Ever think about how moonlighting could springboard your career to exceptional heights? Buckle up for a thrilling discussion about one of the least explored, career-enhancing strategies - moonlighting. We'll uncover the nuts and bolts of this concept and underline how it stands apart from conventional nine-to-five jobs. We'll highlight how savvy networking can open doors to invaluable experience, and why having a fire in your belly for your job is ever so crucial, especially in the high-stress, high-stakes world of security work.
In the latter half, we're going to connect the dots between moonlighting and self-training that could lead to career progression, productivity gains, and cutting costs. We're also going to dig into the importance of professional certifications like CISSP and CCSP in a fiercely competitive market. So tune in and let's explore how a small investment in yourself now, via moonlighting and gaining certifications, can pay dividends in the future.
Affiliate Links:
NordVPN: https://go.nordvpn.net/aff_c?offer_id=15&aff_id=87753&url_id=902
Follow the Podcast on Social Media!
Instagram: https://www.instagram.com/secunfpodcast/
Twitter: https://twitter.com/SecUnfPodcast
Patreon: https://www.patreon.com/SecurityUnfilteredPodcast
YouTube: https://www.youtube.com/@securityunfilteredpodcast
TikTok: Not today China! Not today
1
00:00:00
Speaker 1: How's it going?
00:00:01
Everyone?
00:00:01
This is another security unfiltered mentorship episode.
00:00:06
So you know, last couple weeks I did not put an episode in,
00:00:11
mostly because I forgot, because I was pretty sick the past
00:00:15
couple weeks, even even now, you know, I may cough a little bit
00:00:21
or need to clear my throat, you know, during this recording here
00:00:24
, just like that.
00:00:26
And you know I'm getting over whatever.
00:00:30
It was a cold or whatever.
00:00:33
But you know, I thought today would be a great time to
00:00:38
actually just kind of talk about moonlighting and how to use it
00:00:47
to take your career to the next level.
00:00:49
Okay, so there's a lot of different kinds of moonlighting,
00:00:54
you know, and I think that this is a topic that isn't really
00:00:58
talked about.
00:00:58
It's not discussed very often.
00:01:00
You know, I never even heard the term moonlighting until I
00:01:04
actually started doing it myself and someone else actually told
00:01:08
me.
00:01:08
You know that term and what it was and everything.
00:01:12
You know.
00:01:13
News to me, right?
00:01:14
So let's just start with what it is.
00:01:18
You know, moonlighting is basically anything that you're
00:01:21
doing sort of work related or career related, outside of work
00:01:26
hours, you know.
00:01:27
So you weren't, you weren't assigned this.
00:01:30
You're not doing it for your nine to five job or anything
00:01:33
like that.
00:01:33
You know this is something that you're doing to basically
00:01:39
better yourself and, you know, get yourself into a different
00:01:42
place in your career.
00:01:43
You know, and often, often, I forget about this part in my
00:01:51
career.
00:01:52
You know, early on in my career everyone knows a story by now
00:01:56
For two and a half years I worked at a help desk job.
00:02:00
You know, I enjoyed the team, I didn't mind the work and whatnot
00:02:03
, but it wasn't what I wanted to do.
00:02:05
It wasn't cybersecurity, even though I was focused more on the
00:02:08
security side of the house.
00:02:09
It wasn't a security dedicated or security focused role.
00:02:13
And so that's a huge, that's a huge difference, you know,
00:02:18
between being in cybersecurity and not being in cybersecurity.
00:02:21
And the opportunity came up, just through a friend, to
00:02:27
actually be a security analyst for a small consulting firm out
00:02:33
of the DC slash, virginia area.
00:02:35
I would be in house security consultant.
00:02:40
You know I wouldn't be, I wouldn't be, you know, client
00:02:45
facing or anything like that.
00:02:48
And I think the position was actually like security analyst.
00:02:53
But to be completely honest with you, that was a stretch
00:02:56
like that.
00:02:56
That term, that title was a stretch for what a security
00:03:03
analyst actually is, you know, and it doesn't really do a
00:03:06
justice to be completely honest with you.
00:03:08
But the title was security analyst and that's what mattered
00:03:11
, and I'll tell you why that mattered, you know.
00:03:15
So I did this job, you know, during my off hours, I mean
00:03:19
literally I would go to work from eight to five.
00:03:22
I'd get home by about 530, maybe six o'clock let's just
00:03:28
call it six o'clock you know, monday through Friday, and I
00:03:34
would eat.
00:03:35
And by seven o'clock I'm clocking in to start working as
00:03:39
a security analyst and I'm setting, I'm setting up, you
00:03:44
know, different tools, setting up different solutions, alerting
00:03:49
, monitoring, logging, all that sort of stuff, just getting my
00:03:54
hands in different technologies.
00:03:56
And this is also, this is also why it's important to network
00:04:03
with people.
00:04:04
You know, I knocked, I networked with someone at my
00:04:10
current company, right, someone that not very many people
00:04:13
befriended at that company, not many people liked even.
00:04:18
But I befriended this person and he made the connection right
00:04:24
when I, when I told him like hey, I want to get into security
00:04:26
but I don't know how to do it and nothing's working for me, he
00:04:30
immediately said, oh, I have a friend that has a security
00:04:32
company.
00:04:33
It's, you know, sock as a service.
00:04:36
Back when, sock as a service was like a cutting edge, brand new
00:04:42
thing.
00:04:42
You know, very niche area.
00:04:44
Not many places even knew about it.
00:04:47
You know, when he put me in touch with him, right, and the
00:04:52
opportunity overall was pretty poor, it was, it was actually
00:04:57
pretty poor.
00:04:58
You know, I wasn't making a huge amount of money.
00:05:02
I wasn't making, you know, 80 grand, which is the typical
00:05:06
salary of a security analyst.
00:05:07
Nothing like that, I mean it was.
00:05:11
It was hourly.
00:05:12
I think I was making maybe $20 an hour, you know, something
00:05:15
like that, like nothing crazy, but it was something right.
00:05:21
You do notice that for sure it gives you some more spending
00:05:25
money and whatnot.
00:05:26
But I took that opportunity to really add that title to my
00:05:33
resume and the importance of that is that I use that
00:05:40
opportunity, that title, that light amount of experience, and
00:05:44
I'm very open, you know, with people about what that
00:05:47
opportunity was, what I did, what I didn't do, things like
00:05:51
that.
00:05:51
But I took that opportunity to add that to my resume and then
00:05:57
it gave my resume more power, more validity when I'm applying
00:06:01
to these security roles.
00:06:03
It shows, hey, this person does have a security dedicated role.
00:06:10
It's not his day job, he's doing it after hours.
00:06:14
For someone to do that, they must really love it.
00:06:16
You know, and it's coming out now, that the best security
00:06:22
professionals are the ones that love it, the ones that you know
00:06:26
actually want to be in this field.
