This definitely came at the right time because thanks to your videos and course I officially landed a GRC role!! I’ve been on the cyber journey for a while but once I finished your course, I took the plunge to start applying and a month a half later I landed my very first role!! I can’t thank you enough for sharing all of your knowledge and I can’t wait to put it all into action.
@@aaronlewis6653 his course is very thorough when going over all the elements that encompass GRC. When he says that’s all you need he means it. Of course you can do further study and look at other more specific courses on the different topics like if you wanted to dig more into specifically risk management you can totally do that but it was enough for ME and with his cap stone project that was something that was a good highlight in my interview
3min in and I just realized that I have been working at a level 1 GRC role for the past 3 years xD. Always good to know there are levels to this game and what it takes to bridge those gaps. I've bought your course and will start Q1 next year after I have finished an AI Security course starting next week. Would be great tho if you somewhere in the future you could cover that topic as well since there are a lot of organizations (semi-government) in the EU that lack proper policy on AI Security or AI in general.
Thats awesome good luck! honestly, smash through GRC Mastery. finish as much as you can of the course before the interview, it’ll help you answer the scenario based questions: th-cam.com/video/C6IgksBpMF4/w-d-xo.htmlsi=qvEKMQe1gZ45TtVs
@@JobEasy-q7v you may want to watch this (it has a free resume): th-cam.com/video/rz0RL4Xue-A/w-d-xo.html Also a resume alone wont get you interviews. If you want to work in GRC you need to learn GRC properly: th-cam.com/video/C6IgksBpMF4/w-d-xo.html
I work as a customer success manager in a GRC software company. I’m looking to get into cyber for GRC. I’m subscribed to the OCEG newsletter. I’m going to start reaching out to the cyber team in my org. Also, I’m going to look into more of the vast GRC training library they have available. This video has peaked my interest for GRC cyber even more!
Hello unix guy I'm confused Thank you so much for your hard work and your videos to help us I'm new to cybersecurity and I watched two videos for you 1- FASTEST way to become a Cyber Security Engineer and ACTUALLY get a job - UPDATED (2024) 2- How I Would Learn Cyber Security If I Could Start Over in 2024 (6 Month Plan) Any plan I start If I am a beginner and want to get my first job as a Cyber Security To note : I really like the technical part But if I were to start with GRC and then switch to the technical side I'm accepting the most important thing to get into this field.
Informative video as always! You talked about reading penetration test results, as a GRC analyst what course do you have to take in order to be able to understand penetration test result correctly. Thanks!
Within GRC Mastery, I go over important frameworks like the OWASP Top 10 which will expose you to common vulnerabilities. As for understanding reports, to be honest a good penetration testing report will include name of the vulnerability/finding and how to fix it so sometimes they can be self-explanatatory but you will always need to go and google/readup on the vulnerability itself , you dont need in-depth knowledge specially at level1 now for courses, honestly following any roadmap on my channel will give you that! So doing any basic pentesting course like eJPT will cover all of that (and some) , but a lot of the attacks are also covered in things like the google cyber cert, tryhackme soc1 , etc. Basically after GRC Mastery, the more, ‘cyber knowledge’ you gain the better off you will be :) plus, acknowledging the fact that you will always need to do a lot of googling/research on the job itself
Great video! Can you make a video about how to become a cyber security architect from scratch ? Or the pathway including what courses and knowledge you need to become a cyber security architect ?
security architect is pretty much what was explained in this video level3, you need tons of experience, GRC knowlegge, and broad cyber knowledge in a few domains
grcmastery.com , I’ve left screen shot from people who did it, also go follow GRC Mastery on LinkedIn and click on ‘page posts’, you can see people who did it and what they post about it, you can also ask them :) good work on doing due deligence 👏🏻
Started the GRC course last week. So far so good! I’ve been in healthcare as an RT for 12 years now. Would I be able to apply for GRC roles after I complete the course or is there something else I should get before applying? Thanks again!
well done on starting learning! yes you can (and should) start applying right away but you also shouldn’t stop learning, so once you finish it, start applying but also start studying for something else :)
I am following you ethical hacking roadmap, Is it necessary for pen testers to have some GRC experience or do some GRC projects? Do you think it would help landing a job, or do you think targeting red team skills is more important at least in the beginning.
