check out: convocourses.com :
the cybersecurity jobs: resume marketing book is coming soon!
Hey guys, this is Bruce and welcome to another podcast of pot of convo courses, where I'm gonna be talking to you. How to get in cyber security and how to market yourself. If you're interested in getting into a career field, that's gonna grow in the next five years, probably double to what it is right now, where you have job security and I've, I've never had to worry about whether or not I'm gonna get a job.
If you are wanting more job security, then this is a great feel to get in. And you're talking to somebody who who's been doing this for 20 years, I'm speaking to you from inside the industry. All right. So if you have any questions on Facebook, on YouTube, on TikTok live on podcast, then this is a great question.
The time to ask any of your questions regarding it and cyber security. So let's keep it to that. I'm not interested in anything having to do. Anything except cyber security. So let's just keep it to cyber security questions. All right. That being said, let's get into this. If you didn't know, I am the owner and proprietor of combo courses.com.
It's a site where it teaches you how to do site, get into cybersecurity. And specifically my sub, where I'm the subject matter expert is something called security compliance, security compliance has to do with if you've ever gone to a bank, if you've ever used a retail, if you ever used a point of sale device, if you ever gotten a, a card from the DMV, like all of those things require something called.
security compliance that that's the rules and the regulations that go into an organization, cyber security. So not necessarily implementation of the cyber security, like firewalls or IPSS IDSS and all that kind of stuff. Not the technical implementation, but more like, how does this organization, whether it be a bank or your hospital, or your, or target or Walmart or whoever, how do they comply and keep security on their systems?
That's what I do. And that's what I teach people how to do. I've been doing this for a very long time, specifically for the government, the federal government, but I've also done it in the private sector and I've done it in for states. I've done it for a little bit for other countries when it pertained to the us.
So let's get into this. So we've got combo courses. I also wanted to tell you that I'm doing real steady podcasts on pod beam. If you're, if you wanna get some information on that just go to pod beam dot combo courses, dot pod beam.com. Enjoy me there. I'm doing lives every week. I'm putting out more content.
If, if if you prefer to listen to this, or if you're at your job and you wanna listen and learn and stuff, this is a great opportunity for you to do that. And I'm open to any kind of questions you have specifically to this to this genre, to this area of my area of expertise. And a lot of, one of the good things about this community is that if I don't know something, somebody in this community, isn't a subject matter expert on that thing.
And that's one of the things that I personally love about this community that we've been building. So let's get into this. I also wanna let you guys know, I have a book I'm gonna be breaking down and giving you a lot of the stuff that's in this book. Okay. So if you actually stay tuned for this, I'm gonna actually break down exactly how to mark yourself, how to get in this career path and how to level up if you happen to be an it person.
If you happen to be a, a cable jockey, a person who's laying cable for people doing internet stuff. If you happen to be in areas like healthcare, if you happen to be in stuff like banking, this is a really good opportunity for you to transition into a career field that pays better. That has more security and has a lot of opportunities for the next 20, 30 years to come because cyber security is not going anywhere.
Okay. And it's not all super technical. That's another MIS misconception about cyber security that I, that I like to dispel that myth. All right. So let's get into this. Let me show you guys what I've got going on. I've I'm writing a book right now that breaks down one of my main questions. So one of the main questions people ask me on TikTok on Facebook, on YouTube.
Everywhere is Bruce. How do I get into this career field? Like I've been trying for years, maybe I'm in it. Maybe I'm in the hospital. Maybe I'm I'm in healthcare, I'm in this other industry and I'm trying to get into break into cyber security. I'm trying to break into it. So what I'm doing, if I could actually switch this thing over, let me see.
So what I'm doing is a book where I'm gonna tell you how to get cyber security in it. This works also for any other career field as well, how to get into it. and how to market yourself in, in this field. This is something that I've been using for years. This is not something that this is not theory for me.
This is something I actually do in practice all the time. So it's gonna be a series where I'm gonna add lots and lots of value to you over the years as I released these books. But let me just get right into this. Okay. So here's the sections of the book. What I'm telling you is first of all, the expectations, what I've been able to do successfully, and then I break down all of the steps you're gonna take to actually put this stuff on your resume, particularly if you are in it, if you're in it, the good news is you can very quickly ramp up to cyber security by putting certain things in your resume.
So one of the things I talk about. How to do an ATS style, resume ATS style resume means applic application tracking software. This is what most employers are using these days. If you happen to be putting your resume out there and you're not getting any traction, then it might be because the resume style that you have is not correct.
And sometimes when you put your resume out there it's, if you make it harder on the employer to actually take your, the data in from your resume, you know, it's, they might look, look you over and look for somebody else. So I'm teaching you how to use in in fact, I'm just giving you a template. If you go to convo courses.com and look for my course, it actually has a free template you can download right now that has the template that I use.
That's been successful over over the years. But so that's what I do. I tell you, look, here are the tools that you need to set up for this. Here's the places we're gonna be posting this, this your resume. And one of the main key features that I. aside from the format and telling you how to do all that stuff is I actually show you how to do the keyword research.
How do you find what career path to do, cuz that's a really important thing. You need to know what path you're doing because here's the thing you can see. There's misspellings in this book. This is a first, this is a rough draft. Okay. what I do is I bang out the, I just write it as fast as I can. I take all the knowledge and I dump it into this book and then I go through it like two or three times and edit it myself.
Then I get it, give it to an editor. So that's why you're, you might see some misspellings. There's some errors in here. Just ignore that stuff. That's gonna be cleaned up. As I release this, it's gonna be released on Amazon, on my, on my personal site on, and then I I'm gonna advertise it everywhere. Anyway.
what I'm gonna show you, how to do is how to find a specific category of cyber security. Cuz this is one thing that some of the gurus out there and some of the subject matter experts and some of the pen testers and stuff, they don't talk about this. And one that's that this is a huge career field cyber security's huge.
So you don't have just pen tester. You would think that cybersecurity is just a bunch of people in a closet hacking stuff. And that is not a, could not be further from the truth. This is actually a huge career field and it's getting deeper and deeper. And just to give you an example, like in my book here, I'm, I'm breaking down some of the categories that's coming from the government, the government broke down this what they did was they had this initiative where they broke down all of the main career paths of cybersecurity.
