A while back, seeking the next podcast to listen to, I hit “subscribe” on the BHIS podcast. That led me to their blog and especially to their 30 Things to get you started page, where I watched WEBCAST: John Strand’s 5 Year Plan into InfoSec Part 2.
Well that will be my start.
Focus on core concepts:
- OS: install linux from scratch, read CIS Benchmarks, use Microsoft Evaluation Center
- Networking: TCP/IP and ICMP, learn to read a packet, sockets programming, build your own home network
- Learn a language like Python
- Learn Bash scripting
- Lookup security standards (CIS, NIST 800)
- Learn and understand CIS controls
Get your security news, learn PowerShell, be part of a security group, write a blog.
Learn to build web/mobile apps.
Learn to use IDA, Immunity Debugger, OWASP ZAP.
Do online challenges
Go to conferences, meet and present.
The good news is that I already nailed year 3 and I have a undergrade in telecom and networking!