Your videos motivated me last year to just jump and transition into an IT helpdesk/desk support role. I want to further advance my skills and knowledge in tech but unsure of which route I want to go but am thinking about GRC in healthcare. Would you say that the level 1 role you were discussing is entry level after help desk? My only experience is through personal knowledge, my work experience now, and the googly cybersecurity course. Thank you!
well done on making the jump! that’s a huge step! yes helpdesk is basically level1 :) having helpdesk experience and google cyber cert is a fantastic foundation to build GRC skills on! so GRC Mastery after: th-cam.com/video/C6IgksBpMF4/w-d-xo.htmlsi=-HPWJlXwiqh6tCIq
Hey @UnixGuy today i passed the isc2 cc exam. i'm assuming to learn CompTIA Sec+ exam to get a job in l1 soc analyst role. Can you provide any guidance to me like is it better to get another certification also. Waiting for your reply ✋
@UnixGuy, if I were to get a GRC spefic role as a 1st role in Cybersecurity but my goal was a techical role like a SOC analyst would it be a good idea to take a GRC role? Am I likely going to be able to pivot to a technical role after?
you can do that but it’s not mandatory. You can also land a generalist role where you get to do more than one thing. That’s what this plan is for: th-cam.com/video/rz0RL4Xue-A/w-d-xo.htmlsi=kDDaFkrU9sZlNzCK
@@UnixGuy Thanks! By the way, your delivery style is a breath of fresh air - no acting or drama, you get straight to the point and provide top advice! I have decided to pursue the GRC route. I'm currently working through the Cisco Analyst pathway modules. I'm guessing the next step would be to sign up for your GRC course 🙂
@@plo2591 good luck with it all! yes grc mastery will give you grc skills, and its a good idea to continue the learning journey even after you finish it as mentioned in the video :)
As a beginner which role should i focus on since there are so many roles eg Cloud Security Engineer, Security Engineer, Cyber security analyst etc. Please help
I've been in Security Awareness roles for the last 7 years and not a technical background. What can you recommend for training if I wanted to move into a GRC role?
Hi Unixguy! First of all, thanks for the great content, your videos are helping me a lot in a transition from developer to cybersec. I have just been selected to work with a group that will implement ISO 27001 on the company I'm currently working. Can that be considered a first GRC job to put on the CV? Trying to break into GRC. Since I'm also a lawyer (turned programmer), I think this career would fit well with this different set of skills.
Hey! yes this can be the start of a GRC career, your current skills will definitely be an asset! Watch this: th-cam.com/video/C6IgksBpMF4/w-d-xo.htmlsi=qvEKMQe1gZ45TtVs
Hey awesome content! Could you please tell me which industries GRC professionals can work apart from big4 cos as the work-life balance there is traumatic?
So the names of the positions you provided are different to the ones in Comptia career path. Does it matter? Or do we just pay attention to the requisites when applying. They have for example Security Engineer. Thanks.
some people get a job with it alone, but you shouldn’t plan to rely on one course only. Instead follow a structured plan like this one: th-cam.com/video/rz0RL4Xue-A/w-d-xo.htmlsi=TQkVJaCVRuVVLQdK
I have a question , do you think to break into the field of cyber security, intelligence analyst role can be a good starting point , make job is to use osnit to secure a company various sites and with this I can tell them importance of GRC and in future can start as a GRC analyst within the company?
