CYBERSECURITY JOB HUNTING GUIDE
  • Home
  • Introduction
    • Things you should know
    • The strategy
  • Paths into Cybersecurity
    • First steps
    • SWOT Analysis
    • How much time do you need?
    • Calculate& Evaluate Knowledge
    • Imposter syndrome
    • Time Management
    • Cybersecurity Domains
    • Cloud Security
    • Financial advice >
      • Credit score
    • The salary
    • Advocacy for underrepresented groups
  • Goal Setting & Career paths
    • Find your career in 5 steps
    • Cybersecurity career options
    • Career finding with LinkedIn
    • Transferable Skills (general)
    • Transferable IT Skills
    • Find a path with job descriptions
    • The I do not know path
    • Do you know “garbage” jobs?
    • “Bonus” knowledge
    • Learning & Motivation
    • Particular vs. any job
    • Pentester path (start)
    • Pen Testing as Career
    • SOC Analyst as career
    • Security Engineer as career
    • Compliance & Risk as career
    • How to find a career (IAM Engineer)
    • Find a company
  • Networking
    • Networking like a pro
    • LinkedIn
    • Referrals & Skills
    • LinkedIn Recruiters >
      • Working with a recruiter
    • Cyber Community
    • Networking University
    • Mentoring
    • Build your personal brand
    • Goal of Networking
  • Hands-on
    • The home lab >
      • Designing a home lab
      • Ways to create a home lab
      • Hypervisors >
        • VirtualBox
        • VMWare Player
        • QEMU/KVM
      • Docker
      • Operating Systems >
        • Kali Linux >
          • Installing Kali with VirtualBox
        • Parrot
        • BlackArch
        • Red Hat Enterprise Linux >
          • RHCSA
        • Security Onion >
          • Installation Security Onion
        • Metasploitable2
        • Ubuntu
        • Windows >
          • Windows in a VM
          • Windows with Virtual Machine Manager
          • Preparing Windows logging
          • John Strand's ADHD VM
      • Firewalls >
        • pfSense Installation
        • pfSense configuration for Security Onion
    • Volunteer Work
    • Note Taking
    • Red labs >
      • Cyberseclabs
      • HackTheBox >
        • HackTheBox Academy
      • INE red side
      • RangeForce
      • Offensive Security
      • TryHackMe
      • Virtual Hacking Labs
    • Red tools & techniques >
      • Atomic Red Team
      • DVWA
      • Metasploit
      • OSINT tools
      • OWASP Juice Shop
    • Blue labs >
      • Blue Team Labs Online
      • DetectionLab (free)
      • INE
      • Letsdefend >
        • LetsDefend password stealer
      • Opensecuritytraining (free)
      • PurpleLabs
      • RangeForce
    • Blue tools >
      • Install a Canary Token
      • CyberChef
      • EDR Lima Charlie installation
      • EDR LimaCharlie configuration
      • EDR Velociraptor (free)
      • EDR Bluespawn (free)
      • DeepBlueCLI (logs Powershell, free)
      • Raccine (ransomware protection, free)
      • Install RITA (detects C2 traffic, free)
      • Sandboxes >
        • Joe's Sandbox
      • SIEM ELK Stack
      • SIEM Graylog >
        • Getting started with Graylog
        • Install Graylog
        • Graylog Windows agent
        • Graylog Linux agent
        • Graylog as application
      • Suricata with RangeForce
      • Identifying IoCs with RangeForce
      • What2Log
  • Certifications, Degree & Courses
    • Overview
    • Free & Affordable Resources
    • Pick your cert
    • Skill Assessment
    • Get a cheap degree
  • (Employment) fraud & scams
    • Suspicious Offer