00:06:28
And the reason being is that security is literally it is so
00:06:31
stressful at times, the work is so difficult at times that if
00:06:36
you do not love it and you just love the paycheck, you're not
00:06:40
going to last a bit very long.
00:06:41
And if you do last in it you will be miserable.
00:06:46
You will go home every day, you know, feeling relieved that you
00:06:51
left that place right.
00:06:54
And you know you will dread the morning when you're waking up,
00:06:59
going to work.
00:06:59
Like I've had jobs before where you know I have dreaded going
00:07:07
to work.
00:07:08
I mean, like I wake up that day and I'm literally like man,
00:07:13
should I just call in sick?
00:07:14
And you know you look down at the calendar and it's like, oh,
00:07:19
it's Friday.
00:07:19
This is literally the fifth day in a row where I was like can I
00:07:23
call?
00:07:23
Should I call in sick?
00:07:24
You know that's a thing you know and it's not fun.
00:07:33
And so if you go into security, you know, just because you want
00:07:36
the money, because you want the paycheck right, whatever it
00:07:40
might be, if you don't love it, you're going to find yourself in
00:07:43
that situation and so moonlighting shows to other
00:07:48
people you know, not only that you're capable of doing it, not
00:07:53
only that you, you know, have that title or have some light
00:07:59
experience, but that you love it .
00:08:01
You know, and they feel more comfortable giving you the
00:08:04
opportunity, knowing that you're going to probably love it,
00:08:09
you're going to enjoy it and you're going to strive in it.
00:08:11
Right, that's what people really want.
00:08:13
But back then, back then, that wasn't really the mentality.
00:08:18
The mentality was not oh, you have to love it to really be in
00:08:21
it.
00:08:22
It was like you know, you have to be in security to be in
00:08:26
security.
00:08:26
No, that was the mentality.
00:08:28
There was no factor of drive or anything else like that.
00:08:33
No one really cared.
00:08:35
And so that's why I was such a like an outlier, you know, kind
00:08:41
of, in the industry around me.
00:08:43
Was that I really wanted it?
00:08:45
You know, I really wanted to be in security.
00:08:48
I really wanted to do everything that I possibly could
00:08:50
to get into this field because it fit my mentality, it fit my
00:08:54
personality, it fit you know how I think through problems, how I
00:08:59
assess them.
00:09:01
You know my thought process.
00:09:04
It fit all of those things you know.
00:09:07
It allowed me to be very analytical, look at problems
00:09:11
from a holistic point of view, which is hard to find.
00:09:16
You know, in a lot of careers and a lot of areas it's hard to
00:09:20
find, especially if you don't become a doctor or a lawyer.
00:09:24
You know if you're a doctor, lawyer, scientist, what other
00:09:30
jobs are really going to have that opportunity to really
00:09:34
challenge you.
00:09:35
You know mentally in those ways , right, and that, look, I'm
00:09:40
probably forgetting.
00:09:41
You know 99% of the jobs that are like that, right, this is
00:09:48
really more of a off the cuff, you know discussion with you
00:09:52
guys talking about my path.
00:09:55
Well, I bring that up because you know kind of twofold right.
00:10:03
One, you take that opportunity to advance your career but you
00:10:09
also take it to advance your skill set, to advance.
00:10:15
You know your own knowledge of a topic and whatnot, and you
00:10:19
don't have to know everything upfront going into it.
00:10:22
You really don't.
00:10:25
When I took that security analyst job, I didn't know
00:10:28
anything.
00:10:28
I mean I literally didn't know anything.
00:10:31
You know I had my security plus certification at the time,
00:10:37
which is a good foundation, but that is it.
00:10:39
You know I did some security tasks and security you know work
00:10:47
at my day job, but it wasn't the security analyst work or
00:10:51
anything like that, and so I didn't know anything.
00:10:56
I didn't know what I didn't know, and that's a huge thing.
00:10:59
You know, that's where it catches a lot of people up, and
00:11:03
I say this because you shouldn't let it catch you up, you
00:11:06
shouldn't let it take over your mentality and affect your
00:11:13
decision.
00:11:14
Right this is something that I've talked about a lot on my
00:11:19
podcast with my guests is the fact that you know you don't
00:11:25
need to know everything, or you don't need to have everything on
00:11:30
the job description ticked off in your resume, in your
00:11:34
experience, in order for you to apply to that job.
00:11:37
If you're a 50, a lot of people that I've talked to say that if
00:11:41
you're at 50% of the requirements for that position
00:11:45
and the job description, you should apply to it, because
00:11:48
there's a lot of people out there that are realizing that
00:11:54
really, the important stuff that they need from a candidate is
00:11:58
maybe 50% of what they put on the job description.
00:12:00
Anything above that is good to have, it's nice to have, it
00:12:05
makes things a little bit easier , but it's not required.
00:12:08
And the other 50% that this candidate may be lacking, they
00:12:14
can absolutely, you know, train it up, they can absolutely fill
00:12:18
those gaps and things like that, and so it's not a big deal.
00:12:22
And so in this situation of moonlighting, you know, it was
00:12:27
extremely beneficial for me to suck it up and do that job.
00:12:32
Now I think, if I remember right , I think this opportunity only
00:12:40
lasted maybe nine months.
00:12:44
Maybe nine months.
00:12:46
It wasn't too crazy long, but it was just enough to give me
00:12:55
that line on the resume that allowed me to get in the door
00:12:59
somewhere else as a full-time security engineer, which is my
00:13:03
goal, and you know I want to bring it.
00:13:08
I bring that up because even now, you know, I'm about 10
00:13:14
years into this career, I'm still doing it now.
00:13:16
I'm still doing different moonlighting opportunities and
00:13:22
sorry, like I'm struggling through recovering from a cold,
00:13:26
but I'm struggling, or I'm still going through different
00:13:31
moonlighting opportunities.
00:13:34
You know it could be something like a virtual see-saw.
00:13:37
Could be this podcast, even right.
00:13:40
This podcast has opened up doors I never would have
00:13:43
expected Could be being an adjunct professor.
00:13:46
It could be creating course content for Infosec Institute
00:13:51
that recently got bought out by Cengage I can't say their name,
00:13:56
cengage.
00:13:56
Whatever it could be doing that you know, it could be getting
00:14:03
certifications, you know, in my opinion, moonlighting can also
00:14:08
be your own training in the career.
00:14:11
Right, so it could be you, you know, going out of your way
00:14:15
studying for a certification.
00:14:17
You know, setting that goal, setting a deadline and then
00:14:22
working to achieve it.
00:14:23
You know and I say this because there's it seems like it seems
00:14:34
like there is a huge debate going on among the millionaires
00:14:40
out there that are saying that if you're still working from
00:14:44
home and you don't want to return to the office, you've
00:14:48
been cheating, you've been stealing, you've been doing
00:14:52
something wrong, which is maybe the most incorrect statement
00:14:56
I've ever heard, maybe the most that anyone could ever tell you
00:15:01
about your career.