It's called the national initiative. For cyber security, careers and studies. I know that's, that's a mouthful, but this is what they called it. Take that up, that issue up with the government of why they name stuff like this, but also known as nice, nice cyber cyber workforce. If you, if you Google that, you'll find this what I'm talking about right here.
So what I'm breaking doing is breaking this down in a practical way that you can use this. So it breaks down things like securely and provision. So what does that mean? That's like people who architect and design. Secure systems. And then you got overseeing govern. That's kind of what I do. That's making sure that the, the system is secure, making sure that we manage the security and manage the the risk associated with that system.
And it also goes into legal advice and then program management and all that kind of stuff. So as you, you could probably tell that that's not super technical or in the weeds or hands on type stuff. That's more like organizing, make sure the organization itself as a whole is doing what they're supposed to do.
So cyber security is a huge field. Another area that we talk about is the, the hacking and the defense and actual people who are on the system you know, on the actual firewall, doing the configuration, putting the rules in those guys do exist. You know, I'm not saying sitting here saying that they're irrelevant or they don't exist.
I'm saying this field is so huge that you've got people who are way in the weeds all the way down the mathematics. Right. Cause you've got people who do CR cyber they, they do cyber crime investigations, forensics. You also have people who are doing crypto cryptography. So that is also considered a part of cyber security by the way.
And this thing that breaks down all those different areas that you would find these different these different categories. And then it breaks it down even further into specializations. So what my book is doing is gonna do and what I'm gonna show you how to do like a practical way to do this for yourself right now is what they do is they break it all the way down to work roles.
And then once you figure out what work roles, the first thing you gotta do is figure out what part of cyber security you want go in. Cause it's not enough to say I want to go into cybersecurity. You gotta be like, I wanna go, I wanna be a pen tester. I wanna be, I wanna go into cryptography. I wanna go into forensics.
I want to go in. I wanna do what Bruce does. I wanna do information system, security officer work. I wanna do compliance. You gotta be down to that granularity. And the only way for you to get there is for you to do some study on your keyword. Right? So that's one of the things I break down in this book.
Now what I'm gonna do right now is show you exactly how I do this. So what I'm gonna do, like live right here right now. Let me just switch my screen here on TikTok. So what I'm gonna do right now is show you what I do. Okay. So there's three main sites in the us, okay. Three main sites. And, and this, this is different by the way, this is different for each country.
If you wanna work in another country, you have to find a whole nother set of a whole nother set of sites to go through in the us. There's a top 10 group of sites that work the best. And just off the top three is gonna be LinkedIn dice and monster. So those three sites are the best sites that you can go through, go to, but there's like 10 or 20 others that you should definitely apply to.
If you're trying to get a cyber security job, if you're trying to get really any job, cuz those are the top sites. Now, if you're in the nursing, if you are doing something completely different, like sanitation engineer, if you're doing something completely different, like civil engineering, there might be other sites and for your industry that are better for you, but you gotta do that research.
I'm talking about cyber security. I'm trying to get you prepped to get into this field in cyber security, by knowing not only the key words, but also the top sites. Now the top sites for that we're talking about is monster LinkedIn and dice. And you can actually, and indeed is another really good one, but these are the sites I'm gonna show you real quick.
So once you do your resume all, so once you, first of all, the first thing you need to do is figure out what keyword. Right. So let's say you did your research and you know, I want Bruce, I wanna go into forensics forensics. I'm gonna show you real quick, how you can find keywords for forensics. If you didn't, if you didn't know a lot about it, if you hadn't done research, if you're just starting out, you just go to the search engine and type in forensics.
Now this is a very broad field. Like forensics itself is super broad. If you ever watch that show CSI, I don't really talk about computers much. They talk about dead bodies and, and extracting the maggots from the bodies and stuff like that. I mean, that's kind of a crude thing, but that's exactly what the talk dog entomology and all that kind of stuff.
We're talking about computer science. So let's type in slip forensics computers. Now I happen to know that they call it digital forensics, but let's say you didn't know that. So you, I just typed in forensics and. See why? And it automatically came up with some keywords. This is how you do it. Now this works.
If you're doing, if you're doing this with cyber security analyst, if you're doing information security, officer information, system, security, period cloud security, anything you, any kind of subject matter, you wanna do this also works for any other field. You wanna be in you just type in a little bit.
And it starts to come up with some of the key words. So let's type, let's look at this one right here, computer forensics analysis. This is leading us down a rabbit hole of all the security keywords that we need for this particular career path. Now I'm gonna go ahead. I'm on monster.com, by the way. And now I'm searching for this career, but now where do we get the keyword?
Once these jobs come up, I'll show you. So, another thing to note is the salaries. Now, if you didn't know, this salary is for information security analyst and they don't always sell the name. You notice the names, none of these are saying forensics. That's because that's, that's how this works. Like if you go into whether you're doing cryptography, whether you're doing whatever, it doesn't always have the exact name of the title of the role, the work role that you want.
And that's why it's very important for you to do the research on your own to figure out what is in this career path. Okay. What are the key words? You can see a pattern already, information security analyst, information, security analysts cyber intrusion, detection, analysts. These are all analysts, right?
Let's look at this one. Cyber forensics analysts. So all of these jobs have analysts work in them. Okay. That's why it's all, these are coming up. The key words are gonna be in the responsibilities, the requirements and the skills, and sometimes they'll have, okay. Yeah. Desired certifications. Just off of this right here.
We can get the DNA. that's associated with this particular job role this work role, right? Just off of this one thing right here, we can, we can pull a lot of different gold out of this right here. Now let me, let me just show you what I'm talking about in the responsibilities. What you wanna do you wanna read like four or five of these to get an idea of what this job is all about?
First of all, cuz you might not even want to do it, right. You might have watched a CSI one too many times and you're like, oh, I wanna be a hacker. I wanna be, I wanna do forensic, like. It's the job is rarely what you think it is. You know what I mean? So you, you definitely wanna do your research and if you can talk to some, somebody like myself, who's been in this field for a while and ask their, ask them, like, how do you like it?
You've been doing this for 20 years. How do you like doing this job? Is this something that you think I should do? What are the pros and cons? Those are the kind of questions you really want to ask. Let's get back into keywords. So if we're looking at keywords here, I'm seeing a couple off the top of my dome right here.