people dont usually land jobs by doing osint on companies. You’ll need to learn cyber security and apply to job: th-cam.com/video/rz0RL4Xue-A/w-d-xo.htmlsi=nqghuz4W3b8OQAoR
I wanted to ask you if I should just switch from cyber to finance? I just don’t trust this field. It’s been 2 years and nothing and I am still trying to pass my sec+. I don’t think this field has a promising future. I can’t keep getting laid off
sorry to hear about lay offs, but sec+ is just one entry level basic cert. it’s like doing the first subject in a finance degree… follow this plan and take your time to build your skills properly: th-cam.com/video/rz0RL4Xue-A/w-d-xo.htmlsi=QfXbxnwRQv-f05JE
Hey UG, I have studied a lot of the materials that you have graciously provided. Alhamdulillah, I've managed to land an interview in a role relating to an auditor, however, for grc related, are there any specific positions that I should search for as a lot of the company in the IT sector in my country reserves such role for senior and manager level
An auditor role is indeed a GRC role! I cover Audit in an entire module in grcmastery.com :) once you get some audit experience you’ll be able to progress to more senior roles
If I want to start a cybersecurity consulting business in the future, would GRC experience be more beneficial or should I stick to a SOC analyst. Thanks!
@@UnixGuy thanks Unix you are the reason im getting into security! I just have another question, “should I work on technical skills like coding and Linux for GRC or is understanding enough?
Hi i just completed your GRC Mastery Course, I also have completed the google cybersecurity certificate program as well as taken and passed the Security+ test and am struggling applying to jobs and getting responses. any advice for applying or job search or training would help so much. from anyone as well not just unix guy, if you have advice please let me know.
congrats on all your hard work. Continue with the study plan as it is: th-cam.com/video/rz0RL4Xue-A/w-d-xo.html and I highly reocmmend watching this video to understand what it takes to land a job: th-cam.com/video/2RfwwlbQecs/w-d-xo.htmlsi=GwJ95Dm-oVM2SLB4
I have taken your GRC course can you update the job section i feel like the resume you provided there is just a basic word doc with no real good structure also the main capstone is not on the resume as a project to show off your skills to potential employers.
you emailed your concerns before, and i understand you don’t like the template, but it is a proven resume template that a lot of people have used. A good resume template is clean and succint, it is called a ‘template’. Looks like you have a different expectations on what a template is. You need to put your own experience using your OWN words. You need to also describe the capstone project in one line. This is what a ‘template’ is, and those templates are usually sold individually for $50 to $200+.
I am able to map the need of GRC certification who wants to pursue a career with the blue (defensive security) team jobs..... On the other hand, the red (offensive security) team takes care of jobs like penetration testing....
@@UnixGuy: our defensive security (blue team) activities, we focus on risk management, guided by threat assessment reports. We assist in designing data security concepts that align with GDPR compliance, and also perform vendor assessments for third-party solutions with respect to security. These tasks align with the Governance, Risk, and Compliance (GRC) framework, where in-depth technical expertise may not be essential. On the other hand, the offensive security (red team) in our organization conducts penetration testing, which involves ethical hacking. This area demands detailed technical knowledge for identifying vulnerabilities and testing system defenses.
Thank you for sharing, @UnixGuy. Does having GRC tools (e.g., Vanta, Drata, etc.) experience matter when landing GRC opportunities? Thanks in advance, and all the best!
not really, these tools are mainly glorified spreadsheets with a web interface. What you need is the underlying GRC knowledge: th-cam.com/video/C6IgksBpMF4/w-d-xo.htmlsi=gJvGNNEMTJEazS_I
![กี่หมื่นฟ้า | Your Sky Series EP.1 [1/4]](http://i.ytimg.com/vi/vLGjxFL6U_I/mqdefault.jpg)
![BOWKYLION - วิงวอน (ex-change) [Official MV]](http://i.ytimg.com/vi/cLdnZWDaO-w/mqdefault.jpg)
Use code 'UNIXGUY' at nordpass.com/unixguy to get NordPass Business with a 20% off! The coupon applies to all new Business plans.
Thanks for starting this channel, I'm now studying CC at ISC2
What if it’s just me do I still get three months free?