00:15:04
You know, working from home has enabled me to be significantly
00:15:11
more productive for my nine to five, significantly more
00:15:17
productive.
00:15:17
When I was in the office, I was spending time talking to people
00:15:22
about shit that I didn't need to be talking to them about
00:15:28
around the water cooler, in the cafeteria, wherever it was.
00:15:32
I'd worked in the office for maybe two actual hours a day,
00:15:38
right, maybe, okay, and I know everyone's going to say, oh,
00:15:43
that sounds terrible, that's really bad.
00:15:45
You know this and that, right, you're being pulled into
00:15:48
meetings.
00:15:48
You know you're being pulled into other conversations about
00:15:52
different topics.
00:15:53
So is it really, hands on keyboard, I'm actually
00:15:56
engineering something, I'm actually building something or
00:15:59
doing whatever?
00:16:00
No, I'm actually in these meetings, you know physically,
00:16:06
and you know addressing whatever issues are coming up.
00:16:11
Now that I'm at home, you know we can fire up a team's meeting,
00:16:15
right, that's scheduled for an hour.
00:16:18
This is a perfect example.
00:16:19
Today, teams call scheduled for an hour.
00:16:23
We got through it in 20 minutes .
00:16:24
We got off the call, I went straight into with, literally
00:16:29
without leaving my desk.
00:16:30
I went straight into my consoles and started working on
00:16:33
the projects that I have to deliver by the end of the year,
00:16:37
which actually, mind you, I am ahead of schedule.
00:16:40
I'm significantly ahead of schedule on those projects.
00:16:45
If I was in the office, I would probably be, you know, not not
00:16:50
ahead of schedule, I'll tell you that much.
00:16:52
Definitely not a schedule, but it's a joke.
00:16:57
It's a joke that these millionaires and billionaires
00:17:02
are trying to tell us now is that we're cheating, you know,
00:17:06
ourselves.
00:17:07
We're cheating the company.
00:17:08
We're cheating them Because we're working from home, right,
00:17:13
because they can't rationalize spending billions of dollars on
00:17:17
real estate To house all their employees and they want to have
00:17:21
that asset as a write-off in their companies.
00:17:24
You know accounting at the end of the year, and that's
00:17:26
essentially what it is.
00:17:28
You know, like, that's the game.
00:17:30
You know, like, if I rented an office building or a you know
00:17:36
just an office space For this podcast, right, I could write it
00:17:40
all off.
00:17:41
I got to write off a hundred percent of it, basically, and
00:17:47
you know, declare it as losses and things like that, right,
00:17:49
because it's the cost of doing business.
00:17:51
Oh, I have to have this office, you know it's.
00:17:55
It's all a game, you know, and I'm not, I'm not Knocking them
00:18:01
for playing the game, right, it's a game.
00:18:03
You need to know the rules.
00:18:04
This is the real world, right, if you don't know the rules and
00:18:08
you don't know it's a game, you're gonna lose no matter what
00:18:10
.
00:18:12
But the opportunity of working remote provides more value to
00:18:17
the company.
00:18:17
It actually does it.
00:18:20
It enables me to do the work that I want to do, enables me to
00:18:26
actually be happier, because now I get to spend more time
00:18:29
with my family.
00:18:30
That's brand new, brand new family.
00:18:32
I get to spend more time with my brand new family.
00:18:35
And While I'm doing that, right , right, right, after hours,
00:18:42
there's no one hour commute home or 90 minute commute home, I
00:18:47
can get right into studying for different certifications and
00:18:51
different skill sets that I need to obtain to be more effective
00:18:56
in my nine to five.
00:18:58
So please, someone tell me, someone, please educate me as to
00:19:02
how I'm cheating a, a multi-billion dollar company.
00:19:06
You know, like that's the craziest thing to me, that that
00:19:12
I've heard in a long time.
00:19:13
You know, it's just absurd to think like that, that that
00:19:17
you're stealing Because you're remote.
00:19:20
It's like I can see if you're working two, three, four
00:19:27
full-time jobs, right, and you're not telling any of your
00:19:30
employers about the other employer and you're making, you
00:19:35
know, three, four times the salary, right, and you know,
00:19:40
mind you, when you do that, other things are gonna be
00:19:43
dropped off off of these other jobs and you're gonna be
00:19:46
juggling it a lot more than you would actually think.
00:19:49
That's now right.
00:19:53
In my opinion.
00:19:54
That's not right.
00:19:55
That's not fair to that company especially.
00:19:59
You know, if you're, if you're literally working the security
00:20:02
engineering role and you're nine to five and maybe it's a little
00:20:06
bit of a slower season You're not doing that much and then you
00:20:09
get another full-time, remote job as a security engineer Maybe
00:20:13
it's not even the same industry or whatnot as your as your
00:20:16
first nine to five, but it's still a security engineer role
00:20:21
and you're working that role at this other company.
00:20:22
That's kind of shitty, you know .
00:20:26
That's not something, that's not something that I would do,
00:20:29
that's not something that I have done, that's not something I
00:20:31
would advocate for.
00:20:33
You know, the the work that you're doing at these
00:20:38
moonlighting Opportunities has to be different from what you're
00:20:42
nine five is because you need to be using that as a stepping
00:20:45
stone To your next role, to your next goal.
00:20:49
That's a really good way of actually doing it.
00:20:53
That a lot of people, I Think they forget about it, they don't
00:20:57
talk about it.
00:20:58
You know, this is the first time, and maybe ever, that you
00:21:05
know I've heard someone talk about it, right, and so it kind
00:21:08
of just hit me and I was like, oh, I need to talk about this
00:21:11
because I've actually done this in my career To get me to that
00:21:15
next level.
00:21:16
That seemed to be unobtainable, unsurmountable, you know.
00:21:21
And as soon as I did this moonlighting thing, put in a
00:21:23
little bit more effort.
00:21:24
Yes, guess what, I was more tired, I got less sleep, but it
00:21:30
was all worth it in the long run .
00:21:32
So you know, I just wanted to to bring that up.
00:21:36
And you know, again, moonlighting is not necessarily
00:21:41
Working an entirely separate job .
00:21:43
It literally could be you studying for a certification.
00:21:47
You know these things.
00:21:49
For me, it's really whatever Goes into making you a better
00:21:55
professional in your career field.
00:21:57
That's what that is.
00:21:59
So you know, I just wanted to talk about that because you know
00:22:05
I've also I've also seen a lot of you know videos start popping
00:22:13
up on YouTube talking about You're you're cheating your
00:22:18
employer by working from home.
00:22:19
You know that's that's the most frustrating thing, right for me,
00:22:24
because it's like, you know, probably 95% of the people that
00:22:29
are moonlighting.