If you see words like this, that you don't know what the hell it is, PCAP, that's a key right there. If you see there's a couple key tasks in here, stakeholders. There's a couple of key in here already, but you wanna read through responsibilities cuz you might, you might not even wanna do this job collects network, device, integrity, data and analyze signs of tampering and compromise.
Okay. So signs of tampering and compromise is one of the things you do as a. As a forensics guy. Now let's look at, let's get a little deeper into this desired skills. Look at this. Now this is a gold mine of all kinds of keyword. See all this stuff right there. These right here are tools. It says you need to be experienced and proficient with the following tools in case FTK sift.
These are all tools of the trade for a forensics guy. Very important. Like just like a plumber. Like if you are a plumber, there's certain tools that you need to know. Right? There's certain things that, that you basic things in that field that you need to know. If you don't know 'em you gotta get to know 'em right.
Especially if you're brand new at this, you gotta get to know what those things are. Now I'm talking to people who might have a little bit of it experience or something like that. For forensics, you, you probably have to know, at least the basics. In it very, very important. So now let's get back into this.
Let's get back into finding out key keyword here. So these are all key words right here. And now what you wanna do is take these. You got two things you can do from here. You could take this and put 'em into a copy of paste it into a, a blank text file. You can do that. Another thing you can do is put it into something called word art and word art.
What it'll do word word art does is it makes a visual representation of what of what you found. So let me just show you what that, what I'm talking about, that word, art.com and it's, it's just a tool to kind of help you to, to visualize what's going on. So here's word. All right here, you can create your own.
And it, it comes up with this site here and what you'll do is you'll input the words. You'll copy them and then import them in. So let's, let me just show you what I'm talking about. So we're gonna go to, I'm gonna go back here and I'm gonna copy and you wanna do this on two or three different jobs. I'm gonna copy this and we're gonna import what we just copied into word art.
We're gonna import it now. They, they take it right here. So I just copied it. Boom. I, I put it in here and I'm gonna import these words and now what it is, parsed out every word that's in the text that I just downloaded. So what I do, let me backtrack a little bit. So what I did was, what I'm doing is I'm going through two or three of these different websites, two or three of these different jobs, and I'm gonna copy and paste those into a one file.
One word document. Then I'm gonna take those and I'll put 'em into word art. And then we're gonna do get a visualization of what this looks like to see. What, what areas are the most important that we need to focus on tools. Look at this for so forensics, we can see that tools is mentioned a whole bunch of times out of this.
Now this is kind of a light list. Like it's only mentioned twice, but you wanna get like four or five different ones and dump 'em in there, but you kind of see the idea of what is happening here. And then the tools that are mentioned the most is in case now, in case it is a forensics tool, that's very expensive.
You might be able to get a free a free version of it, trial version to, to mess around with it. But this is not, this is not a cheap, this is one of the most expensive tools out there for forensics. So in case I'm very familiar with I'm familiar with that. It's used quite a bit in the government to.
What they'll do is if, if somebody's done a crime on a computer, I could tell you some crazy stuff for forensics that's happened is it's pretty dark. I mean, the stuff that they're, if you have a forensics guy in there, then whatever the hell's on my computer is pretty, it's pretty bad. Right? It's not something I could talk about without getting flagged by every, you can kind of come up with an idea of what it is, it's murder and it's, it's like stuff like that, right.
Or worse or worse, think of something worse than that. So, anyway, so that's, what's on people's computers. It's just bad, man. Anyway, so in case what it'll do, one of the things it does is it'll take a hard drive that people, somebody has tried to clean, that they try to delete stuff and in case can see all the stuff they.
The stuff's still on the computer after you delete it, by the way, even if you put it in the trash and then emptied the trash, it's still on the computer. And in case looks at the ones and zeros that were originally written on the disc, lifts those up, and then it can reconstruct those into files. Like if they had a image or a video or whatever, it can reconstruct those and give that to whoever's doing the investigation that they'll use for a court case or whatever.
FTC, I believe does the same thing. It's like an open source ver version of in case if I'm not mistaken. And then there's some other tools here, but yeah, this just gives you an idea of how you can pinpoint different keywords that are in any kind of genre and any kind of anything that you're trying to do.
So now that we know how to do keywords, the next thing we wanna do is put that in our resume. Now you don't wanna just put this in any resume. You wanna put it in a, at ATS style resume. Let me show you what I mean by that. So I have an example of that. In my book here. And I'm just gonna show you that real quick.
And if you want an example of this, there's a couple things you can do. You can go and Google how to find a ATS style, resume those exact words. Or you can go to my site combo courses.com and look for a cyber security marketing course. And that has a free downloadable of what I'm about to show you.
And it has the actual format that you can download it and use it for your own resume. ATS style resumes are so important because what the, and see I'm using word are here. I'm telling you how to do this. I'm walking you through it in this book. That's all the stuff that's gonna be in this book. That's coming here real soon.
So I'm looking for the actual resumes. It's I got a lot of stuff in here. It's breaking down everything, every aspect of what I'm telling you right now, but in greater detail I'm I skipped over a whole bunch of stuff that you should, that you should know. . So I'm trying to find my ATS style resume in here.
Man, where is it? Okay. ATS. It should be here. Okay. ATS style, resume all the sections. I'll give you an example of what that looks like. And then we go to there, here, here it is right here. All right. So here is example of a ATS style. Is this it? No, that's not it. Sorry about that. Yeah, this is it. This is it.
See how simple this is. This is an ATS style resume. It's very, very simple. It's it's not got a lot of stuff in it, so it'll have the person's name. It doesn't have any kind that's and fancy. It's nothing fancy going on with this. Now you can make a fancy ATS style resume, you know, and I'm, I'm not wasting my time with that for this.
I'm just telling you exactly how to do this. So you'll start off with the, the, a breakdown of what's going on a person, and then you'll put the your contact information and you'll put A breakdown of who you are. Another thing that I do in the summary by the way is I'll put, I'll put Hey, I wanna RO work remotely, cuz that's an opportunity for you to say that another thing you can do is say, Hey, I have a security clearance.
