Paths

I was told by a teacher at university that I would need a combination of these to get into cybersecurity at least 3 out of 4. It's not necessary, but it makes it easier to get a call back for an interview.

Work Experience

Real life work experience in a job related to the field. IT support, Networking...

Certification

OSCP (offensive), Security+ (defensive), CEH(off/def)... Click here to get more info.

College Diploma

Can be a bachelor's or a certificate, it has to be related to cybersecurity.

An online presence

Can be a website (blog, guides, writeups...), a YouTube channel with tutorials and walkthroughs, writeups, etc.

A complete beginner would need to learn the basics :

​

• in coding. Pick a popular language like Python and learn the logic behind it, which is similar across different programming languages. You will have to create tools or build projects. You can keep the code on your GitHub profile so that it's easier to share with employers if it's a skill you develop. It will be your portfolio.

​

• in networking. The CCNA course is taught for free by many YouTubers. Some people have also created labs (ex. GNS3vault, Keith Barker);

​​

• in the Windows/Linux OS. Learn how to install them, and install different services (DNS, DHCP, Mail Servers...) on them. Learn some PowerShell and bash. You need to be able to do pretty much everything on the computer through commands;

​

• Create your own labs. I got an old refurbished pc for that, with 32 GB of RAM to be able to run up to 4-5 VMs. For Canadians who want something affordable, you can look for refurbished or open box items on BestBuy, newegg or Canada Computers & Electronics. I upgraded myself the storage by watching YouTube tutorials related to my computer model.

SANS made a blog post about it if you want more detailed information about getting started. You can also use this study roadmap and target the most important topics first. If you dropped out of high school and you want to get into tech, CyberCap (in Montreal) can help you with training and socio-professional support.

As soon as you get a job in IT, you can start thinking about which career you wanna pursue in cybersecurity. Once you've got a pick, you can look at the certifications needed or the path towards a specific title (security analyst, red teamer, pentester, blue teamer, purple teamer, threat analyst, security architect...). Here's a list of 20 cybersecurity jobs listed by SANS. Some titles are used by people in HR as interchangeable synonyms, so collect data from multiple sources during your research.

You can plan out your cybersecurity career with this interactive map on CyberSeek from entry-level, mid-level, to advanced-level. When you click on the job title, you get the salary, skills needed, certifications needed, job openings, and the other job titles associated...

Click here to get to the certifications page of this current platform and help you in your choice.

If you're Canadian or an international student and you wanna pick a cegep/university click on the links in the following section, you'll get more info. If you're from another country, look up your government's website; they might have a cybersecurity section. And also look at local cybersecurity organizations that organize events/conferences, they might have information to help you on their website, mentorship programs, a list of IT-specific job fairs, etc.

Lists of schools and programs

University

Download the excel file. You can look at the themes, classes, universities, different programs (bachelor's, certificates, etc.).

Link to the website

Cegep + University

Use the filters to narrow your search.

Link to the website

Cegep + University

Link to the website

Here are a few mentorships I found:​

• The Cybereco Mentorship Program for Women in Cyber;

• The Canadian Cybersecurity Network Mentoring Program.

I haven't had any luck with finding a platform that offers mentors working in offensive security through these organizations. You can still apply, but I assume that it's easier to work in defensive security to get started if you wanna move to an offensive role later.​

Like in IT support, you need to become resourceful, be able to find what you need by googling, searching forums, etc. If you're someone who likes routine and stability, it might be stressful because there's constant change, and it can be a struggle.

It's normal to fail, to feel dumb, but by watching tutorials, studying, setting up labs, creating documentation, hacking, reading, and practicing more, you'll eventually learn, and you'll instinctively know what to search for and how to do certain tasks. I believe that if you get stuck, it's fine to take a peek at hints or the next step that is missing when you're learning.