00:22:30
They're doing it because they want to provide a better life
00:22:34
For their family, they want to advance their career.
00:22:37
You know they want to make, they want to do better overall,
00:22:44
and for me, in my opinion, there's nothing wrong with that.
00:22:47
You know, if, if you have no ill intentions, you know, and
00:22:52
you don't want to, you know, harm anyone or harm the company
00:22:55
that you're working for, anything like that, then there
00:22:58
should be no issue.
00:22:59
And you know it's like these people are out of touch.
00:23:04
You know, because I'm sure some of them Did this earlier on in
00:23:10
their career where they were working.
00:23:11
You know, two jobs are doing multiple things trying to get to
00:23:17
where they are today.
00:23:22
It just doesn't make any sense to me, you know, honestly, like,
00:23:25
at the end of the day, I think the whole push to go back into
00:23:28
the office, in my opinion, is Really just so that they can
00:23:34
rationalize.
00:23:35
You know, spending the money utilizing the real estate that
00:23:39
they invested in, that's turning into a liability, used to be an
00:23:43
asset, and now they're debating about getting rid of it, you
00:23:47
know, and they don't want to get that asset off of their, off of
00:23:50
their P&L, and that's what it is, you know, in my opinion,
00:23:55
that's what it is, because, you know people want to say oh
00:24:00
You're, you're missing out on the water cooler talks.
00:24:03
You know, you're missing out on promotions Because of these
00:24:08
water cooler talks.
00:24:09
You know, whatever, whatever, that is right, and I think,
00:24:13
though, that's absolute BS.
00:24:17
You know, when I start a fully remote job, when I start a new
00:24:21
one, a fully remote job, the very first thing I do for the
00:24:25
first 90 days is I'm meeting with all of my Managers, peers,
00:24:32
and I'm meeting with all of their managers.
00:24:35
So I'm meeting with directors, vps, I'm meeting with other, you
00:24:40
know, managers.
00:24:41
All of these people are the teams that I will be working
00:24:46
with.
00:24:46
They own these teams.
00:24:47
So I'm building that relationship and then I have
00:24:51
monthly touch bases with all of them.
00:24:53
Like, hey, how can I help you?
00:24:55
You know what areas are you struggling with?
00:24:58
What areas do you need more help with?
00:25:00
How can I actually help you and make your life easier?
00:25:04
So that replaces the water cooler talk, right, and that's a
00:25:11
quick 30 minutes.
00:25:12
Maybe a monthly, maybe a quarterly call, where you know
00:25:17
you're just reaching out seeing if you can help them in some way
00:25:20
.
00:25:20
That's all that.
00:25:22
That is that replaces the hour that I'm spending at the water
00:25:27
cooler over, you know, an entire week, so to speak.
00:25:31
You know, talking to these people to get a promotion.
00:25:36
That's BS, in my opinion.
00:25:39
That is BS, you know.
00:25:42
I know CISOs that are fully remote and and there's no need
00:25:47
for them to to go back into the office and their companies are
00:25:52
trying to order everyone back into the office and you know
00:25:57
these CISOs are telling their security teams like, hey,
00:26:00
everyone else is going to go back into the office.
00:26:02
This doesn't apply to you, because they know if they don't
00:26:07
offer these benefits, right, If they don't give these benefits
00:26:11
to their security team, their security team is literally just
00:26:13
going to go somewhere else because, literally, the last
00:26:18
time I checked, I think there's a five million headcount
00:26:22
shortage in cybersecurity.
00:26:24
Literally there's five million roles more than what there are
00:26:29
actually in the profession.
00:26:31
And so in security, literally the stat is, I think it's 99%,
00:26:39
98 or 99% of people employed in cybersecurity are Switching jobs
00:26:47
rather than getting laid off or fired and then finding another,
00:26:52
another job or, you know, quitting without having another
00:26:57
job lined up.
00:26:58
98 or 99% are just switching jobs.
00:27:03
You know so like they're working and then they put in
00:27:06
their two weeks notice and then they go to another job.
00:27:08
So they're not on them, they're not unemployed for a certain
00:27:11
amount of time, they're just going from one job to another.
00:27:15
That shows you that cybersecurity professionals are
00:27:20
still in very high demand and that's not going away.
00:27:24
You know that's not changing anytime soon.
00:27:27
There's literally five million open roles more than the Amount
00:27:32
of professionals that we have in the field.
00:27:37
You know, I, the best way to get into security is to start
00:27:41
getting the certifications that no one else wants to get.
00:27:43
To be quite honest with you, you know I was a little bit
00:27:46
stunned with this stat.
00:27:48
I've looked up how many people in America I think it was
00:27:53
America that have the CCSP, csp certification right, the the
00:28:01
certified cloud security Professional or practitioner or
00:28:05
whatever it is.
00:28:06
I have it.
00:28:07
So you would think I would know what it is, but it's ISC
00:28:13
squared cloud version of the CISSP.
00:28:16
Essentially, there's only five thousand people in America that
00:28:21
have that certification.
00:28:22
That certification is growing in demand.
00:28:25
I can tell that it's growing in demand because more on more and
00:28:30
more job applications You're seeing CISSP or CCSP on cloud
00:28:36
security and architect roles.
00:28:39
The reason being is that people are seeing oh, not everyone has
00:28:44
a CISSP.
00:28:45
Well, the next best thing CCSP that fits more with the cloud.
00:28:51
We can use that.
00:28:52
But there's only 5 of us roughly that have this
00:28:59
certification in North America or in America.
00:29:02
And then if you look at the CISSP, that number is not
00:29:08
dramatically higher.
00:29:09
I thought it would be millions, I think when I checked it was
00:29:14
like 50, which is insane because the CISSP has been
00:29:20
around for like 20 years.
00:29:22
At this point.
00:29:22
It's been around for 20 years.
00:29:24
I think the CISSP has been around for six or seven years,
00:29:28
something like that.
00:29:29
Don't quote me, I don't know how long these things have been
00:29:34
around, but I know CISSP has been around significantly longer
00:29:39
than the CISSP.
00:29:40
I would have thought more people had them, and so how you
00:29:45
get these roles is getting those certifications that not many
00:29:49
other people have.
00:29:50
When you're getting them, you think everyone has them and you
00:29:54
see them on all these job descriptions and you probably
00:29:56
see them on people on LinkedIn, their profile and whatnot.
00:30:00
Those are the minority.
00:30:00
Those are not the majority.
00:30:02
Those are the minority.
00:30:04
This is something that I'm learning myself, but that should
00:30:09
add a little bit of fire in you to actually go out there and
00:30:13
moonlight and learn new skills, go after new certifications,
00:30:17
make the changes that you need to make so that yourself, in 10
00:30:21
years, will thank the old self for making those sacrifices.
00:30:26
All right, guys, that's all that I have for this episode.
00:30:30
I hope you guys enjoyed it.