Like you wanna put the security clearance right up top, if you can. So you can put that in the summary. So you right here, you just put summary, this is ATS style resume. This is it right here. You put the name, you put the contact information. You put a summary, you put education up top, you know, in this style right here.
See how this is. And the reason why the format of this matters is because when your resume is when your resume is uploaded onto these sites, when if you put it on, indeed, that's another thing you need to do. You need to put it on. Indeed. You need to put it on monster dice. LinkedIn, you need to put it on as many sites.
If you don't have a job, your job should be to put this on as many resume as sites as possible. That's what you should be doing. Okay. Another thing I show you how to do is how to protect yourself because another one thing that's happening right now, lately is these freaking scammers are scamming people to get their social security number so they can do identity theft and all that kind of stuff.
So I've never felt fallen prey to that because the way that I do my resume, I don't put my real name. This is crazy. This is CRA I don't see anybody doing what I'm saying. I do not put my real name on the sites. Not I don't do that until I'm like on a screen, I'm talking to a screener, like maybe the second interview.
Then they know my real name. They do not know my real name till I'm on the second interview a lot of times. Right? Cause I'm screening them as they're screening me. Like I'm screening the organization. As I do not put my real phone number. I do not put my real, I might even put a different email address, like a fake throwaway email.
Like you can even do that. But I put a different name, an alias. I put an alias, something similar to my name, but it's not my actual name. I do not put my real phone number. I'll put like a, I'll use a Google voice. I tell you how to do all of this in this book. All right. All this is coming. Soon as I finish this, I've gotta do the first draft of this book.
You can see all kind of misspellings and stuff in here. I'll write the book really fast and then I'll go through it and then edit and stuff like that. So I just wanted to tell you guys, like, I just wanna inform you, this is how I do it. And it's been working for me. I've not been without a job. I mean, we've, you know, we've had several different collapses in the economy where we have recessions.
We've had like, that stuff does not affect me and I'm not trying. I mean, it affects me in like, okay, if I'm going to Walmart and the prices are higher or the gas is hot, jacked up or something. Yeah. That, that affects me obviously. But I'm talking about with a job. I'm good. Like I'm always employed. And the reason why is because I'm in cyber security, I'm one of the I'm in one of the fastest growing industries in the world.
And not only that, I stay ahead of the game by marketing myself. So I'm people are constantly contacting me about jobs and I'm not sent telling you this to two, my own horn. I'm telling you, you can do this two. You can do all the stuff I'm doing, too. Everything I just told you is what I do. Everything I just told you is what I do.
And that's how I'm able to stay ahead of the game. I put, I, I have a dope resume with all the keywords for the industry I'm searching for. It's all over my it's all over my resume. It's in the, it's in the it's in the, the summary it's in the, it's in the, the actions that I've done for an organization and my work experience.
It's in my skills. It's all throughout my resume. And then I put that out there. And here's another thing. If you are in it, If you are on a help desk, if you are laying cable for people, if you are in the hospital, if you are wherever you happen to be, if you've touched a computer before, okay, you have to put all the security stuff that you've done for that industry, you have to put all the stuff you've done, cuz that's really important.
A lot of times what people will do, whether what they won't do is they won't put the cybersecurity actions that they have taken and, and that's a, that's really bad. So that's another huge thing that you have to do. Okay. So let me keep going here. I'm gonna answer a few questions. I'm not gonna stay on here too long, but if you have any questions, feel free.
If you happen to be watching me feel free to ask me any questions that you have about getting in this industry about cybersecurity, about risk management framework, about security compliance, anything at all. I've been in this career field for a long time. I'm gonna tell you from the perspective of somebody who's been doing this for some time real world Examples, real world practical things that you can use to, to upload, to upgrade yourself.
All right. I'm answering some questions on YouTube as I do once a week. And if you didn't know, I'm all on TikTok, I'm, I'm answering questions there. Very one-on-one type questions. I'm answering questions on my email. I'm doing work for people like helping people with their resumes. I do all that kind of stuff.
If you're interested in that kind of thing, where I'm going way deeper and doing like a one on one, like just me and you corresponding, not like this kind of stuff you can text me at, you can email me at combo courses@contactcombocourses.com. Or you can go to con courses.com and find my contact information there.
I'm out there. Let me answer a couple of these questions. Somebody said, watch one of my videos and said, this is a gold mine. Wow. I appreciate that. Great compliment. This is when I was doing a video about help desk to cyber security and trying to helping people, helping people with that. Somebody said, how can I purchase this book?
Some old book that I wrote? If you didn't know, I've got some books out there on audio, on audible. So if you're interested in getting into, if you like, like listening to books, I listen to books quite a bit. And I just wanna tell you guys, I have a book out there. If you go to audible.com, if you happen to have it, if you don't have audible, actually you're in luck because they'll give you this.
They'll give you like a free trial. But you can go just type in R MF. ISSO. And these are two of the books that I have right now over over four hours worth of content to listen to, if you're interested in this. This will also help you with cap a little. If you happen to be doing a certification in cap, it'll help you a little bit in security plus, but it's like a small portion of security plus.
So it's not gonna help you that much, but cap, this helps you probably, this is 60% or more of the stuff that's on the test. It's not cater to you taking the test, but it will help you to understand like the practical implementation of risk management framework. So there's that if you're interested in listening to this, it's on audible, I'm also on Amazon, just type in, you can just type in Bruce Brown or you can type in NIST 800 control family.
My book is out there as well. And then you can also order it directly from me on combo courses.com. This is the site right here, tons of free stuff here, by the way. I, people are really upset about selling products and things, but a lot of the stuff that I have on here is actually free. And if you go to YouTube, if you follow me on YouTube, it's just so much free stuff on there.
Like a lot of the stuff I say on here, or that's on my website or that's in my books, it's there. You just gotta dig for it. You know, if you want a little bit deeper dive, then that's when you going to get the book or get the course itself. That's, you know, when you're serious about this, that's when you wanna start getting the book and, and getting in deeper in this and asking direct questions.
Okay. Somebody ask me if you want to be an ISSO, what certification do you need? That is a great question. Let me break this down to you. So if so, work is normally for the federal government and let me just put you on some game right here. So if so, work. The federal government goes by something called 81 40.