    • Second Offer
    • Certification Scams
    • Fraud with courses
  • Analyzing a job ad
    • The Header
    • Building a Bridge
    • The Responsibilities
    • Desired Skills
    • Preferred Qualification
    • Benefits
    • Own skills vs job ad
    • Dealing with poorly written job ads
  • Resume writing
    • Templates
    • Building a draft
    • Resume in Detail
    • Understand the company
    • ATS and tailoring
    • Last Step
  • Cover letter
    • Writing a cover letter
  • Preparation & Interview
    • Organize your job hunt
    • SWOT Again (interview)
    • Twitter
    • The interview
    • Interview Questions Designed To Trick You
    • Post interview tasks
  • I did it all, but...
    • You are not alone
    • Try Something New
    • Why You'll Fail in Cyber Security
  • Yes, I got a job!
    • Two, or more offers?
    • Continued learning
    • Moving up
    • Lessons learned
  • Conclusion
  • Additional things
    • Reviews (labs, courses, certs) >
      • CompTIA A+
      • CompTIA Network+
      • CompTIA Security+
      • CompTIA Server+
      • CompTIA PenTest+
      • DroneSec DSOC
      • Defensive-Security Purple Labs
      • FAA Part 107
      • INE eCPPT & PTP
      • Letsdefend review
      • Microsoft AZ-500
      • RangeForce SOC 1
      • RangeForce SOC 2
    • Work In A Different Country >
      • The Work Permit
      • Working in the US
      • Studying in the US
      • Studying in Germany
      • Work in a different country
    • Other Resources >
      • Useful Links >
        • All about careers
        • Red resources
        • Blue resources
      • YouTube
      • Twitch
      • Podcasts
      • Books
      • Udemy
      • Thanks
    • Contributors
  • Stefan Waldvogel, where can I help?
  • Home
  • Introduction
    • Things you should know
    • The strategy
  • Paths into Cybersecurity
    • First steps
    • SWOT Analysis
    • How much time do you need?
    • Calculate& Evaluate Knowledge
    • Imposter syndrome
    • Time Management
    • Cybersecurity Domains
    • Cloud Security
    • Financial advice >
      • Credit score
    • The salary
    • Advocacy for underrepresented groups
  • Goal Setting & Career paths
    • Find your career in 5 steps
    • Cybersecurity career options
    • Career finding with LinkedIn
    • Transferable Skills (general)
    • Transferable IT Skills
    • Find a path with job descriptions
    • The I do not know path
    • Do you know “garbage” jobs?
    • “Bonus” knowledge
    • Learning & Motivation
    • Particular vs. any job
    • Pentester path (start)
    • Pen Testing as Career
    • SOC Analyst as career
    • Security Engineer as career
    • Compliance & Risk as career
    • How to find a career (IAM Engineer)
    • Find a company
  • Networking
    • Networking like a pro
    • LinkedIn
    • Referrals & Skills
    • LinkedIn Recruiters >
      • Working with a recruiter
    • Cyber Community
    • Networking University
    • Mentoring
    • Build your personal brand
    • Goal of Networking
  • Hands-on
    • The home lab >
      • Designing a home lab
      • Ways to create a home lab
      • Hypervisors >
        • VirtualBox
        • VMWare Player
        • QEMU/KVM
      • Docker
      • Operating Systems >
        • Kali Linux >
          • Installing Kali with VirtualBox
        • Parrot
        • BlackArch
        • Red Hat Enterprise Linux >
          • RHCSA
        • Security Onion >
          • Installation Security Onion
        • Metasploitable2
        • Ubuntu
