Episode 29

full
Published on:

29th Aug 2024

Ep29: Hack Your Career: Insider Tips for Cybersecurity Beginners

Navigating Cybersecurity: Q&A Session with Marc

In this special episode recorded outdoors, Marc answers listener questions about breaking into the cybersecurity field. Topics include gaining practical experience without an IT background, the importance of certifications, essential soft skills, networking strategies, handling job rejections, and making a career transition into cybersecurity. Marc provides practical advice on how to stand out in interviews, tailor your resume, and continuously improve your chances of landing a cybersecurity job. Resources and contact information are available in the show notes.

00:00 Introduction and Format Change

00:29 Question 1: Gaining Practical Experience in Cybersecurity

03:31 Question 2: Importance of Certifications

06:46 Question 3: Crucial Soft Skills

09:26 Question 4: Standing Out in Job Interviews

12:33 Question 5: Networking in Cybersecurity

15:59 Question 6: Handling Rejection and Improving Applications

22:35 Conclusion and Final Thoughts

---

I do hope you enjoyed this episode of the podcast. Here are some helpful resources, including any sites that were mentioned in this episode.

--

Sites Mentioned in this Episode

  • Cybersecurity Conferences - Our cybersecurity conference directory is meticulously updated and checked manually to prevent spam, ensuring it remains the community’s premier resource for discovering top cybersecurity conferences, events, meetings, and seminars for 2024, 2025, and beyond.
  • The Hire Drive Podcast Series - Apple Podcasts
  • Zero to Hired: Job Hunting in the AI Age - "Zero to Hired: Job Hunting in the AI Age" demystifies the complex world of job searching and hiring practices, providing job seekers with a comprehensive step-by-step guide to leverage artificial intelligence and modern digital tools to land their dream job.

--

Find subscriber links on my site, add to your podcast player, or listen on the web players on my site:

Listen to Byte Sized Security

--

Support this Podcast with a Tip:

Support Byte Sized Security

--

If you have questions for the show, feedback or topics you want covered. Please send a short email to marc@bytesizedsecurity.show with the Subject line of "Byte-Sized Security" so I know it's about the podcast.

Transcript
Speaker:

Today's podcast is going to

be a little bit different.

2

:

And an outdoor recording studio.

3

:

And I want to take some

Q and A's from listeners.

4

:

So I grabbed about six

of the best I could find.

5

:

And if you want to send a question and

it's Marc MARC at ByteSized Security

6

:

Dot show B Y T E sized security.show.

7

:

So I'm going to have my assistant

read off each question, and then

8

:

I'm going to attempt to answer it.

9

:

So without further ado, Let's go.

10

:

What's the question.

11

:

Number one.

12

:

Gabi: Thank you Marc.

13

:

Here's our first question.

14

:

What are the most effective ways for a

beginner to gain practical experience

15

:

in cybersecurity, especially if they

don't have a formal I T background?

16

:

So the most effective ways for beginner to

gain practical experience, especially if

17

:

they don't have any formal it background.

18

:

Get that formal it background.

19

:

You don't have to have it

to get into cybersecurity.

20

:

There's.

21

:

Divisions and areas that you could

go into, if you're a good at legal

22

:

or document writing, technical

writing, working with people

23

:

like security awareness training.

24

:

But if you don't have any formal

it background, It still would

25

:

be helpful to get yourself.

26

:

Something.

27

:

And I'm not saying a help desk job.

28

:

But it does help.

29

:

Explain cybersecurity principles.

30

:

When you do have an it background,

some of the best people I know.

31

:

In cybersecurity.

32

:

Have extensive it backgrounds.

33

:

It could be from architecture.

34

:

To help desk to software development.

35

:

It doesn't really matter, but they

have an understanding of network and

36

:

computers and technology, and then they

can apply that easily to cybersecurity.

37

:

It's hard to secure a network if

you don't know what a network is.

38

:

It doesn't mean you have to go into

help desk, but if you don't have

39

:

that formal it background, Take

some classes, take some courses.

40

:

Look for volunteer opportunities

in your local community, where

41

:

you can start to develop that.

42

:

Not everything has to be a formal job.

43

:

You could be working in a

completely different industry.

44

:

And still figure out some different

ways to get yourself some.

45

:

It knowledge in order to get

yourself into cybersecurity now.