So 81 40 D O D 81 40 is a breakdown of what every contractor and government employee should have as far as certifications in order to get in this field faster. So what I'm doing right now is I'm actually showing you what 81 40 looks like, see this, what I'm like. And for those of you who are listening to me, I'll explain what you're seeing, what I'm, what we're seeing.
So this is 81 40 and essentially it's approved baseline of certifications. It changes from time to time lately, every about six months that've been updating this. So there's a couple things here that I'm, that I'm not seeing. That's been either removed or added. In fact, let me see if I can go to the newer version of this.
If you go to, oh, what is it? Dissa dot mill. Yeah. And you might see me. Okay, DISA dot mill. I think it is DISA dot mill, 81 40. They have the, one of the most up to date versions of this thing. I'm trying to look for 80. They used to call it eighty five seventy and it's a, it's all the approved certifications.
So if you go by this list right here that we're looking at, this is a list of approved baseline certifications. Let me explain what this what's going on with this thing. If you can see this, if you can, let me make it a little bit bigger here, but I'll also explain it. So they have, they have this broken up by technical and management architects, analysts, and auditors.
Okay. Those are the main categories. And let me just explain each one. So the the I a T means information assurance technical that just that's basic technical troubleshooting. It might be designing or configuring systems. These certifications are needed. If you're a level one, a level one is basically like a help desk person.
This is a person who has a, basically a one on one relationship to one customer at a time. They, somebody calls in and says, Hey, I have a trouble ticket. That means like something broken and they're, they're not connected to the internet. And they happen to be on the fourth floor. And then you, or you call 'em on online.
Maybe they're, you know, you're a remote worker or whatever, but this is a first line of defense for people fixing computers, help desk customer service, field technician, one, that kind of thing. They will. They're expecting you to have an, a plus certification as listed here, a CCNA security, which is, that's a very hard security.
That's a very hard certifi. I don't know why they put this here. I didn't make this. So keep that in mind. network plus C and D, which I don't even know what that is. S S C P one of those things. That's I a T level one. That's. And remember I a T level one is a help desk person. Now, if you happen to be upper level, like let's say, not only do you do help desk stuff, but you also do some networking stuff like you might have, you might be responsible for fixing the network on a whole floor.
This is like network engineers. This is like this is like people fixing a whole land, a local area network people who's responsible for a local area, a virtual local area network. So they're, they're kind of having to look at server issues as well as switching and networking problems locally, as well as like one on one customer support.
So what certifications does an I a T level two and information assurance, technical level two need so that's a CCNA security plus CSA plus a CI. So all of these things security plus is a big one. These, these are the ones that they're looking for. Okay. When we're gonna get to the information system security officer in a second here, I'm just building up here so you can kind of understand what's going on now.
I a T level three. So this is an enclave. Normally these guys are not only doing like one on they're kind of beyond the one on one type type of thing. Cuz their skill sets are so versatile that they're needed to do bigger things they're needed to do more like working with the architecture team, working directly with servers they're they're handling stuff.
That's like. Local area network to local area network. So these guys have professional level search. They're very, very in the weeds, but also high enough level to where they have to know, see the bigger picture of what's going on with the network. They're doing enclave to enclave. That's like one lo local area network to another local area network and possibly WANs, which is a wide area network.
And that's way more complex. So this is CCN P security. That's a very difficult certification, a professional level cer Cisco certification, a CSP, which is also a professional level cert that's no joke, a C S S P high level cyber security certification. And then some others G C I H, which is incident handling.
And I, they just added this one CCS P, which is, I think, a cloud, a cloud certification from ISE two squared. I think, I believe that's what it is. Okay. Now let's get into I ISO and the ISO, if you didn't know, is a information system security. So that is kind of what I do. And I can kind of give you in an, in a nutshell, like what an ISO, an information security person does.
So this job is typically your day looks like this. You're doing a lot of meetings. That's what your day looks like. It's a lot of meetings because you're, you're talking to other people within your organization, stakeholders, you're, you don't have to be a, a subject matter expert in say, firewalls, you don't have to be a subject matter expert in say networking or routers and stuff, but you do have to know enough to be dangerous.
Like you do have to know enough to communicate what is happening with the organization. Your responsibility, as an information system, security officer is to manage the risk is to help the organization to manage the risks of the organization so they can maintain their security posture. Now you might be like, Bruce, what the hell are you?
Are you talking about what are you? Let me spit it in layman's terms. That means. The, the organization has a certain level of security and they need to maintain that. And what does that mean? Like, think about it. Windows is constantly changing. It's constantly having upgrade to patches. There's constantly vulnerabilities coming out.
There's constantly new education that needs to happen with the users. There's all these new threats that are happening from day to day. Everything's constantly changing in it. Well, that's where an information system security officer comes in because our job is to make sure that no matter what changes happen, the organization stays compliant and stays secure at a certain level.
It's very challenging, especially if the organization has a lot of different technologies or also very large or organization with lots of stuff going on. So let's get back into what actual certifications does this information system security officer need. And I'm gonna show you here right now. So let's go back to the 81 40, so 81 40 up here is an is.
So is considered a, a manager type role. Okay. It's a manager type role because you're dealing with, you're not just doing in the weed stuff, fixing computers. You're not just working with firewall. They might have you do some stuff like that. But your time is mostly spent coordinating with the organization to make sure that the organization is doing what they're supposed to do.
I said organization. So you're, you're talking to C level execs. You're talking to upper level managers. You're talking to the, to the system, administrators, you're talking to users, you're talking to user reps. You might even be talking to the customer. So it's a lot of meeting. So if it's a manager type role, you gotta be able to communicate effectively.
So a cap, a cap is a, a certified authorization professional. So what they do is exactly what I'm talking about. They make sure that the organization can maintain a certain level of authorization so that the, so that all of their documentation is good, so that all the security compliance security controls on their system is good.
And let me break this down to you. So cap is a good one. Another one is CI while I'm topping here. Another one is a CI S S P CI SS P is a good one. Security plus is also a good one. Those three, I say, well, the top certifications that ISSO is typically typically has. Now this might evolve cap cap.
I notice comes up a lot. CS a comes up from time to time. But look at these, what I'm, what I just did was I logged into ISE two squared.org, and I'm showing you the different certifications now cap. This is the certified authorization certification. So security assessment and authorization certification.