        • Windows >
          • Windows in a VM
          • Windows with Virtual Machine Manager
          • Preparing Windows logging
          • John Strand's ADHD VM
      • Firewalls >
        • pfSense Installation
        • pfSense configuration for Security Onion
    • Volunteer Work
    • Note Taking
    • Red labs >
      • Cyberseclabs
      • HackTheBox >
        • HackTheBox Academy
      • INE red side
      • RangeForce
      • Offensive Security
      • TryHackMe
      • Virtual Hacking Labs
    • Red tools & techniques >
      • Atomic Red Team
      • DVWA
      • Metasploit
      • OSINT tools
      • OWASP Juice Shop
    • Blue labs >
      • Blue Team Labs Online
      • DetectionLab (free)
      • INE
      • Letsdefend >
        • LetsDefend password stealer
      • Opensecuritytraining (free)
      • PurpleLabs
      • RangeForce
    • Blue tools >
      • Install a Canary Token
      • CyberChef
      • EDR Lima Charlie installation
      • EDR LimaCharlie configuration
      • EDR Velociraptor (free)
      • EDR Bluespawn (free)
      • DeepBlueCLI (logs Powershell, free)
      • Raccine (ransomware protection, free)
      • Install RITA (detects C2 traffic, free)
      • Sandboxes >
        • Joe's Sandbox
      • SIEM ELK Stack
      • SIEM Graylog >
        • Getting started with Graylog
        • Install Graylog
        • Graylog Windows agent
        • Graylog Linux agent
        • Graylog as application
      • Suricata with RangeForce
      • Identifying IoCs with RangeForce
      • What2Log
  • Certifications, Degree & Courses
    • Overview
    • Free & Affordable Resources
    • Pick your cert
    • Skill Assessment
    • Get a cheap degree
  • (Employment) fraud & scams
    • Suspicious Offer
    • Second Offer
    • Certification Scams
    • Fraud with courses
  • Analyzing a job ad
    • The Header
    • Building a Bridge
    • The Responsibilities
    • Desired Skills
    • Preferred Qualification
    • Benefits
    • Own skills vs job ad
    • Dealing with poorly written job ads
  • Resume writing
    • Templates
    • Building a draft
    • Resume in Detail
    • Understand the company
    • ATS and tailoring
    • Last Step
  • Cover letter
    • Writing a cover letter
  • Preparation & Interview
    • Organize your job hunt
    • SWOT Again (interview)
    • Twitter
    • The interview
    • Interview Questions Designed To Trick You
    • Post interview tasks
  • I did it all, but...
    • You are not alone
    • Try Something New
    • Why You'll Fail in Cyber Security
  • Yes, I got a job!
    • Two, or more offers?
    • Continued learning
    • Moving up
    • Lessons learned
  • Conclusion
  • Additional things
    • Reviews (labs, courses, certs) >
      • CompTIA A+
      • CompTIA Network+
      • CompTIA Security+
      • CompTIA Server+
      • CompTIA PenTest+
      • DroneSec DSOC
      • Defensive-Security Purple Labs
      • FAA Part 107
      • INE eCPPT & PTP
      • Letsdefend review
      • Microsoft AZ-500
      • RangeForce SOC 1
      • RangeForce SOC 2
    • Work In A Different Country >
      • The Work Permit
      • Working in the US
      • Studying in the US
      • Studying in Germany
      • Work in a different country
    • Other Resources >
      • Useful Links >
        • All about careers
        • Red resources
        • Blue resources
      • YouTube
      • Twitch
      • Podcasts
      • Books
      • Udemy
      • Thanks
    • Contributors
  • Stefan Waldvogel, where can I help?
  CYBERSECURITY JOB HUNTING GUIDE