46

:

That sounds a lot.

47

:

Easier said than done.

48

:

I'll give you that there's hundreds of

people looking for cybersecurity jobs.

49

:

The do have extensive it backgrounds.

50

:

So.

51

:

But it can be done.

52

:

And if you do want to do that, I

don't think you should give up,

53

:

but it was difficult enough for

me to make a lateral transfer.

54

:

I can imagine that if you don't

have any it experience how difficult

55

:

it would be, that being said.

56

:

Governance risk and compliance GRC.

57

:

Which is not easy.

58

:

But those people that I've worked with

do not have extensive it backgrounds

59

:

at all, but they're very good at policy

writing, policy, reading documentation.

60

:

Legal putting together presentations.

61

:

So if you have those types of

skillsets, You don't necessarily have

62

:

to have a formal it background to get

into a division of cyber security.

63

:

So there's, there's other options.

64

:

They may not be a pen tester.

65

:

But there's a lot of other things you can

do in cybersecurity, if you're really good

66

:

at educating people and you understand.

67

:

The culture of security.

68

:

Culture of security awareness.

69

:

You could develop training

for a particular company.

70

:

You could easily come in as a

learning management developer,

71

:

into the cybersecurity area to

help train your employees up on it.

72

:

And you wouldn't have that.

73

:

Quote, formal it background.

74

:

Next question.

75

:

How important are certifications like Comp

TIA Security+ or C I S S P when applying

76

:

for entry-level cybersecurity positions?

77

:

For entry-level well,

for entry level CISSP.

78

:

Should not be entry-level.

79

:

Um, However.

80

:

I do know that I've seen job

descriptions that look to be

81

:

entry level and they want a ton of

experience and your, you know, years

82

:

of experience and they want to CISSP.

83

:

That's ridiculous.

84

:

Um, that's just somebody who doesn't

know how to write this job description,

85

:

or they don't know what they're

looking for, or they just want to hit.

86

:

Everything under the sun.

87

:

It doesn't really matter.

88

:

They just want to grab.

89

:

Anything they possibly can.

90

:

So that that's.

91

:

Not good.

92

:

But the comp Tia security plus

honestly that I know certificates

93

:

get, you know, hit or miss yay or

nay people like them that don't.

94

:

That's exactly the one that

I took, I did the comp Tia

95

:

security plus out of the gate.

96

:

Um, it was hard.

97

:

But I did have that.

98

:

It background.

99

:

I was able to stay for, it

took a couple of months.

100

:

Pass it.

101

:

And one of the nice things about it is.

102

:

On job applications, they're looking for.

103

:

Particular certifications.

104

:

And so you just kind of hit

that right out of the gate.

105

:

It just gets you past an

applicant tracking system.

106

:

And I think if you can do that, I

think that is probably your best bet.

107

:

As far as different

certifications, I always preached.

108

:

On this podcast or my tech talk series.

109

:

If you're going to go for certs

and now they are not the end.

110

:

All be all.

111

:

But if you're going to go

for certifications for.

112

:

You know, Different jobs.

113

:

Look at the job that you're applying for.

114

:

Or jobs that you're applying for

and see if you see a pattern and

115

:

then go for those certifications.

116

:

So for me, I did see comp

Tia security plus, oh, a lot.

117

:

And I saw a lot of ISC

squared on there as well.

118

:

Um, I went from comp Tia security

plus got my cybersecurity job

119

:

and then studied for the CSSP.

120

:

And I really don't intend to

get any more certifications.

121

:

I just will keep getting.

122

:

Uh, continuing education

credits for those.

123

:

And just leave it at that.

124

:

But for entry level.

125

:

You know, if it.

126

:

If there is an entry-level position

and there are some, although they're

127

:

rare, take a look at what they're

looking for and then go for those.

128

:

But don't look for certifications

that require five years of

129

:

experience like the CSSP.

130

:

Because that makes absolutely no sense

for it to be an entry-level position.

131

:

So.

132

:

I don't know that I would put

an importance level on them.

133

:

I just wanted to check

as many boxes as I could.

134

:

To get past the recruiter.

135

:

That's basically it.

136

:

Right.

137

:

I mean, if you've got 10 applicants

that come in and this job requirement

138

:

says nice to have security

plus, and you don't have it.

139

:

Do you really want to be number 11?