So that's what it is. Certified authorization professional. That's what it's called. So this is one of the top. This specifically focuses on N 800. So N 800 is what the federal government and states and some other organization contracting organizations will use to ensure that you know what you're doing when you're talking about security.
For an organization. So these, let me just read a couple more here, a, a couple other ones that an ISSO is considered they're good for an ISSO is let me just name a few that I've seen in the industry, a cap, a cap, a C SM, a C S S P a G S GS, C L L C. And a recent add-on. These two right here is C, C I S O and a H C I S P P, which is normally for hospitals.
This is like HIPAA compliance and stuff that one's getting gaining ground right there. And this is listed on the dissa site. So this is that's a dot mill site. So that's, that's a big deal right there. So those are the main ones. I hope that answers your question. Let me keep going down questions. If you guys have any questions whatsoever, feel free to ask me, like, I've been doing this so long.
Just off the top of my head. I, I know this stuff. I've just been doing it so long. You know, I don't know if that's necessarily a good thing, cuz it's pretty much. All I know , you know what I mean? So let me see let me answer a couple questions here. Somebody said how do you get, how do you get this?
I'm looking for? Okay. What, what are you talking about here? A hundred. Oh, okay. I posted a job a job, a remote job where you're making a hundred K. And somebody says, how do you get this? I'm looking for this right now. I took a cyber security course, and now I'm studying for the interview questions.
I would like to know how you do this boss. Okay. So I do this, like in the beginning of this, of this session, I, I talked about it and I can just give you a brief rundown. The first thing I do is I make sure all the keywords are on my resume. So every, every category of cyber security. Has a different set of keywords.
For example, for example, at one time I was proficient at like two or three different parts of cyber security. I was, I was proficient. I'd done it before I'd had certifications, everything. Right. And those two were one, I was a seam engineer. That's a security information event manager, engineer. I could build them from scratch, set 'em up, create content for it.
And it could monitor all your logs. You know, I did that for like three years straight, so I just, I just knew it. And then another thing was, I was an information. I still am information system security officer. I know that means I like, I know how to allow an organization to be compliant with certain security standards.
And then another thing I was good at was cyber security analyst work. So those three things, those are three separate resumes. Okay. They have three separate keyword sets of keyword. . So what I did was I made a resume for each one of those. Each one has different certifications that are more relevant. I'd put those on top.
Each one has different. Some of 'em really require a security clearance. Like if so, and a cyber security analyst usually requires a security clearance, cuz you're working in like a, a, so a security operation center, which is, has classified information and blah, blah, blah. But the, the scene really didn't need a security clearance.
So I could even leave that off. And that was still good. My point is every single time you, whatever career path you're going in, it has this different set of, of keywords. And so what I do to make myself more marketable for this is I get keywords for each one of those work roles. Whatever it is. And to do that, you can, you can actually research it and figure it out.
Right? And I'm not telling you to lie on your resume. I don't recommend that a lot of people like lie on your resume. Why aren't you, why aren't you lying on your resume? Me personally, I say don't no, do not lie on your resume. Do not put your picture on your resume. Like put your picture on your, not resume, but, but unless you're on in, I guess EU does that, but put your picture on your profile.
Some people are like, nah, because I'm black. I don't want people to see that I can't get jobs. Nah. Why would you wanna work at an organization who doesn't want you? You need to put your picture there and if they don't wanna work with you, you shouldn't wanna work with them. That's how I feel about it. I don't wanna work somewhere.
They don't want me. So I put my black face on my profile. Go look at it. It's up there right now. So that's number one, like put your don't lie on your resume. The reason why I don't lie on my resume is because I don't want to get in there. And then they, I, they think I'm some, I'm freaking gonna walk on water and I don't not for that particular technology.
Not only that, but in the res in the actual interview, they will ask you these questions and then they will verify what you sold them. They will call your employer and ask, Hey, did Bruce do this X, Y, and Z. They'll do that. Especially as you go higher up in the echelons right now, if you wanna fudge some numbers of how long you work the place, and you know that it's not that big of a deal, but do not put certifications.
You don't have do not. Don't lie about your degree. They're gonna check that stuff, right? Don't like, this is some obvious things you shouldn't, you shouldn't lie about on your resume, cuz they will ask you I'm going through an interview process right now. You better believe they're investigating me.
They're looking at it. Every part of my life I'm having to put in there. Right? Because it, you can't, you can't just lie on your resume. So I don't recommend lying on your resume, put the real deal on your resume. But not only that put the key words for what you're doing on your resume. So that. when so that way, when you put the, when you upload this into LinkedIn into dice, into monster, and you need to put it on like 20 or 30 different job aggregators, okay.
You need to put on 20 or 30 different ones. And that's why I say you shouldn't use your real phone number or your real, you should use an alias because you're gonna get so many calls from all kinds of people and you don't wanna get scammed anyway. So that's what you do. That's what I do. And that's how I've been able to get all these offers for remote 100 K type jobs or more.
And, and that's how you do it. And I'm writing a book right now. If you're interested in this, if you're super deep into this, if you're very serious about this, I'm writing a book right now, it's gonna be out soon. And if you, if you, if you're interested in this, the very beginning of this podcast, I broke down exactly how, what I'm telling you.
I broke down. I showed you my like, how, how I picked these key out, how I find them. All that kind of stuff. If you're interested in this, a book is coming, that's gonna break all this down in great detail about how to get into cybersecurity in particular, but you can use these techniques for basically any, any job where you have to apply for a resume.
Any job you need a resume that you could use it for that. So let me see, I got a couple other questions that says on TikTok it says I just got a free ISO two course. And let me see. Cert is free when I'm done. Have you heard of this course? Yes, this is, this is great. Like thank you so much for asking that question.
So I've been, I've been telling everybody about this new certification that's coming out, like what's happening right now. If you guys didn't know, is that the government's hurting for cyber security positions, there's something. 700,000 careers that are empty slots. Like we in desperate need of, of people to get in here.
So what's happened is there's been this huge push from nonprofit organizations, corporations, and government entities to actually get people into this field as entry level. And so ISD two squared has this new certification. That's an entry level cybersecurity certification. And right now it's free. It will not be free forever because is ISD two squared.