00:30:31
I hope it helps someone out there.
00:30:33
Go out there and make a difference.
00:30:37
All right, see you guys.
Speaker 1: How's it going?
00:00:01
Everyone?
00:00:01
This is another security unfiltered mentorship episode.
00:00:06
So you know, last couple weeks I did not put an episode in,
00:00:11
mostly because I forgot, because I was pretty sick the past
00:00:15
couple weeks, even even now, you know, I may cough a little bit
00:00:21
or need to clear my throat, you know, during this recording here
00:00:24
, just like that.
00:00:26
And you know I'm getting over whatever.
00:00:30
It was a cold or whatever.
00:00:33
But you know, I thought today would be a great time to
00:00:38
actually just kind of talk about moonlighting and how to use it
00:00:47
to take your career to the next level.
00:00:49
Okay, so there's a lot of different kinds of moonlighting,
00:00:54
you know, and I think that this is a topic that isn't really
00:00:58
talked about.
00:00:58
It's not discussed very often.
00:01:00
You know, I never even heard the term moonlighting until I
00:01:04
actually started doing it myself and someone else actually told
00:01:08
me.
00:01:08
You know that term and what it was and everything.
00:01:12
You know.
00:01:13
News to me, right?
00:01:14
So let's just start with what it is.
00:01:18
You know, moonlighting is basically anything that you're
00:01:21
doing sort of work related or career related, outside of work
00:01:26
hours, you know.
00:01:27
So you weren't, you weren't assigned this.
00:01:30
You're not doing it for your nine to five job or anything
00:01:33
like that.
00:01:33
You know this is something that you're doing to basically
00:01:39
better yourself and, you know, get yourself into a different
00:01:42
place in your career.
00:01:43
You know, and often, often, I forget about this part in my
00:01:51
career.
00:01:52
You know, early on in my career everyone knows a story by now
00:01:56
For two and a half years I worked at a help desk job.
00:02:00
You know, I enjoyed the team, I didn't mind the work and whatnot
00:02:03
, but it wasn't what I wanted to do.
00:02:05
It wasn't cybersecurity, even though I was focused more on the
00:02:08
security side of the house.
00:02:09
It wasn't a security dedicated or security focused role.
00:02:13
And so that's a huge, that's a huge difference, you know,
00:02:18
between being in cybersecurity and not being in cybersecurity.
00:02:21
And the opportunity came up, just through a friend, to
00:02:27
actually be a security analyst for a small consulting firm out
00:02:33
of the DC slash, virginia area.
00:02:35
I would be in house security consultant.
00:02:40
You know I wouldn't be, I wouldn't be, you know, client
00:02:45
facing or anything like that.
00:02:48
And I think the position was actually like security analyst.
00:02:53
But to be completely honest with you, that was a stretch
00:02:56
like that.
00:02:56
That term, that title was a stretch for what a security
00:03:03
analyst actually is, you know, and it doesn't really do a
00:03:06
justice to be completely honest with you.
00:03:08
But the title was security analyst and that's what mattered
00:03:11
, and I'll tell you why that mattered, you know.
00:03:15
So I did this job, you know, during my off hours, I mean
00:03:19
literally I would go to work from eight to five.
00:03:22
I'd get home by about 530, maybe six o'clock let's just
00:03:28
call it six o'clock you know, monday through Friday, and I
00:03:34
would eat.
00:03:35
And by seven o'clock I'm clocking in to start working as
00:03:39
a security analyst and I'm setting, I'm setting up, you
00:03:44
know, different tools, setting up different solutions, alerting
00:03:49
, monitoring, logging, all that sort of stuff, just getting my
00:03:54
hands in different technologies.
00:03:56
And this is also, this is also why it's important to network
00:04:03
with people.
00:04:04
You know, I knocked, I networked with someone at my
00:04:10
current company, right, someone that not very many people
00:04:13
befriended at that company, not many people liked even.
00:04:18
But I befriended this person and he made the connection right
00:04:24
when I, when I told him like hey, I want to get into security
00:04:26
but I don't know how to do it and nothing's working for me, he
00:04:30
immediately said, oh, I have a friend that has a security
00:04:32
company.
00:04:33
It's, you know, sock as a service.
00:04:36
Back when, sock as a service was like a cutting edge, brand new
00:04:42
thing.
00:04:42
You know, very niche area.
00:04:44
Not many places even knew about it.
00:04:47
You know, when he put me in touch with him, right, and the
00:04:52
opportunity overall was pretty poor, it was, it was actually
00:04:57
pretty poor.
00:04:58
You know, I wasn't making a huge amount of money.
00:05:02
I wasn't making, you know, 80 grand, which is the typical
00:05:06
salary of a security analyst.
00:05:07
Nothing like that, I mean it was.
00:05:11
It was hourly.
00:05:12
I think I was making maybe $20 an hour, you know, something
00:05:15
like that, like nothing crazy, but it was something right.
00:05:21
You do notice that for sure it gives you some more spending
00:05:25
money and whatnot.
00:05:26
But I took that opportunity to really add that title to my
00:05:33
resume and the importance of that is that I use that
00:05:40
opportunity, that title, that light amount of experience, and
00:05:44
I'm very open, you know, with people about what that
00:05:47
opportunity was, what I did, what I didn't do, things like
00:05:51
that.
00:05:51
But I took that opportunity to add that to my resume and then
00:05:57
it gave my resume more power, more validity when I'm applying
00:06:01
to these security roles.
00:06:03
It shows, hey, this person does have a security dedicated role.
00:06:10
It's not his day job, he's doing it after hours.
00:06:14
For someone to do that, they must really love it.
00:06:16
You know, and it's coming out now, that the best security
00:06:22
professionals are the ones that love it, the ones that you know
00:06:26
actually want to be in this field.
00:06:28
And the reason being is that security is literally it is so
00:06:31
stressful at times, the work is so difficult at times that if
00:06:36
you do not love it and you just love the paycheck, you're not
00:06:40
going to last a bit very long.
00:06:41
And if you do last in it you will be miserable.
00:06:46
You will go home every day, you know, feeling relieved that you
00:06:51
left that place right.
00:06:54
And you know you will dread the morning when you're waking up,
00:06:59
going to work.
00:06:59
Like I've had jobs before where you know I have dreaded going
00:07:07
to work.
00:07:08
I mean, like I wake up that day and I'm literally like man,
00:07:13
should I just call in sick?
00:07:14
And you know you look down at the calendar and it's like, oh,
00:07:19
it's Friday.
00:07:19
This is literally the fifth day in a row where I was like can I
00:07:23
call?
00:07:23
Should I call in sick?
00:07:24
You know that's a thing you know and it's not fun.