140

:

Would you rather just make that cut

from whatever system is looking at?

141

:

You know, how much, how much

of a matches this person?

142

:

That's all.

143

:

But it's not the end.

144

:

All be all experience.

145

:

How you handle yourself, your level of

professionalism, what you can bring to the

146

:

table, your attitude, all those things.

147

:

How do you fit into the culture?

148

:

Way more important than certification?

149

:

Hands down.

150

:

Next question.

151

:

What soft skills are crucial

for success in cybersecurity,

152

:

beyond technical knowledge?

153

:

Curiosity.

154

:

Curiosity.

155

:

Um, I w I don't want to

use the word self starter.

156

:

I would say someone who.

157

:

Could.

158

:

Take an idea.

159

:

And just be able to figure out a

lot of that stuff out on their own.

160

:

Meaning.

161

:

You're going to do searching.

162

:

You'll go into forums.

163

:

You'll use AI, you'll chat with coworkers.

164

:

You'll be able to take a particular.

165

:

Problem.

166

:

And come up with your own solution.

167

:

You're not someone who needs

to be told every step of

168

:

everything that you have to do.

169

:

Right.

170

:

It's self-discovery cybersecurity

is a lot of curiosity.

171

:

Self discovery.

172

:

Doing things on your own.

173

:

Figuring things out.

174

:

I know these are all buzzwords

and keywords, but honestly, If

175

:

there's a problem with the system

and you're the person that needs to

176

:

fix it, or you have to investigate.

177

:

Some kind of suspicious potential threat.

178

:

Or, you know, fix one of your CASB

products or, you know, work with.

179

:

Work on a browser or something.

180

:

You've got to be able to take that from.

181

:

Not very much information and, and

follow that all the way through.

182

:

So.

183

:

If you're someone who needs to be handheld

and I want to, I don't want to know

184

:

exactly everything I'm supposed to do.

185

:

I want my boss to tell me

everything every step of the way.

186

:

Cybersecurity is gonna be really difficult

because it's just, you think computer

187

:

and technology is changing all the time.

188

:

Cyber attacks and technology

is changing all the time.

189

:

Two years ago, there wasn't

really, you know, phishing

190

:

emails and all that was a joke.

191

:

Um, it's not so much of a joke anymore.

192

:

Because the landscape has changed.

193

:

You've got AI.

194

:

You've opened up.

195

:

Um, really good English speaking

abilities or any other language speaking

196

:

bellies now to craft really great.

197

:

Emails to.

198

:

You know, exfiltrate or infiltrate

data and hack and all this kind of

199

:

stuff and the landscape changes.

200

:

And so that soft skill.

201

:

Curiosity, self discovery.

202

:

Ability to not know everything and

rely on other, you know, work with your

203

:

coworkers on how to solve these problems.

204

:

It's going to be huge and that's.

205

:

That's a hard thing to teach.

206

:

You can teach people technical skills.

207

:

I've seen this on LinkedIn all the time.

208

:

You can teach somebody technical

skills, but it's really hard

209

:

to teach people soft skills.

210

:

That's more of a learning thing.

211

:

How do I be a better listener?

212

:

That's a lot harder to do than,

Hey, how do I become better at.

213

:

Python programming or something.

214

:

So those, those are my soft skills.

215

:

How can I stand out in a cybersecurity

job interview, particularly if I'm

216

:

transitioning from a different career?

217

:

So I transitioned from it.

218

:

Windows, SharePoint, world.

219

:

Into cybersecurity.

220

:

And I found it very difficult because

a lot of times initially on my resume,

221

:

people would see that and they're

like, oh, you're you're SharePoint.

222

:

Your windows.

223

:

And it was difficult to get

away from that perspective.

224

:

Until I completely revamped my resume.

225

:

To focus more on the cyber security

things that I did in my previous jobs.

226

:

And I crafted my resume to be the

person I wanted to be instead of

227

:

the person that I was or had done.

228

:

If that makes any sense.

229

:

Right.

230

:

If you want to be in cybersecurity.

231

:

And someone's looking at your resume.

232

:

They're going to want

to look at someone who.

233

:

Has those has that particular

skillset, as opposed to somebody who

234

:

doesn't, but just really wants to get

in and they're passionate about it.

235

:

Right?

236

:

You hear a lot of passion.