@@kennytrimm6234 yes
This definitely came at the right time because thanks to your videos and course I officially landed a GRC role!! I’ve been on the cyber journey for a while but once I finished your course, I took the plunge to start applying and a month a half later I landed my very first role!! I can’t thank you enough for sharing all of your knowledge and I can’t wait to put it all into action.
Huge congrats my friend!!!! well done!
@@UnixGuy thank you so much!
@tiffbritt21 whats your new jobs title? Congratulations!🎉
How has his course helped you land the new role ?
@@aaronlewis6653 his course is very thorough when going over all the elements that encompass GRC. When he says that’s all you need he means it. Of course you can do further study and look at other more specific courses on the different topics like if you wanted to dig more into specifically risk management you can totally do that but it was enough for ME and with his cap stone project that was something that was a good highlight in my interview
3min in and I just realized that I have been working at a level 1 GRC role for the past 3 years xD. Always good to know there are levels to this game and what it takes to bridge those gaps. I've bought your course and will start Q1 next year after I have finished an AI Security course starting next week. Would be great tho if you somewhere in the future you could cover that topic as well since there are a lot of organizations (semi-government) in the EU that lack proper policy on AI Security or AI in general.
enjoy the learnings! Yes AI security is something I plan on tackling
I have a GRC interview next week
Thats awesome good luck! honestly, smash through GRC Mastery. finish as much as you can of the course before the interview, it’ll help
you answer the scenario based questions:
th-cam.com/video/C6IgksBpMF4/w-d-xo.htmlsi=qvEKMQe1gZ45TtVs
Gl
Buddy, can you please share your resume by removing your personal information. Please, man. I am dying with 0 calls.
@@JobEasy-q7v you may want to watch this (it has a free resume):
th-cam.com/video/rz0RL4Xue-A/w-d-xo.html
Also a resume alone wont get you interviews. If you want to work in GRC you need to learn GRC properly:
th-cam.com/video/C6IgksBpMF4/w-d-xo.html
Good luck🎉
Your videos are like the perfect 3 course meal. Thank you again.
🙏🏻
Looking to start your GRC course this weekend hopefully!
Best of luck!
Bro is it a bootcamp or Udemy course ? And which one ?
@@donnnnn92 th-cam.com/video/C6IgksBpMF4/w-d-xo.htmlsi=hxqAm5SFyD-P5R2E
I work as a customer success manager in a GRC software company. I’m looking to get into cyber for GRC. I’m subscribed to the OCEG newsletter. I’m going to start reaching out to the cyber team in my org. Also, I’m going to look into more of the vast GRC training library they have available. This video has peaked my interest for GRC cyber even more!
if you want to learn GRC, look no further than GRC Mastery! Watch this video for explanation:
th-cam.com/video/C6IgksBpMF4/w-d-xo.html
Hello unix guy
I'm confused
Thank you so much for your hard work and your videos to help us
I'm new to cybersecurity and I watched two videos for you
1- FASTEST way to become a Cyber Security Engineer and ACTUALLY get a job - UPDATED (2024)
2- How I Would Learn Cyber Security If I Could Start Over in 2024 (6 Month Plan)
Any plan I start
If I am a beginner and want to get my first job as a Cyber Security
To note : I really like the technical part
But if I were to start with GRC and then switch to the technical side
I'm accepting the most important thing to get into this field.
follow number 2. yes learn GRC and you can do anything after :)
@@UnixGuy You're an amazing person with a kind heart, and thank you for everythin❤😊
Hey Mr.UnixGuy Can you make a video about Cloud Security career path for amazon web service / Microsoft Azure ♥️
I already have, look through my existing videos
Great talk at Bsides today, inspired to start the cyber journey :)
thank you so much for coming 🤝🏻
Thank you as always. I’m currently doing Josh’s course. As soon as I’m done, I’m doing yours.
Good luck with it all 🤝🏻
Informative video as always! You talked about reading penetration test results, as a GRC analyst what course do you have to take in order to be able to understand penetration test result correctly. Thanks!
Within GRC Mastery, I go over important frameworks like the OWASP Top 10 which will expose you to common vulnerabilities.
