Looking to skill up and start a new career as a cybersecurity analyst?
Well, good news!
In this guide, I’ll break down what you need to know, as well as share some up-to-date resources for you to start learning these skills by the time you finish reading. (As well as break down how long it takes to learn them… It’s actually faster than you might think!)
So grab a coffee and let’s get started.
Optional step. Speed up your learning
Because you're going to be learning a lot of new skills, I recommend taking a slight detour and checking out this guide or, better still, this course:
![Learning to Learn [Efficient Learning]](https://images.ctfassets.net/aq13lwl6616q/6VWcUgLgG0SU55ORlILe2S/e186361aeb48561bcd19ae6486577022/Learning_to_Learn.jpg?w=1200&h=672&q=50&fm=webp&bg=transparent)
Average time to complete: 5 days (based on the average student learning in their spare time)
This course will teach you how to learn using concepts you've never heard of before.
Why care?
Because it'll help you learn faster, which will then reduce the total time it takes you to learn all these other skills you'll need. (It's kind of like stopping the car to fix a flat tire, because you know it will make the whole journey much quicker and smoother).
Like I say, it’s optional but definitely worth it.
Step #1. Learn the theory
A key part of the analyst role is being able to detect threats.
However, you need to understand everything that's going on so you know what ‘normal’ looks like first. This way, you can then see when you have an issue.
So what kind of things do you need to learn? Well, this can vary as new threats evolve.
That being said, the best way to stay on top of this (and to understand the core fundamentals) is to learn everything on the CompTIA+ exam. This is a 3rd party certification that shows you are up to date with all current and core issues, and often a requirement when getting hired.
You’ll spend around 40% of your time learning here. The good news, though, is I have a course that teaches you all of this theory (and helps you pass this exam).
Average time to complete: 30 days (again, based on you being able to work on this part-time).
This course will then help you understand the following core topics:
Authentication and Access Control
This is the first main topic from the exam. You'll learn about different types of identity, authentication, account access control, Windows & Linux file access control, and much more.
Secure Network Design and Concept
You'll learn about the OSI model here before diving into another exam objective topic, which is network security. This means learning about implementations such as Firewalls, NIDS, NIPS, and Network Segmentation. Plus, you'll learn about the important tools that you'll need to know for the exam and which will be useful throughout your career.
Security Protocols
Here we shift our focus to important secure and unsecure protocols, their ports, their purposes, and what we can exchange them with in case they are not secure!
Wireless and Mobile Security
You'll learn about Wireless Infrastructure, Wireless Authentication Methods, as well as threats that target wireless devices, before moving on to Mobile Security, Mobile Device Management, and different policies that are important when managing devices inside facilities.
Virtualization and Cloud Security
You'll learn about the growing and vital importance of virtualization and cloud technology in today's world. We'll talk about the use of Virtual Machines and different types of Cloud Technology, and discuss why it's important to implement virtualization and cloud usage in your organization from the aspect of security.
Physical Security & Facilities Security
This is a small but necessary section where you'll learn about Physical Security measures, as these are important to know for CompTIA Security+ certification exam objectives.
Monitoring, Scanning, Hacking
Everyone's favorite topic: Penetration Testing.
You'll learn about what pentesting is, what phases penetration testing consists of, and we also mention different teams that exist in Cyber Security. Plus, you'll learn about the concept of vulnerability, what types of vulnerabilities exist, and how to discover vulnerabilities.
Threats, Attacks, and Vulnerabilities
This section will continue building on the previous one by elaborating on different types of threats and vulnerabilities that exist. We'll discuss all types of threats, from password attacks and network attacks to mobile applications, cloud attacks,, and zero-day vulnerabilities. Plus you'll learn about the different types of hackers that exist and how to identify them.
System Hardening and Application Testing
Endpoint Protection Strategy and Endpoint Device Hardening and Security the two essential topics you'll learn here. But you'll also learn about secure app development and secure coding techniques.
Risk Management
Risk management is the process of identifying, assessing, and prioritizing potential risks and implementing strategies to mitigate or avoid them.
Sounds pretty important, right?
Well, it is, and that's why we'll focus a lot on this, including the importance of risk control and types of risk that exist. Plus, of course, you'll learn all the important information and terms needed for the exam, such as Business Impact Analysis and different laws and standards.
Incident Response
This is when it's 🚨 Red Alert 🚨 time!
Incident Response is the process of identifying, investigating, and resolving security incidents in an organization's IT environment. You'll also learn about Redundancy and Tolerance, types of backups, as well as methods of lowering risk to decrease the chances of an incident happening in the first place.
Cryptography and Public Key Infrastructure
Last but not least, you'll learn about cryptography, including important cryptographic concepts and terms. Plus, you'll learn about Public Key Infrastructure, Asymmetric and Symmetric Encryption, Hashing, and other terms important for the exam.
Like I said earlier, it’s a lot to learn but not overly complex. If you follow my course you’ll get through it all easy enough.
Step #2. Build a portfolio early
Another slight detour, but 100% required.
So, the really cool thing about working in tech is you don't need a degree to get hired. However, you do need to prove you can do the work, and that’s where portfolios come in. You set one up and share your work there so that prospective employers can see what you’ve done and then possibly hire you.
Learn how to set up a portfolio site here, as well as some tips on how to make yourself far more hireable:
Average time to complete: 10 days
At this point, you won't have created any cybersecurity projects, but it’s still worth setting up now and adding to it as you go, as it's much easier than trying to add it all later. You always forget to add things otherwise.