I don't know if you knew this, but they don't, they don't mess. They don't mess around. They do not. These guys have the top cyber security certification in the world, arguably in the world's called C I S S P. I have this certification, this certification changed my life. It's a high level cyber security certification that talks about nothing and everything.
But it is so good at marketing me. Like, all I gotta do is put that on my resume. I could probably just have a blank page with just C I S S P on there, and I'd probably get hired. That's how powerful this resume. And it's the reason why this certification's so powerful is because they've done a great job of marketing it.
That being said, I'm saying this to tell you that they're now given this damn thing, this right here for free, this is an entry level for you to get into cyber security. This right, this right here, I'm showing you it's called certified in cyber security CC. Now, from here, you can build into other sec into other this is an entry level, but you can take this and build up to a higher level certification.
That's why this is so powerful. And these guys, this is not some fly by night, organiz. This is one of the top, if not the top and best cyber security certification organizations in the world on planet earth currently right now. So this is a great path. If you are actually looking into this, this is a great path for you to do, do this, doing it for free.
They're giving it away for free. This will not be free for long. I guarantee you because they're trying to compete directly with comp Tia security plus, that's what they're trying to do. And eventually this right here, this certification, I mark my words. This certification right here, this certified in cyber security will be on this sheet right here.
This is 81 40. This is 81 40. Also known as 85, 70 approved baseline for certifications. They will have CC on this. I bet you it'll be like right here. They'll put it right here alongside a plus certification, alongside C and D and all these other ones. And once this goes on here, It'll be way more marketable than it is right now.
Right now it's a free certifi it's it's brand new people don't really know about it. People are kind of figuring it out. Like they're kind trying to compete with this and the Google support it and the security plus, and those kind of certifications that are entry level because the government is making this huge push to get more and more people in this field.
This is a really, really exciting time to get into cyber security. This is, this is a rare opportunity where they're trying to open the doors, but you, this is not a field where you can just come in off the street and know nothing. You have to do some work. Like even if you come in and know nothing, you have to do work to understand the basics of information technology.
Right. That's all. I'm, that's what I'm saying. So this is a great opportunity. Let me see, I got a couple other questions that says, how does a civilian get a security clearance? Okay. So there's a couple ways. Just, just so you know, I've been doing this for some time and I've had security, all kinds of security clearances from public trust, all the way up to top secret type certification security clearances.
Another one misconception that you, that I wanna dispel is that you don't need a security clearance to get into cyber security. They're two separate things. Okay. A security clearance is just verifying that you are, are who you say you are. They're VE they're doing a, a, anywhere from a basic security background check to make sure you're not that you are trustworthy to work in their organization with secret information.
They're making sure you're not linked to any kind of terrorist organization or insurgents or militia organizations. You'd be surprised. You'd be surprised how many people are associated with it. because every time they ask me, I'm like, ha ha. That's ridiculous. I'm not, but no, there's really a lot of people who are associated with these organizations that wanna take down the government that don't feel like they have some kind of issues with the United States government, or they're tied to another government.
They actually happen to be working for another government. And they're trying to get in and infiltrate. You'd be surprised how many people this, this applies to anyway. So background check is just trying to see if you are who you say you are. If you don't have, make sure you don't have any crazy credit issues, that's gonna affect you to work on their job, making sure you're not like a, your a super predators killing people or something like that.
Yeah, they're trying to just do that. That's separate from cyber security. Okay. Cyber, a lot of cyber security jobs need a security background check. Because the nature of the information that you're gonna be having access to, and they wanna make sure that they can trust you to protect their systems, but they not, every, not every job requires a security background check.
Okay. Cyber security is their separate things. You can be a janitor and need a security clearance. Okay. So the question was, how does a civilian get a security clearance? There's a couple ways. Number one, work for an organization who will get you a security clearance. If you happen to work in the DMV area that's DC, Virginia, Maryland area.
There's so many jobs, not just cyber security you might have be a groundskeeper and mowing grass and have to have a clearance, some dead serious. You might be painting the inside walls of a, a skiff that need you need a clear. You might, there's all kind of clerical jobs secretarial jobs name something, janitors anything like can get you.
So you would, one way that you could get in is if you had a job, if you got a job at a place that required a clearance, a lot of times they will pay for you to get a clearance. They will pay for you to get the clearance because it costs money to get a clearance. Another thing is you can there's sites.
Somebody contacted me the other day. They were trying to get me a clearance. Like they didn't, they didn't know. I guess they would contact me and saying, Hey, we can get you a clearance and stuff. So there's, there's private organizations that can get you a clearance, but you're gonna have to pay for it.
It's not cheap. Just to give you an example, from what I heard a security, a secret background check is like $5,000. And then a Ts is like $10,000. That's what an organization has to pay to get you a clearance. And then a public trust. I don't know, public trust is like here. Secret clearance is here and then above that is top secret and all other white house, all this other stuff.
So, yeah, so you can, you can get into a position, a job that requires it and then they'll let the organization pay for it. That's probably the best way. The other way is to get it privately and pay for it yourself. That's another way. But then it has to remain active. I don't know how all that stuff works, but so those are the two ways that I personally know about how to do it.
So, and I could be wrong. Anybody else you guys know of another way to do it, please chime in and, and, and inform me what's going on. Let me see here. Somebody ask hope that ask your, answer your question, by the way. Somebody ask so I just signed up and I have to take an exam. Yes. So, so I believe that that, that I C two squared, they have a, they have a course.
All right. And I believe the course is free. If it's still free, they have a course that you can take that breaks down. What's gonna be on the test. And then you, you, you go to that course, you study for it. If it's still free, hopefully still free it. They were saying it was a value of one ninety nine, a hundred ninety $9.
But even if it costs $199, it's worth you investing in yourself. It's, it's, it's worth the risk. It's worth the risk. Anyway, if it's still free, cuz just last week, it was free. You take the, you go through the course that I believe is on course. Sarah it's either on course, Sarah or it's on their website.
Okay. Sign up for their website. They'll give you a breakdown of everything you need to do. And then from there you will take the test. Like once you study for it, you take the test. Somebody. no they're paying for it once you finish the course. There you go. Okay. Thank you for that. ODI says no, they're gonna pay for it once you take the course and there's only 1 million openings.