237

:

But if you want to stand out in

that job interview, What is it

238

:

that you can bring to the table?

239

:

If an, if an employee has something

that they need to fill a gap.

240

:

You've got to be able to provide

the technical skills or at least

241

:

showcase that you could learn.

242

:

All right.

243

:

That you could learn this.

244

:

And that you, you fit into the culture.

245

:

And that, that one I hate the most

because I don't know what that means.

246

:

How do you fit into the culture?

247

:

Right.

248

:

Um, you don't.

249

:

Gut instinct, you know,

if you're going to fit.

250

:

Just be yourself.

251

:

I mean, you hear that a lot, but honestly,

If you go into a culture where you're not

252

:

comfortable day one and you don't like it.

253

:

You probably aren't

going to last very long.

254

:

So standing out for me was crafting my

resume and highlighting the things that

255

:

I'd done, sort of tooting my own horn and

saying, Hey, here's the things I've done

256

:

in cybersecurity that I can help you, or

that I've got the skillset that you need.

257

:

To be able to do this.

258

:

And.

259

:

There are a lot of skills

in your previous job.

260

:

That.

261

:

We'll transition into cyber security that

you don't think will, for example, Um,

262

:

I did a lot of videos previously in, in,

before when I transitioned careers, I did

263

:

a lot of learning videos, just on my own.

264

:

Nobody asked me to do it.

265

:

I used Camtasia and I just

made videos on SharePoint.

266

:

And how did you certain things

and it became really popular.

267

:

And I point to that is that is

how I transitioned that particular

268

:

skillset into cyber security awareness

training, because I was good at making

269

:

videos, communicating with end-users.

270

:

Drafting up emails and materials and

getting people on board with training.

271

:

And that is something I'd be

interested in doing at your company.

272

:

And guess what they had a need for that.

273

:

And that's what I still do today.

274

:

Security awareness training.

275

:

As far as I know, we're

relatively secure Yami.

276

:

But my point is you will have skills

in your previous job that you don't

277

:

think transition into cybersecurity

and they absolutely do so you need to

278

:

figure out what is it that I've done

that I think I can bring to the table.

279

:

That's going to make it.

280

:

Something I can do for this company

that relates to cybersecurity.

281

:

You will have those

skills do not discount.

282

:

Uh, those transitional skills that

you have, everything is not technical.

283

:

It doesn't have to be.

284

:

What's the best way to network

and build connections in the

285

:

cybersecurity community as a newcomer?

286

:

Uh, I love this one.

287

:

It's the best way to network

and build connections in the

288

:

cybersecurity community as a newcomer.

289

:

So I went to, I went to RSA.

290

:

Which is, uh, a local, huge

local show here in the bay area.

291

:

And I went to that for two years,

uh, prior to actually getting

292

:

into the industry because you can

basically get a free expo ticket.

293

:

If you have any vendor contacts, you know,

anybody, or you look online, whatever.

294

:

And it's not very expensive,

even if you don't.

295

:

And I just went to the show and I

walked this, I walked the floor.

296

:

I spent two days walking around,

talking with different vendors,

297

:

getting into the industry,

getting, understanding the tools.

298

:

What different products are out

there, what people are doing,

299

:

listening to the bud buzzwords

and the vibe that was going on.

300

:

You know, taking every opportunity

to attend any of the parties that

301

:

these vendors would have like, oh,

we're having a happy hour at five.

302

:

If you meet us at such and such.

303

:

And it was a networking event, a bunch

of people, I didn't know anybody.

304

:

And industry.

305

:

I didn't know anybody

at any of these events.

306

:

I just went.

307

:

And got myself out there and attended the,

this particular cybersecurity conference.

308

:

And that was instrumental in

getting me into the industry

309

:

that I wasn't already in.

310

:

And there are a ton.

311

:

Of free or low cost.

312

:

Cyber security conferences

that you can go to.

313

:

And I'll link that in the show notes is

actually a site that's, um, very good.

314

:

It's got all different countries and

cities and genres of cyber security

315

:

that you can sign up for alerts.

316

:

And then we'll tell you about different

events are happening, not just meetups

317

:

and stuff, but actual conferences.

318

:

You know, small, large, whatever.

319

:

Some are free, some are not.

320

:

And you should just attend those.