As for understanding reports, to be honest a good penetration testing report will include name of the vulnerability/finding and how to fix it so sometimes they can be self-explanatatory but you will always need to go and google/readup on the vulnerability itself , you dont need in-depth knowledge specially at level1
now for courses, honestly following any roadmap on my channel will give you that! So doing any basic pentesting course like eJPT will cover all of that (and some) , but a lot of the attacks are also covered in things like the google cyber cert, tryhackme soc1 , etc.
Basically after GRC Mastery, the more, ‘cyber knowledge’ you gain the better off you will be :) plus, acknowledging the fact that you will always need to do a lot of googling/research on the job itself
Great video! Can you make a video about how to become a cyber security architect from scratch ? Or the pathway including what courses and knowledge you need to become a cyber security architect ?
security architect is pretty much what was explained in this video level3, you need tons of experience, GRC knowlegge, and broad cyber knowledge in a few domains
Awesome quality information.
Glad it was helpful!
Can anyone speak to his course ? I’ve very interested but I have been burned once and I’m trying to do my diligence!
grcmastery.com , I’ve left screen shot from people who did it, also go follow GRC Mastery on LinkedIn and click on ‘page posts’, you can see people who did it and what they post about it, you can also ask them :)
good work on doing due deligence 👏🏻
Thanks mate
Happy to help 🤝🏻
Started the GRC course last week.
So far so good!
I’ve been in healthcare as an RT for 12 years now. Would I be able to apply for GRC roles after I complete the course or is there something else I should get before applying?
Thanks again!
well done on starting learning!
yes you can (and should) start applying right away but you also shouldn’t stop learning, so once you finish it, start applying but also start studying for something else :)
I am following you ethical hacking roadmap, Is it necessary for pen testers to have some GRC experience or do some GRC projects? Do you think it would help landing a job, or do you think targeting red team skills is more important at least in the beginning.
its not needed for pentesting jobs, but you can come back and do it once you’re done with the roadmap :)
Great video! What options exist for CISSP associates?
it’s a training that covers a broad range of topics from a theoritical point of view.
Your videos motivated me last year to just jump and transition into an IT helpdesk/desk support role. I want to further advance my skills and knowledge in tech but unsure of which route I want to go but am thinking about GRC in healthcare.
Would you say that the level 1 role you were discussing is entry level after help desk? My only experience is through personal knowledge, my work experience now, and the googly cybersecurity course. Thank you!
well done on making the jump! that’s a huge step!
yes helpdesk is basically level1 :)
having helpdesk experience and google cyber cert is a fantastic foundation to build GRC skills on! so GRC Mastery after:
th-cam.com/video/C6IgksBpMF4/w-d-xo.htmlsi=-HPWJlXwiqh6tCIq
Happy halloween😊❤❤❤❤❤🤪👻🎃🎃🎃🎃🎃
Hey @UnixGuy today i passed the isc2 cc exam. i'm assuming to learn CompTIA Sec+ exam to get a job in l1 soc analyst role. Can you provide any guidance to me like is it better to get another certification also. Waiting for your reply ✋
th-cam.com/video/rz0RL4Xue-A/w-d-xo.html
@UnixGuy, if I were to get a GRC spefic role as a 1st role in Cybersecurity but my goal was a techical role like a SOC analyst would it be a good idea to take a GRC role? Am I likely going to be able to pivot to a technical role after?
you can do that but it’s not mandatory. You can also land a generalist role where you get to do more than one thing. That’s what this plan is for:
th-cam.com/video/rz0RL4Xue-A/w-d-xo.htmlsi=kDDaFkrU9sZlNzCK
@@UnixGuy thank you for the reply.
Amazing content but I find the background music very distracting.
some people tell me they love it some tell me they hate it 🤷🏻♂️ i will lower it or changw it next time, thanks for watching
@@UnixGuy Thanks!
By the way, your delivery style is a breath of fresh air - no acting or drama, you get straight to the point and provide top advice!