00:07:33
And so if you go into security, you know, just because you want
00:07:36
the money, because you want the paycheck right, whatever it
00:07:40
might be, if you don't love it, you're going to find yourself in
00:07:43
that situation and so moonlighting shows to other
00:07:48
people you know, not only that you're capable of doing it, not
00:07:53
only that you, you know, have that title or have some light
00:07:59
experience, but that you love it .
00:08:01
You know, and they feel more comfortable giving you the
00:08:04
opportunity, knowing that you're going to probably love it,
00:08:09
you're going to enjoy it and you're going to strive in it.
00:08:11
Right, that's what people really want.
00:08:13
But back then, back then, that wasn't really the mentality.
00:08:18
The mentality was not oh, you have to love it to really be in
00:08:21
it.
00:08:22
It was like you know, you have to be in security to be in
00:08:26
security.
00:08:26
No, that was the mentality.
00:08:28
There was no factor of drive or anything else like that.
00:08:33
No one really cared.
00:08:35
And so that's why I was such a like an outlier, you know, kind
00:08:41
of, in the industry around me.
00:08:43
Was that I really wanted it?
00:08:45
You know, I really wanted to be in security.
00:08:48
I really wanted to do everything that I possibly could
00:08:50
to get into this field because it fit my mentality, it fit my
00:08:54
personality, it fit you know how I think through problems, how I
00:08:59
assess them.
00:09:01
You know my thought process.
00:09:04
It fit all of those things you know.
00:09:07
It allowed me to be very analytical, look at problems
00:09:11
from a holistic point of view, which is hard to find.
00:09:16
You know, in a lot of careers and a lot of areas it's hard to
00:09:20
find, especially if you don't become a doctor or a lawyer.
00:09:24
You know if you're a doctor, lawyer, scientist, what other
00:09:30
jobs are really going to have that opportunity to really
00:09:34
challenge you.
00:09:35
You know mentally in those ways , right, and that, look, I'm
00:09:40
probably forgetting.
00:09:41
You know 99% of the jobs that are like that, right, this is
00:09:48
really more of a off the cuff, you know discussion with you
00:09:52
guys talking about my path.
00:09:55
Well, I bring that up because you know kind of twofold right.
00:10:03
One, you take that opportunity to advance your career but you
00:10:09
also take it to advance your skill set, to advance.
00:10:15
You know your own knowledge of a topic and whatnot, and you
00:10:19
don't have to know everything upfront going into it.
00:10:22
You really don't.
00:10:25
When I took that security analyst job, I didn't know
00:10:28
anything.
00:10:28
I mean I literally didn't know anything.
00:10:31
You know I had my security plus certification at the time,
00:10:37
which is a good foundation, but that is it.
00:10:39
You know I did some security tasks and security you know work
00:10:47
at my day job, but it wasn't the security analyst work or
00:10:51
anything like that, and so I didn't know anything.
00:10:56
I didn't know what I didn't know, and that's a huge thing.
00:10:59
You know, that's where it catches a lot of people up, and
00:11:03
I say this because you shouldn't let it catch you up, you
00:11:06
shouldn't let it take over your mentality and affect your
00:11:13
decision.
00:11:14
Right this is something that I've talked about a lot on my
00:11:19
podcast with my guests is the fact that you know you don't
00:11:25
need to know everything, or you don't need to have everything on
00:11:30
the job description ticked off in your resume, in your
00:11:34
experience, in order for you to apply to that job.
00:11:37
If you're a 50, a lot of people that I've talked to say that if
00:11:41
you're at 50% of the requirements for that position
00:11:45
and the job description, you should apply to it, because
00:11:48
there's a lot of people out there that are realizing that
00:11:54
really, the important stuff that they need from a candidate is
00:11:58
maybe 50% of what they put on the job description.
00:12:00
Anything above that is good to have, it's nice to have, it
00:12:05
makes things a little bit easier , but it's not required.
00:12:08
And the other 50% that this candidate may be lacking, they
00:12:14
can absolutely, you know, train it up, they can absolutely fill
00:12:18
those gaps and things like that, and so it's not a big deal.
00:12:22
And so in this situation of moonlighting, you know, it was
00:12:27
extremely beneficial for me to suck it up and do that job.
00:12:32
Now I think, if I remember right , I think this opportunity only
00:12:40
lasted maybe nine months.
00:12:44
Maybe nine months.
00:12:46
It wasn't too crazy long, but it was just enough to give me
00:12:55
that line on the resume that allowed me to get in the door
00:12:59
somewhere else as a full-time security engineer, which is my
00:13:03
goal, and you know I want to bring it.
00:13:08
I bring that up because even now, you know, I'm about 10
00:13:14
years into this career, I'm still doing it now.
00:13:16
I'm still doing different moonlighting opportunities and
00:13:22
sorry, like I'm struggling through recovering from a cold,
00:13:26
but I'm struggling, or I'm still going through different
00:13:31
moonlighting opportunities.
00:13:34
You know it could be something like a virtual see-saw.
00:13:37
Could be this podcast, even right.
00:13:40
This podcast has opened up doors I never would have
00:13:43
expected Could be being an adjunct professor.
00:13:46
It could be creating course content for Infosec Institute
00:13:51
that recently got bought out by Cengage I can't say their name,
00:13:56
cengage.
00:13:56
Whatever it could be doing that you know, it could be getting
00:14:03
certifications, you know, in my opinion, moonlighting can also
00:14:08
be your own training in the career.
00:14:11
Right, so it could be you, you know, going out of your way
00:14:15
studying for a certification.
00:14:17
You know, setting that goal, setting a deadline and then
00:14:22
working to achieve it.
00:14:23
You know and I say this because there's it seems like it seems
00:14:34
like there is a huge debate going on among the millionaires
00:14:40
out there that are saying that if you're still working from
00:14:44
home and you don't want to return to the office, you've
00:14:48
been cheating, you've been stealing, you've been doing
00:14:52
something wrong, which is maybe the most incorrect statement
00:14:56
I've ever heard, maybe the most that anyone could ever tell you
00:15:01
about your career.
00:15:04
You know, working from home has enabled me to be significantly
00:15:11
more productive for my nine to five, significantly more
00:15:17
productive.
00:15:17
When I was in the office, I was spending time talking to people
00:15:22
about shit that I didn't need to be talking to them about
00:15:28
around the water cooler, in the cafeteria, wherever it was.
00:15:32
I'd worked in the office for maybe two actual hours a day,
00:15:38
right, maybe, okay, and I know everyone's going to say, oh,
00:15:43
that sounds terrible, that's really bad.
00:15:45
You know this and that, right, you're being pulled into
00:15:48
meetings.
00:15:48
You know you're being pulled into other conversations about
00:15:52
different topics.
00:15:53
So is it really, hands on keyboard, I'm actually
00:15:56
engineering something, I'm actually building something or
00:15:59
doing whatever?
00:16:00
No, I'm actually in these meetings, you know physically,
00:16:06
and you know addressing whatever issues are coming up.