321

:

That was a great way for me to build

up a connection and get myself into.

322

:

I get myself into the

cyber security community.

323

:

When I didn't have any experience in

it when I didn't know anybody in it.

324

:

And I wasn't currently working

in industry, I would say that

325

:

is the best and biggest thing.

326

:

You can do.

327

:

Get yourself into some

cybersecurity conferences.

328

:

You know, even if they're online, I

know that's not going to be as good.

329

:

But even if they're online,

It's a good way to just start

330

:

getting yourself in there.

331

:

I just, I just went to BSides Vegas.

332

:

Not.

333

:

Three weeks ago.

334

:

And my ticket for the two day event.

335

:

It was a hundred bucks.

336

:

That is such a cheap.

337

:

Conference ticket.

338

:

And besides is all over the

world, it isn't just in Vegas.

339

:

It's, it's all over the place.

340

:

They have conferences at different areas.

341

:

You could look it up.

342

:

But it's such a cheap

ticket for what you get.

343

:

And you're networking with people who are

literally in the trenches, working in the

344

:

industry that may be able to hook you up

or help you out with jobs or anything.

345

:

I was standing in line and

I listened to this girl.

346

:

Talk about.

347

:

How she was.

348

:

You know, taking these courses and classes

and doing all this stuff on the side,

349

:

she really wanted to be calm pen tester.

350

:

And the person that she was just

chatting with was like, Hey, we're

351

:

looking for people to do that.

352

:

You know, drop me your

contact information.

353

:

I'll see what I can do.

354

:

And maybe we can hook you up.

355

:

Or if I know someone.

356

:

That.

357

:

You're not going to get that.

358

:

Elsewhere.

359

:

That, that that is the kind of stuff

that you want to build connections.

360

:

As a newcomer when you're just talking

with people and it gets you out there

361

:

and start talking about yourself and what

you want to do with people that you don't

362

:

know, which is uncomfortable for some.

363

:

And that is, that is huge.

364

:

So attending cyber security conferences.

365

:

And I'll, I'll link that in the

show notes is, um, absolutely huge.

366

:

How should I handle rejection in

my job search, and what can I learn

367

:

from unsuccessful applications to

improve my chances in the future?

368

:

I'd say I had about a 54% hit

rate on stuff where I would hear

369

:

something back from somebody.

370

:

Um, 50% ghost.

371

:

Like nothing.

372

:

And then 50%.

373

:

You know, I'd hear back from something.

374

:

I got a lot.

375

:

I got really close to a lot

of thought opportunities.

376

:

And rejected.

377

:

And I had a lot of

highs and a lot of lows.

378

:

And it was really.

379

:

Took.

380

:

84 tailor job applications.

381

:

And this is 20 18 84 tailored

job tailored job applications.

382

:

I wasn't shot getting it.

383

:

And.

384

:

It was, it was.

385

:

It very difficult and painful.

386

:

Uh, seven months to be able to

land that first cyber security job.

387

:

And I made my job looking for a job I

was applying or looking every single day.

388

:

I never really took breaks.

389

:

Um, I didn't burn out.

390

:

But you get really good at interviewing

and you get really good at.

391

:

Knowing what questions people are

going to ask you because eventually

392

:

it's like an actor, right?

393

:

You're learning your lines.

394

:

At first, you don't know your lines,

you really nervous you, you fumble

395

:

around, but after a while you hear the

same, what's the difference between

396

:

asymmetric and symmetric encryption?

397

:

Or how would you secure this network

or what order do firewalls rules go in?

398

:

You know, whatever.

399

:

You're going to hear the same

things over and over and over.

400

:

Um, And you'll just get better at that

and there, how to handle rejection.

401

:

I never took it personally.

402

:

And I never really followed up with

interviewers or hiring managers.

403

:

Anybody I would apply.

404

:

I would interview.

405

:

And I would go onto the next job.

406

:

I didn't spend time sending gift baskets

and flowers and thanking recruiters

407

:

and having a bunch of conversations.

408

:

I'd follow up.

409

:

If I didn't hear back from somebody.

410

:

But I didn't, it didn't really matter.

411

:

And if I was rejected, I never asked

the recruiter why, or they're never

412

:

going to give you any good information.

413

:

For legal reasons for a

whole bunch of reasons.

414

:

It won't really disclose any of that.

