Identity Governance Analyst (IGA)👩🏽💻 | My Cyber Security journey | Purple Team 💜 | NOT a content creator, personal notes only | Cloud Security / IAM |
No matter how many PDFs and E-Books are in front of me, I’ll always choose Hard Copy and a highlighter. And
nothing beats pen and paper to retain information.
You have to set a routine everyday when it comes to studying and staying ahead of things, because the second you slack off for a few days that drive depletes.
I love reading a lot of Reddit discourse pertaining to the Cyber Security industry. People are updating you on the current market, trends, and offering solid advice in real time against these organizations. Community!
I need to find a website that can track every account you’ve ever made / app you’ve ever downloaded (that’s still running) based off your credentials, and it gives you the option to simply delete them for good.
When people say “You won’t survive in Cybersecurity if you don’t like to research” it’s true. You need to read those long PDF & website documents/white papers, look through those Vendor forums, watch those YouTube videos and Webinars, etc. The answers are right there.
I’m on a team with 2 women who i think are in their mid 30s - 40s, but they’ve been in IT/a mix of cybersecurity for 19 years and said they don’t have a degree or any certifications, i really couldn’t believe it lmao.
Found this website that helps you learn anything you want to know. They even list in-depth prerequisites, books, courses, and videos. Very helpful guides.
My Career Roadmap:
IAM Analyst > IAM Engineer > CyberArk Engineer > IT Auditor > Third Party Risk Management
Or
IAM Analyst > IAM Engineer (Sailpoint) > IT Auditor > Third Party Risk Management
NIST has released three self-guided online introductory courses on the SP 800-53 security and privacy control catalog, the SP 800-53A control assessment procedures, and the SP 800-53B control baselines. (1/2)
The ‘Microsoft Cybersecurity Scholarship’ offers Cybersecurity Analyst Professional Certifications and a DevSecOps Peer-to-Peer Mentoring Network, designed to equip women for high-demand entry- to mid-level cybersecurity position
Specialisterne has partnered with Deloitte as part of their Neurodiversity Apprenticeship Initiative.
If you’re interested in Penetration Tester, SOC, and IAM Solution Consultancy,
read & apply here:
Splunk4Rookies Workshop
This 3-hour workshop will introduce Splunk, along with hands-on experience creating a Splunk app and dashboard based on multiple use cases.
Half of today I’m just fully working in Notion to create a study plan for certs, career trajectory roadmap (Current-5 years from now), project ideas, evaluating the Technical Vs. Business side of my niche, trends to look into, documentation to read, and courses to focus on.
I need Twitter to update the Bookmark section with filters for the year, month, and date. Constantly scrolling for something you saved a year or 2 ago is excessive.
I think coding is easier to learn now more than before, because we literally have software that teaches you what it says, and why it’s being written, as you write it.
One thing that can really help your journey is solely following/connecting with only recruiters, people within your niche, and where you’re trying to go after your niche, on LinkedIn. Also documenting everything (labs, programs, certs etc)
Sharepoint is literally your ultimate guide at work. Learn what frameworks and models are being used, look at the architecture diagrams, read what your department is currently working on and the issues they’re facing, etc. That is the outline to your resume and interview prep.
With the government not requiring a degree for Federal jobs soon, I’m wondering if they’ll start lowballing in terms of salary. Nonetheless, a degree is still a tie-breaker
To prepare for interviews I always look into the scope of the role, and understand the Principles of what it’s based around. I elaborate on trends and best practices, and how i utilized them within my previous role as well. I’ll even bring up webinars & events that are associated
I’ve been targeting Startup companies lately, i don’t mind wearing several hats if I’m able to upskill and finally get integration / migration experience.
Signed up for a cyber bootcamp that ended up being trash in the end, tested my luck on a contract Helpdesk role, enrolled into YearUp, after internship i landed an IAM Engineer role. Did a lot of networking, research, & enrolling into WGU soon.
I need structured ways of learning topics, because i literally will procrastinate if everything is all over the place, that’s why i create roadmaps for everything lmao
SC-300:
- Microsoft Learn paths
- John Savill SC-300 study cram
- Create AD tenant, Dev office 365 , AD sync, make users -> GitHub labs
- MeasureUp / MSFT Learn Exams
- Use ‘search’ to remember where task is
- Do tasks then mark complete after each one before submitting test
Only you know what roadmap is best for YOU and the future of your career based off interest and discipline. You could literally copy someone else’s roadmap, and realize that line of work isn’t what you enjoy at all. Things always sound good in theory, do what works for you.
I wish these companies would stop trying to make Identity and Access Management a software engineering field… the most programming exp. you should need (but not required) is Java or Powershell.
You can’t be against on-site/hybrid in this market rn unless you really do have the leverage, but if it’s for a limited time until you gain enough exp to WFH, it’s not that deep.
Tracks:
- Cybersecurity-Artificial Intelligence (CS_AI)
- Cybersecurity-System Administration (CS_SA)
- Cybersecurity-Digital Forensics (CS_DF)
The program consists of 8 weeks of learning with 6 instructional hours per week & 2 weeks for certification preparation & examination.