00:16:11
Now that I'm at home, you know we can fire up a team's meeting,
00:16:15
right, that's scheduled for an hour.
00:16:18
This is a perfect example.
00:16:19
Today, teams call scheduled for an hour.
00:16:23
We got through it in 20 minutes .
00:16:24
We got off the call, I went straight into with, literally
00:16:29
without leaving my desk.
00:16:30
I went straight into my consoles and started working on
00:16:33
the projects that I have to deliver by the end of the year,
00:16:37
which actually, mind you, I am ahead of schedule.
00:16:40
I'm significantly ahead of schedule on those projects.
00:16:45
If I was in the office, I would probably be, you know, not not
00:16:50
ahead of schedule, I'll tell you that much.
00:16:52
Definitely not a schedule, but it's a joke.
00:16:57
It's a joke that these millionaires and billionaires
00:17:02
are trying to tell us now is that we're cheating, you know,
00:17:06
ourselves.
00:17:07
We're cheating the company.
00:17:08
We're cheating them Because we're working from home, right,
00:17:13
because they can't rationalize spending billions of dollars on
00:17:17
real estate To house all their employees and they want to have
00:17:21
that asset as a write-off in their companies.
00:17:24
You know accounting at the end of the year, and that's
00:17:26
essentially what it is.
00:17:28
You know, like, that's the game.
00:17:30
You know, like, if I rented an office building or a you know
00:17:36
just an office space For this podcast, right, I could write it
00:17:40
all off.
00:17:41
I got to write off a hundred percent of it, basically, and
00:17:47
you know, declare it as losses and things like that, right,
00:17:49
because it's the cost of doing business.
00:17:51
Oh, I have to have this office, you know it's.
00:17:55
It's all a game, you know, and I'm not, I'm not Knocking them
00:18:01
for playing the game, right, it's a game.
00:18:03
You need to know the rules.
00:18:04
This is the real world, right, if you don't know the rules and
00:18:08
you don't know it's a game, you're gonna lose no matter what
00:18:10
.
00:18:12
But the opportunity of working remote provides more value to
00:18:17
the company.
00:18:17
It actually does it.
00:18:20
It enables me to do the work that I want to do, enables me to
00:18:26
actually be happier, because now I get to spend more time
00:18:29
with my family.
00:18:30
That's brand new, brand new family.
00:18:32
I get to spend more time with my brand new family.
00:18:35
And While I'm doing that, right , right, right, after hours,
00:18:42
there's no one hour commute home or 90 minute commute home, I
00:18:47
can get right into studying for different certifications and
00:18:51
different skill sets that I need to obtain to be more effective
00:18:56
in my nine to five.
00:18:58
So please, someone tell me, someone, please educate me as to
00:19:02
how I'm cheating a, a multi-billion dollar company.
00:19:06
You know, like that's the craziest thing to me, that that
00:19:12
I've heard in a long time.
00:19:13
You know, it's just absurd to think like that, that that
00:19:17
you're stealing Because you're remote.
00:19:20
It's like I can see if you're working two, three, four
00:19:27
full-time jobs, right, and you're not telling any of your
00:19:30
employers about the other employer and you're making, you
00:19:35
know, three, four times the salary, right, and you know,
00:19:40
mind you, when you do that, other things are gonna be
00:19:43
dropped off off of these other jobs and you're gonna be
00:19:46
juggling it a lot more than you would actually think.
00:19:49
That's now right.
00:19:53
In my opinion.
00:19:54
That's not right.
00:19:55
That's not fair to that company especially.
00:19:59
You know, if you're, if you're literally working the security
00:20:02
engineering role and you're nine to five and maybe it's a little
00:20:06
bit of a slower season You're not doing that much and then you
00:20:09
get another full-time, remote job as a security engineer Maybe
00:20:13
it's not even the same industry or whatnot as your as your
00:20:16
first nine to five, but it's still a security engineer role
00:20:21
and you're working that role at this other company.
00:20:22
That's kind of shitty, you know .
00:20:26
That's not something, that's not something that I would do,
00:20:29
that's not something that I have done, that's not something I
00:20:31
would advocate for.
00:20:33
You know, the the work that you're doing at these
00:20:38
moonlighting Opportunities has to be different from what you're
00:20:42
nine five is because you need to be using that as a stepping
00:20:45
stone To your next role, to your next goal.
00:20:49
That's a really good way of actually doing it.
00:20:53
That a lot of people, I Think they forget about it, they don't
00:20:57
talk about it.
00:20:58
You know, this is the first time, and maybe ever, that you
00:21:05
know I've heard someone talk about it, right, and so it kind
00:21:08
of just hit me and I was like, oh, I need to talk about this
00:21:11
because I've actually done this in my career To get me to that
00:21:15
next level.
00:21:16
That seemed to be unobtainable, unsurmountable, you know.
00:21:21
And as soon as I did this moonlighting thing, put in a
00:21:23
little bit more effort.
00:21:24
Yes, guess what, I was more tired, I got less sleep, but it
00:21:30
was all worth it in the long run .
00:21:32
So you know, I just wanted to to bring that up.
00:21:36
And you know, again, moonlighting is not necessarily
00:21:41
Working an entirely separate job .
00:21:43
It literally could be you studying for a certification.
00:21:47
You know these things.
00:21:49
For me, it's really whatever Goes into making you a better
00:21:55
professional in your career field.
00:21:57
That's what that is.
00:21:59
So you know, I just wanted to talk about that because you know
00:22:05
I've also I've also seen a lot of you know videos start popping
00:22:13
up on YouTube talking about You're you're cheating your
00:22:18
employer by working from home.
00:22:19
You know that's that's the most frustrating thing, right for me,
00:22:24
because it's like, you know, probably 95% of the people that
00:22:29
are moonlighting.
00:22:30
They're doing it because they want to provide a better life
00:22:34
For their family, they want to advance their career.
00:22:37
You know they want to make, they want to do better overall,
00:22:44
and for me, in my opinion, there's nothing wrong with that.
00:22:47
You know, if, if you have no ill intentions, you know, and
00:22:52
you don't want to, you know, harm anyone or harm the company
00:22:55
that you're working for, anything like that, then there
00:22:58
should be no issue.
00:22:59
And you know it's like these people are out of touch.
00:23:04
You know, because I'm sure some of them Did this earlier on in
00:23:10
their career where they were working.
00:23:11
You know, two jobs are doing multiple things trying to get to
00:23:17
where they are today.
00:23:22
It just doesn't make any sense to me, you know, honestly, like,
00:23:25
at the end of the day, I think the whole push to go back into
00:23:28
the office, in my opinion, is Really just so that they can
00:23:34
rationalize.
00:23:35
You know, spending the money utilizing the real estate that
00:23:39
they invested in, that's turning into a liability, used to be an
00:23:43
asset, and now they're debating about getting rid of it, you
00:23:47
know, and they don't want to get that asset off of their, off of
00:23:50
their P&L, and that's what it is, you know, in my opinion,
00:23:55
that's what it is, because, you know people want to say oh
00:24:00
You're, you're missing out on the water cooler talks.
