT audit
Is this career is best for who had a degree of IT engineering and had knowledge of coding and recently passed out
great video
Will a fresher get to work in compliance/governance?
lots of cuts on the videos, like in 30 sec video you have 5 cuts.. also highly complicated video and fast video.... please be crisp and clear what you want to convey.
there is nothing more clear in the video other than your beautiful eyes.
Hi. Can you please tell me an MBA BBA finance fresher can join It audit?? Actually I got an offer for the same.
Hi Suyash, thanks for watching! IT audit is less technical than other cybersecurity roles so you have a higher chance of getting into it with a business background, I’d try to get experience working with regular audit or compliance teams on the business side to help you get your foot in the door as well so It’s definitely doable, good luck! 😁
I am a fresh graduate with cybersecurity degree, should I go for IT audit jobs? Am I able to become software engineer in the future? I have this question because I think software engineer career path will be better in the future.
Software engineer way better than IT audit and pay way more
Yeah, wayy more boring lol . And it doesn't pay more than IT audit lmao@educatecybersecurityandFinance
am so interested
can I be a software engineer and an Auditor?
Those two roles will require pretty different skills, I'd start with getting the technical skills first and get your foot in the door for the role you're most interested in, you can always make a pivot later on in your career or find a role that has some auditing/GRC requirements, good luck!
Hey
Hey @Monk thanks for watching! :) And happy (early) new year!
@@WithSandra Happy (early) new year's eve! 👍👍
Interesting: 15 yrs as a sales and use tax auditor
Your super cute. With those nice sculpted cheek bones and feminine demeanor, lol. But for seriously. This video gave me a nice breakdown on this topic. Thank you.
you doing too much handmovement gang i cant watch this.
you're sitting on the floor.
This was a pretty old video so yeah, I sat on the floor to film LOL, now I sit in a chair :)
She speaks way way too fast
Hey Jay, thanks for watching! Please let me know if .5x or .75x speed helps!
Lol Craven, I think she speaks at a good speed. She crammed a lot in less than 15 minutes which I appreciate because I often speed up talking videos when people speak too slowly for me. You can adjust the video's playback speed.
@@WithSandra I think that should help him out lol!
It's a sign of intelligence c:
I listen at 2x lol
thank you❤
Thanks For the Great Info
thanks for watching :)!