Step #3. Get some hands-on experience
So now that you understand the theory, it’s time to put this into practice and get some hands-on experience. This way, you can learn the concepts better, but also start adding work into your portfolio for when you apply to jobs.
The good news is, I cover all of this inside my cybersecurity bootcamp course:
Average time to complete: 30 days, including all project work
This course will then help you apply that theory, work on some projects, and deepen your understanding of the following core topics:
Understanding Hackers
Although the analyst role is more defensive, you can’t really defend unless you understand the opposition, i.e., hackers and how they work. So it's necessary to understand how they think, as well as the processes and techniques they use to attack.
This way, you’ll be able to anticipate their moves and defend against potential threats.
Security Bugs & Vulnerabilities
In a perfect world, your systems would have no security bugs, but we don't live in a perfect world. There are always bugs and vulnerabilities. If there weren't, then cybersecurity wouldn't be such an in-demand field.
It's important that you understand what a security vulnerability is and the many types of vulnerabilities that can occur.
For example
My personal favorite vulnerability is Buffer Overflows. (Buffers are memory storage regions that hold data temporarily while it is being transferred from one location to another).
Unfortunately, hackers can exploit overflow buffers, which can trigger a response that damages files or exposes private information. It's a serious and common issue that you'll learn to identify and protect against.
Social Engineering
Every system in the world has a common, virtually unavoidable vulnerability, and that's people.
Hackers know this, which is why they work to manipulate people by engineering situations where they let their guard down and provide the hackers with information that allows them to breach an otherwise strong system.
For example
Ever get one of those scam emails where the person emailing pretends to be someone you know? That's a basic attempt by a hacker at social engineering.
That's not the only way they do this, though.
Social engineering can also be done to gain access to a system without any software bug or vulnerability being present. Such as by delivering a payload through phishing links and making the person execute it without knowing that it's malicious.
End-Point Protection
Seems simple, but you would be surprised how many people don't have good basic security hygiene with their endpoint devices, such as your laptop and cell phone.
That's why it's important to understand the basics, like installing anti-virus and using a password manager, to more involved techniques that will protect you from advanced hackers.
Network Security
Your network is your castle, and like any good castle, it should be protected by all sorts of defenses.
That's why you need to learn about tools such as Nmap, Nessus, and Routersploit. These are used to discover any vulnerabilities in your network and its devices, including how to patch and secure your network. (The same tools hackers also use to find weaknesses, but you can use them to fix them first).
Advanced Cyber Security Strategies
This section is where the rubber meets the road. You'll learn how to implement advanced cybersecurity strategies and techniques, including:
Protect & Recover Strategy
Endpoint Protection Strategy
Application Centric Strategy
Identity Centric Strategy
Data Centric Strategy
Attack Centric Strategy
Cyber Tracking
For anyone entering the cybersecurity field, one of the most important things you need to master is how tracking works on the internet. This includes things like how websites and apps track people, and how other people can track you, which leads us into the final section...
Anonymity & Privacy
Sometimes the best defense is a good offense. This section will teach you how to make yourself anonymous and increase privacy on the internet to decrease vulnerability to hackers, including methods such as a VPN or proxy, and browsing through Tor instead of regular browsers such as Google Chrome.
You'll also learn alternative, more secretive tools that can automate the process of anonymizing and privatizing your presence online. Again, learning the tools that hackers use, so that you can then be more secure and understand the vulnerabilities.
Step #4. Start applying for Cybersecurity Analyst jobs
Have you been keeping up with your portfolio? If not, then make sure to add any cybersecurity projects that you made in the last courses, and then start applying for cybersecurity analyst roles now, even if you don’t feel 100% ready yet.
The reason why I recommend this is that:
You’re probably a lot more skilled and knowledgeable than you might think. (We make sure that ZTM students know the most important information and get the best practical experience)
The tech hiring process can sometimes be a lot of applications and interviews before you secure a role, so it's worth starting to apply for roles early, while you add in any other 'bonus' skills (next step)
So how do you ace the interview?
Well, you can check out this guide and this guide, but I also HIGHLY recommend you also check out Andrei's course on getting hired at your dream job:
Estimated Time Required For This Step: 12 days.
He covers the entire application and interview process in detail, including his technique, where he gets a 90% interview success rate!
Step #5. Get certified
Because the tech industry is always changing, it means that cybersecurity experts have to stay on top of their game. If you miss a new key exploit in a software update or fail to understand some emerging tech, your whole system could be at risk.
The good news is, you’ve already done the work to pass one of the core certifications, the CompTIA+ exam. However, you just need to sit the exam now and pass. This will then look good to add to your applications as you go.
Become a Cybersecurity Analyst today!
I told you it was quicker than you might think!
The combined time to learn these skills is just 3 months, which is not bad for a brand new career, right!?
And to be clear, that's how long the average person takes to complete these courses while also working full-time and learning on the side. If you have more free time, you can get this done even quicker.
Even better news?
Every single one of the courses that I’ve shared above is included in a Zero To Mastery Academy membership. So once you join, you’ll have access to all of them, and they’re always up to date with the latest information.
Not only that, but you have access to our private Discord community where you can ask questions and chat with me, my other students, and working cybersecurity professionals:
Best articles. Best resources. Only for ZTM subscribers.
If you enjoyed this post and want to get more like it in the future, subscribe below. By joining the ZTM community of over 100,000 developers you’ll receive Web Developer Monthly (the fastest growing monthly newsletter for developers) and other exclusive ZTM posts, opportunities and offers.
No spam ever, unsubscribe anytime