415

:

Um, and I don't really care, you

know, maybe it wasn't a culture fit.

416

:

Maybe they're hiring their brother-in-law.

417

:

Who knows, who cares?

418

:

So I didn't.

419

:

I didn't handle rejection per se.

420

:

I just moved on and went to the next thing

and the next thing and the next thing,

421

:

the next thing, I just, I was a machine

that's my job was looking for a job.

422

:

To get a job in cybersecurity industry.

423

:

That was, that was it.

424

:

Basically in a nutshell, that was it.

425

:

I didn't think about anything else.

426

:

And it didn't.

427

:

It doesn't matter.

428

:

I see a lot of that on LinkedIn.

429

:

It's like, oh, what do I, you know, I'll

go on LinkedIn and complain about the job.

430

:

How sucky jobs are and how

broken industry is whatever.

431

:

Not going to change anything.

432

:

And it doesn't help you.

433

:

It's not to say venting doesn't

help, but public venting is just.

434

:

Yeah.

435

:

Waste of time.

436

:

And you're not really gonna learn

anything from the, recruiter's not going

437

:

to be like, oh, if only you had more

experience or if only you had this or you

438

:

really should present yourself better.

439

:

You're.

440

:

You got to say anything.

441

:

And nobody wants to get sued.

442

:

So you just, oh, you know, we went

with a different candidate choice.

443

:

You know, the generic bullshit, whatever.

444

:

And what if they said, oh,

you're just in a culture fit.

445

:

What are you going to do with that?

446

:

How was that helpful to you?

447

:

Oh, I'm not a culture fit.

448

:

What?

449

:

Come on.

450

:

Don't so don't, you don't

need to really handle it.

451

:

You just need to not take

it personally and move on.

452

:

And I think this job market is a

lot harder than when I had, I got my

453

:

was hard, but that's my perspective.

454

:

But.

455

:

I think it's, I think it's definitely

harder now than it was before.

456

:

So.

457

:

You know, Now, what can you learn

from unsuccessful applications

458

:

to improve your chances?

459

:

I would always constantly tweak my resume.

460

:

Uh, I wrote a book zero to

hired and it's on Amazon.

461

:

And I've got a podcast on it.

462

:

It's called the higher drive.

463

:

And one of the things that I did

was I constantly looked at jobs

464

:

on LinkedIn that I wanted to do.

465

:

And maybe there's a bullet point

that I missed that I had done

466

:

that looked better like, oh yeah,

I've done vuln, vulnerability

467

:

management, scanning, and Nessus.

468

:

Why didn't I include that on my resume?

469

:

And then it would just take that

from what they were looking for.

470

:

And then I'd put that on my LinkedIn

profile on my resume and use that.

471

:

And eventually what you end up doing,

I called it the save a job method was.

472

:

I would save jobs.

473

:

I was interested in and I was looking

at what they were looking for.

474

:

And then I'd look at my resume and see

if there was areas that I can improve.

475

:

Could I improve.

476

:

the description?

477

:

Could I add a keyword that I'd missed?

478

:

Could I add a bullet point that I had

done that I neglected to put on there?

479

:

Could I drop something that wasn't,

that I thought was important that

480

:

apparently no, one's looking for.

481

:

And put something else.

482

:

So could I word it better so

that the industry is looking for.

483

:

this particular set of keywords, but

I'd use a different set of keywords.

484

:

So I used their job descriptions to build

up my resume for things that I had done.

485

:

And then at the end of the

month or whatever, I had a

486

:

damn good looking resume.

487

:

In my opinion.

488

:

That.

489

:

Are what people in the cybersecurity

industry are looking for of

490

:

things that I'd done, because

there are looking for That.

491

:

I had done that and it was

able to present on a resume.

492

:

And I did it in a way that

I would have talking points.

493

:

So it wasn't just a list

of responsibilities.

494

:

It will list of accomplishments

and things that I'd done.

495

:

So I could have stories to tell

because storytelling is important.

496

:

And that's why I think podcasting

is successful is because people like

497

:

listening to content and stories.

498

:

If I just rattled off these six questions

and gave you real quick answers,

499

:

it wouldn't be that entertaining.

500

:

But I'm giving you information

and in a kind of a story format.

501

:

That's giving you that information.

502

:

It's more, it's better.