Okay. There you go. Okay. I stand corrected. So let me, let me correct myself. So what he's saying is once you, it was free for a while. It was, it has actually free like a, like a week ago or something I'm telling you. So now you're gonna have to take the, the, the course, and then once you take the course, I think was 1 99, then you you'll take the test, pass it, get your certification.
So let me see. You have to take a test. Yes. It's this is, yeah. There's there's hurdles. You have to take the test to get the certification, but it's worth your inve. If you are serious about this, it's worth your time. Okay. Let me see. I got a couple other questions. Somebody said I barely see a hundred percent remote opportunities.
Most people keep wanting people to be on site. That's true. And bro branding, I, I would add to that and say a lot of the security clearance, a lot of the cyber security jobs that require security clearances do require you to be on site at least like a hybrid on site. But I would say that there's a lot more remote jobs opportunities than than there were before.
COVID cuz it was, it used to be really hard to find them. Now they're everywhere and I could show you how to find them real quick. I'll show you let see if I could show you on LinkedIn, if you guys didn't know, I have a LinkedIn page you can search me out on Bruce Brown for the win. Let me show you on.
If you guys happen to be on LinkedIn here, here I am right here. If you type in Bruce, go to LinkedIn and type in Bruce. CIS S P RMF or something like that. You'll find me there. It is right there. There I am right there. And so join me. I'll definitely add you. I've got a, a lot of people wanting to add and I'm, I'm always open to, to add people or you can talk to me online, all that kind of stuff, but okay.
Let me show you how to find remote jobs. Okay. Let me see. Let's let's say you were looking for a cyber security analyst job, right? Cyber I'm just, just randomly pick one off out the air. So now check this out. First. You'll go jobs. And the reason why you wanna check pick jobs is because there it's gonna show you everything.
It's gonna show you companies, posts, schools, groups, people, all that you want jobs. Okay. So search jobs, then post a date. You don't want any time, cuz this goes back like a year or something. You want something within the, at least the last month. all right, so let's look for last month and then this one's up to you, they got internships, entry level, associate senior manager, whatever.
Right? You ch choose that. But if you don't really care, leave that blank and then remote, let's go to remote job. So here it is right here. You're gonna onsite versus remote. So you've got hybrid, you got remote and you got onsite. You just click on site. Now you notice it went from 17 K jobs down to three K jobs.
I'm on LinkedIn, by the way. So I just went to jobs stuff in the past month. And then I went to remote on site. This is a new feature, by the way, they didn't have, it needs to have all of this stuff. And now they have it on dice. They have it on monster. They have it on almost every site because remote jobs are so prevalent now after COVID.
So here you go. Here are some remote jobs for cyber security analysts, which I just typed in. And that's how you find remote jobs right there in five minutes. I just showed you how to do it. and you can do this with every site, with monster, with LinkedIn, with with da, with, with dice, all of these show you how to do remote jobs.
And if you go to dice, let me see if this one's ready. So here's, here's my profile on dice.com. I'm about to turn this thing off, man. I'm getting so many contacts with these guys, so there's a way to search for remote jobs. Let me just show you here. Let me I'll do the same thing. Cyber security. I'll just type in cyber security.
I didn't put a location in I'll hit search and check this out. It comes out with this page right here, taking a little bit of time and then look right at the top. Remote only if I hit remote only you notice it went down from 4,800 jobs to 600 jobs. So, yeah, there are less Brandon to, I, I could piggyback on what you're saying.
There are quite a bit less, but there are jobs there. I mean, look at this there's 600 jobs here. I mean, granted, I didn't search for, I said any dates, so that's, that's probably, what's adding to that. Let's do the last seven days. It's gonna be quite a few less. Oh, still 126 jobs. Look at that. These are all remote jobs.
And all I did was type in cybersecurity, look, 100% remote cyber security analyst, all of these are a hundred percent remote. Now you gotta double check. Cuz one of the things I noticed about these jobs is sometimes they'll say they're a hundred percent remote, but then when you do a, an interview with 'em, they're like, well, well it's a hundred percent, but we want you to come into the, I was like, Is this a hundred percent or not?
yeah. You gotta do an interview with 'em to make sure and ask them, is this a hundred percent remote? You know what I mean? Like you usually straighten that out with the, with the actual screener, once you, once you talk to them, ask them, and then sometimes it's, it is remote, but it's like 50% travel or something.
Like there's always some kind of catch sometimes with the judge. You just gotta make sure you, you weed out those gotchas with the remote jobs. I just went through this. That's why I know a lot about it. You know, , I've been, do working remotely for the past seven years now. Like I've been working remotely for a long time.
Crazy. It's crazy to me. Like I've been working. Yes. Seth's been seven years. I started in 2014 working remotely and I've been working remotely ever since. And I will never go back. I will never go back. all right. And that being said, if you guys are interested, I have a course on how to work remotely.
It's on combo courses. Go check it out on combo courses dot com, just work, find the remote jobs course. And then I have it out there and I I'm, I might even write a book about that one and break it down. So it's like a 20, $20 book or something like that. I might, I might do that cuz I I've gotten pretty good at getting remote jobs and winning those remote job positions.
Okay. Let me see link to the course. I'm assuming you're talking about the C the CC let me see if you're interested in this. We were just talking about this, this course right here, which is an entry level ISC two squared course, which they're given. I believe you have to pay for their training and then thinks 200 bucks for the training.
Now it was free like last week, unfortunately, no longer free. And then after. That you take the, the test and I think they give you the test for free. If I'm not mistaken, correct me if I'm wrong, TikTok somebody on TikTok, correct me on that one. I appreciate that. But yeah, here's the link right here. It's ISC two dot org slash configuration certifications and four slash CC.
Or you can go to Google and just type in ISE two square ISE, two space CC, and you'll find it. Let me see if I can give you the link in the chat. I, I don't have access to the chat right now. Yeah, and I always walk me through all this other stuff I gotta do to get link access to that. All right, guys, that's it for this one.
Thank you for watching. I really appreciate all the questions. Thanks a lot for, for all your kind words and stuff and all the donations. Appreciate that. Thank you so much. I've got a couple other questions on, on TikTok. Let me see if I can answer those real quick. Yes, it's still a self-paced exam.
Okay. We're still talking about the I C two CC. So I can get an entry level job with a CI