00:24:03
You know, you're missing out on promotions Because of these
00:24:08
water cooler talks.
00:24:09
You know, whatever, whatever, that is right, and I think,
00:24:13
though, that's absolute BS.
00:24:17
You know, when I start a fully remote job, when I start a new
00:24:21
one, a fully remote job, the very first thing I do for the
00:24:25
first 90 days is I'm meeting with all of my Managers, peers,
00:24:32
and I'm meeting with all of their managers.
00:24:35
So I'm meeting with directors, vps, I'm meeting with other, you
00:24:40
know, managers.
00:24:41
All of these people are the teams that I will be working
00:24:46
with.
00:24:46
They own these teams.
00:24:47
So I'm building that relationship and then I have
00:24:51
monthly touch bases with all of them.
00:24:53
Like, hey, how can I help you?
00:24:55
You know what areas are you struggling with?
00:24:58
What areas do you need more help with?
00:25:00
How can I actually help you and make your life easier?
00:25:04
So that replaces the water cooler talk, right, and that's a
00:25:11
quick 30 minutes.
00:25:12
Maybe a monthly, maybe a quarterly call, where you know
00:25:17
you're just reaching out seeing if you can help them in some way
00:25:20
.
00:25:20
That's all that.
00:25:22
That is that replaces the hour that I'm spending at the water
00:25:27
cooler over, you know, an entire week, so to speak.
00:25:31
You know, talking to these people to get a promotion.
00:25:36
That's BS, in my opinion.
00:25:39
That is BS, you know.
00:25:42
I know CISOs that are fully remote and and there's no need
00:25:47
for them to to go back into the office and their companies are
00:25:52
trying to order everyone back into the office and you know
00:25:57
these CISOs are telling their security teams like, hey,
00:26:00
everyone else is going to go back into the office.
00:26:02
This doesn't apply to you, because they know if they don't
00:26:07
offer these benefits, right, If they don't give these benefits
00:26:11
to their security team, their security team is literally just
00:26:13
going to go somewhere else because, literally, the last
00:26:18
time I checked, I think there's a five million headcount
00:26:22
shortage in cybersecurity.
00:26:24
Literally there's five million roles more than what there are
00:26:29
actually in the profession.
00:26:31
And so in security, literally the stat is, I think it's 99%,
00:26:39
98 or 99% of people employed in cybersecurity are Switching jobs
00:26:47
rather than getting laid off or fired and then finding another,
00:26:52
another job or, you know, quitting without having another
00:26:57
job lined up.
00:26:58
98 or 99% are just switching jobs.
00:27:03
You know so like they're working and then they put in
00:27:06
their two weeks notice and then they go to another job.
00:27:08
So they're not on them, they're not unemployed for a certain
00:27:11
amount of time, they're just going from one job to another.
00:27:15
That shows you that cybersecurity professionals are
00:27:20
still in very high demand and that's not going away.
00:27:24
You know that's not changing anytime soon.
00:27:27
There's literally five million open roles more than the Amount
00:27:32
of professionals that we have in the field.
00:27:37
You know, I, the best way to get into security is to start
00:27:41
getting the certifications that no one else wants to get.
00:27:43
To be quite honest with you, you know I was a little bit
00:27:46
stunned with this stat.
00:27:48
I've looked up how many people in America I think it was
00:27:53
America that have the CCSP, csp certification right, the the
00:28:01
certified cloud security Professional or practitioner or
00:28:05
whatever it is.
00:28:06
I have it.
00:28:07
So you would think I would know what it is, but it's ISC
00:28:13
squared cloud version of the CISSP.
00:28:16
Essentially, there's only five thousand people in America that
00:28:21
have that certification.
00:28:22
That certification is growing in demand.
00:28:25
I can tell that it's growing in demand because more on more and
00:28:30
more job applications You're seeing CISSP or CCSP on cloud
00:28:36
security and architect roles.
00:28:39
The reason being is that people are seeing oh, not everyone has
00:28:44
a CISSP.
00:28:45
Well, the next best thing CCSP that fits more with the cloud.
00:28:51
We can use that.
00:28:52
But there's only 5 of us roughly that have this
00:28:59
certification in North America or in America.
00:29:02
And then if you look at the CISSP, that number is not
00:29:08
dramatically higher.
00:29:09
I thought it would be millions, I think when I checked it was
00:29:14
like 50, which is insane because the CISSP has been
00:29:20
around for like 20 years.
00:29:22
At this point.
00:29:22
It's been around for 20 years.
00:29:24
I think the CISSP has been around for six or seven years,
00:29:28
something like that.
00:29:29
Don't quote me, I don't know how long these things have been
00:29:34
around, but I know CISSP has been around significantly longer
00:29:39
than the CISSP.
00:29:40
I would have thought more people had them, and so how you
00:29:45
get these roles is getting those certifications that not many
00:29:49
other people have.
00:29:50
When you're getting them, you think everyone has them and you
00:29:54
see them on all these job descriptions and you probably
00:29:56
see them on people on LinkedIn, their profile and whatnot.
00:30:00
Those are the minority.
00:30:00
Those are not the majority.
00:30:02
Those are the minority.
00:30:04
This is something that I'm learning myself, but that should
00:30:09
add a little bit of fire in you to actually go out there and
00:30:13
moonlight and learn new skills, go after new certifications,
00:30:17
make the changes that you need to make so that yourself, in 10
00:30:21
years, will thank the old self for making those sacrifices.
00:30:26
All right, guys, that's all that I have for this episode.
00:30:30
I hope you guys enjoyed it.
00:30:31
I hope it helps someone out there.
00:30:33
Go out there and make a difference.
00:30:37
All right, see you guys.
Related Episodes
The Making of a Cybersecurity Titan and the Rise of Virtual Compliance
When life threw a curveball at Justin Rende, he caught it and threw it right back, catapulting himself into the cybersecurity stratosphere. Our latest episode features the captivating tale of how a chance challenge from a CEO turned into a flourishing business, as Justin Rende CEO of Rhymetec , our...
The Future of AI and Cyber Resilience with Matthew Gorge
Discover the intricate dance of cybersecurity and compliance in a world where geopolitical fragmentation is the stage, and Mathieu Gorge, CEO of VG Trust, is our guide. With the finesse of a seasoned expert, Mathieu navigates through the complexities of maintaining continuous compliance amidst the ...
Preparing for 2024: 5 Attacks Targeting You This Year
Curious how the threat landscape is changing in the new year? Hear about the email attacks you need to protect against from guest Mick Leach, a seasoned cybersecurity professional who has led SOC teams at F500 companies and startups alike. In our latest episode, we'll chat with Mick about cons...