503

:

And so a resume in ways like

a calling card slash story.

504

:

Tell me about when you

worked here, what'd you do?

505

:

it shows that you saved the money, the

company, this much money and stuff.

506

:

Can you tell me about that?

507

:

It's a much more interesting

than I manage SharePoint.

508

:

Okay.

509

:

Great.

510

:

But, you know, what else?

511

:

So thank you for your resume as

like a, as a list of accomplishments

512

:

and things that you had done, your

responsibilities are important, but.

513

:

A lot of people, they got ugly looking

resumes and that doesn't really, it might

514

:

pass an applicant tracking system, but.

515

:

it doesn't make for something that

someone is curious to talk to you

516

:

about the things that you've done.

517

:

You should toot your own horn,

tell people what you've done.

518

:

and how you can help them out.

519

:

That kind of thing.

520

:

But, you.

521

:

know, getting into

cybersecurity is difficult.

522

:

Not going to lie.

523

:

It was hard for me and I, and I look

out there in the landscape now..

524

:

It looks nasty.

525

:

So there's anything.

526

:

That I want to do.

527

:

It's trying to help people avoid

the mistakes or the pain that I did.

528

:

And that's the purpose of this podcast.

529

:

And the videos that I do.

530

:

And I think the industry needs a lot

more qualified, passionate, good people.

531

:

And I know there's a lot of

people out there that could do.

532

:

These type of jobs.

533

:

Thank you Marc!

534

:

I hope the listeners

will enjoy this episode.

535

:

As a reminder, contact

information and show notes will

536

:

be available in this episode.

537

:

Check your podcast app to view the notes

for links to any resources mentioned.

538

:

Stay safe and hope you join us again.

All Episodes Previous Episode

Support the Podcast with a Tip

If you're enjoying Byte-Sized Security and finding these practical tips useful, please consider supporting the podcast with a small contribution. It costs $17 per month just to cover podcast hosting fees, and your support helps offset the costs of producing this security resource and keeping episodes free. Even a tip of $1-5 per month from loyal listeners adds up and allows me to continue providing great cybersecurity info. Please considering a donation. I appreciate you helping sustain Byte-Sized Security! Now back to the security tips..
Support the Podcast
A
We haven’t had any Tips yet :( Maybe you could be the first!

Listen for free

Show artwork for Byte Sized Security

About the Podcast

Byte Sized Security
Snackable advice on cyber security best practices tailored for professionals on the go
In a world where cyberattacks are becoming more commonplace, we all need to be vigilant about protecting our digital lives, whether at home or at work. Byte Sized Security is the podcast that provides snackable advice on cybersecurity best practices tailored for professionals on the go.

Hosted by information security expert, Marc David, each 15-20 minute episode provides actionable guidance to help listeners safeguard their devices, data, and organizations against online threats. With new episodes released every Monday, Byte Sized Security covers topics like social engineering, password management, multi-factor authentication, security awareness training, regulatory compliance, incident response, and more.

Whether you're an IT professional, small business owner, developer, or just someone interested in learning more about cybersecurity, Byte Sized Security is the quick, easy way to pick up useful tips and insights you can immediately put into practice. The clear, jargon-free advice is perfect for listening on your commute, during a lunch break, or working out.

Visit bytesizedsecurity.com to access episodes and show notes with key takeaways and links to useful resources mentioned in each episode. Don't let cybercriminals catch you off guard - get smart, fast with Byte Sized Security! Tune in to boost your cybersecurity knowledge and help secure your part of cyberspace.
Support This Show

About your host

Profile picture for Marc David

Marc David

Marc David is a Certified Information Systems Security Professional (CISSP) and the host of the cybersecurity podcast, Byte-Sized Security. He has over 15 years of experience in the information security field, specializing in network security, cloud security, and security awareness training. Marc is an engaging speaker and teacher with a passion for demystifying complex security topics. He got his start in security as a software developer for encrypted messaging platforms. Over his career, Marc has held security leadership roles at tech companies like Radius Networks and Vanco Payment Solutions. He now runs his own cybersecurity consulting and training firm helping businesses and individuals implement practical security controls. When he’s not hosting his popular security podcast, you can find Marc speaking at industry conferences or volunteering to teach kids cyber safety. Marc lives with his family outside of Boston where he also enjoys running, reading, and hiking.