LinkedIn and career finding

Author: Stefan Waldvogel

Use LinkedIn to discover Cybersecurity career paths

LinkedIn is a great place to check if your career goal is realistic. 

How do you find your career path in IT / Cybersecurity? You have two things to consider: You have to like the job activity (passion for something), AND you need an employer. Both things are essential.
If you hate programming, why should you go in this direction? If you hate it, you do not use it in your free time, and therefore you learn slowly or not optimal. Your goal is a job, but it does not feel like a job. You enjoy it. Remember, you work 8 hours and a day has 24 hours.
The second part is important, and LinkedIn can help you a lot. Many people go into IT or, more specifically, Cybersecurity, get a CS degree, and the job hunt is terrible. You see posts about job shortage in Cybersecurity… but people applied for hundreds of jobs and always: “not considered.” What is wrong?
Some reasons:
  1. your application or CV is not readable by a machine (not ATS compatible)
  2. there are too many competitors
  3. not enough jobs for “real” entry-level positions
  4. you are not qualified enough (certs and work experience)
  5. missing key points
The positions in detail:
(1) The CV
Tailor your CV for each job. If you skip this part and do not have the wanted key points in your resume, you are out. It does not matter if you have it or not. A machine does not care. If you get a “not considered” after 5 minutes, one reason could be the ATS system.
(2) and (3) Competition and jobs
This part is essential for this chapter, and we can use LinkedIn to find the facts. The job market is constantly moving, but you can use LinkedIn to see the numbers and much more.
To get a helpful result, pick a wanted job role and set the location. Here, I used “systems administrator” and Austin. If you follow this guide, select your city and your wanted jobs. The following steps are examples.
Picture
We get 135 results, and we can see one job has seven candidates. This number is okay, but each area is different. Do this multiple times with other jobs to understand the statistics. The most crucial factor is the “Experience Level.” This is an excellent indicator if you can do such a job or not. Here, it is easy to see that this job role/title is not a beginner job.
We can try to find other jobs, e.g., “network administrator.”
Picture
We found more jobs, and distribution is better. We have more entry-level jobs, and if we move on to a help desk position, we have more jobs.
Picture
I picked these two roles on purpose because these are very important and classic jobs. The question is: Are there better-paid jobs available? Maybe you get Bachelors's in one or two years, but you do not want to start in a help desk position.
​
What is with Cybersecurity:
Picture
We have 771 matching jobs, and the optimal candidate is between entry-level and associate. Cybersecurity is an extensive job description. Usually, people know the blue and red sides, but there is much more. Usually, it is much easier to start on the blue side (defender) than the red side. Use the results to find a better job description.
​
Did you find the best career in IT?… what is with the cloud? Cloud is not hype, but the salaries are very high:
Picture
We found 4379 open positions in Austin, and over 900 are entry-level or lover. Cloud and security are very close together, but if you want to start a career in IT near Austin, it is helpful to have cloud knowledge in your pocket. Cloud is an enormous field, and you can research AWS (2000 open positions) or Azure (1000 open positions).
This situation is unique in each area, but it is crucial to have this information long before applying. Companies need people in help desk positions, but more in the cloud. The salary difference is immense.
​
(4) Qualification
What about qualifications? This part is interesting because if you do proper research, you can save a lot of money. A company needs a new employee because of work (and not a certification). It is important that YOU can do the job. A certification is an HR requirement, but it does not show your ability to do the job. My advice is: If you want to go into the cloud, get Azure’s free 1-year subscription and try to spin up some machines and build a lab. Use the features and learn it with the help of YouTube. It is free; you do not need a certification. Join some study groups (e.g., discord, LinkedIn) and have fun or do the same with AWS. If you like it and have a working lab and so on, then take a matching certification. The cert is the last step to pass the HR requirements. The certification adds some missing points, and now, you are a well-rounded candidate. If you into an interview, talk about the labs, what you did, and what you learned.
​
What is a valuable certification? LinkedIn can help you a lot because you can use the search function. Many blogs advertise some certs, but it is up to you to test them. CEH is a good example. This cert is a $3000 cert, and you find ads everywhere. The reality is:
Picture
We see 44 results… It is not worth it to spend nearly $3000 to get CEH certified because an Azure ($15 / $165) or an AWS certification ($150) is much cheaper and opens many doors. If you get CEH for free and can afford the running costs, yes, why not? You are a veteran with clearance, and you want a government job? CEH holds still a lot of weight for some small areas. 
One last word: Do not trust the certification industry. Yes, certs are essential in the US, but hands-on is the big thing. Learn things for free, and YouTube is a big learning platform.

(5) Hidden factors
What are the hidden key points? This question is tricky because people do not talk about this. I am an immigrant, but I am white and male. I have two big plus points and one big negative point. Can I work as a penetration tester, the big hyped job? … The quick answer is: No, not likely because I have a Green Card but not the matching citizenship. I can work as Security Researcher and in education, but not as a penetration tester.
This is an example, but thinking about these points is important. How can you use LinkedIn to find these hidden, critical requirements? Read the job descriptions.
Sometimes you see impossible requirements (very often), but HR is looking for unicorns. If you have 70%, -> you are a top candidate (valid for the US).

Conclusion
Spend some time researching. Do not trust a blog post or a website without checking the facts. With LinkedIn, fact-checking is so easy, and you can save money. I gave you an example, but I hope it shows the idea. Your situation can be very different.
Next: Transferable skills
© 2021. This work is licensed under a CC BY-SA 4.0 license​