I have decided to pursue the GRC route. I'm currently working through the Cisco Analyst pathway modules. I'm guessing the next step would be to sign up for your GRC course 🙂
@@plo2591 good luck with it all! yes grc mastery will give you grc skills, and its a good idea to continue the learning journey even after you finish it as mentioned in the video :)
As a beginner which role should i focus on since there are so many roles eg Cloud Security Engineer, Security Engineer, Cyber security analyst etc. Please help
Generalist roles, follow this:
th-cam.com/video/rz0RL4Xue-A/w-d-xo.html
I've been in Security Awareness roles for the last 7 years and not a technical background. What can you recommend for training if I wanted to move into a GRC role?
GRC Mastery is pretty much all you need, here’s the course description:
th-cam.com/video/C6IgksBpMF4/w-d-xo.htmlsi=DV5xrfXYNvkub_O7
Hi Unixguy! First of all, thanks for the great content, your videos are helping me a lot in a transition from developer to cybersec. I have just been selected to work with a group that will implement ISO 27001 on the company I'm currently working.
Can that be considered a first GRC job to put on the CV?
Trying to break into GRC. Since I'm also a lawyer (turned programmer), I think this career would fit well with this different set of skills.
Hey!
yes this can be the start of a GRC career, your current skills will definitely be an asset! Watch this:
th-cam.com/video/C6IgksBpMF4/w-d-xo.htmlsi=qvEKMQe1gZ45TtVs
Hey awesome content! Could you please tell me which industries GRC professionals can work apart from big4 cos as the work-life balance there is traumatic?
GRC professionals work in financial instiutions, government, healthcare, and most organisations.
So the names of the positions you provided are different to the ones in Comptia career path. Does it matter? Or do we just pay attention to the requisites when applying. They have for example Security Engineer. Thanks.
Comptia is just genetic stuff, like I said titles are messed up :) this is specitic more to GRC
should you get a CS cert like (security + , Google CS) first and then do the GRC training ?
you can start with GRC Mastery then do google cyber cert:
th-cam.com/video/C6IgksBpMF4/w-d-xo.html
@ thank you so much!
I have no experience, will the training a enough to get a job in the GRC filed?
some people get a job with it alone, but you shouldn’t plan to rely on one course only. Instead follow a structured plan like this one:
th-cam.com/video/rz0RL4Xue-A/w-d-xo.htmlsi=TQkVJaCVRuVVLQdK
I have a question , do you think to break into the field of cyber security, intelligence analyst role can be a good starting point , make job is to use osnit to secure a company various sites and with this I can tell them importance of GRC and in future can start as a GRC analyst within the company?
people dont usually land jobs by doing osint on companies. You’ll need to learn cyber security and apply to job:
th-cam.com/video/rz0RL4Xue-A/w-d-xo.htmlsi=nqghuz4W3b8OQAoR
I wanted to ask you if I should just switch from cyber to finance? I just don’t trust this field. It’s been 2 years and nothing and I am still trying to pass my sec+. I don’t think this field has a promising future. I can’t keep getting laid off
sorry to hear about lay offs, but sec+ is just one entry level basic cert. it’s like doing the first subject in a finance degree…
follow this plan and take your time to build your skills properly:
th-cam.com/video/rz0RL4Xue-A/w-d-xo.htmlsi=QfXbxnwRQv-f05JE
Hey UG, I have studied a lot of the materials that you have graciously provided. Alhamdulillah, I've managed to land an interview in a role relating to an auditor, however, for grc related, are there any specific positions that I should search for as a lot of the company in the IT sector in my country reserves such role for senior and manager level
An auditor role is indeed a GRC role! I cover Audit in an entire module in grcmastery.com :) once you get some audit experience you’ll be able to progress to more senior roles
which 'colored' team in cybersecurity does GRC belong to? (blue/red/purple)
blue
Hi. I'm gravitating toward becoming an ISSO. Is a GRC analyst the same or similar at all?
more or less yes :) check it out:
th-cam.com/video/C6IgksBpMF4/w-d-xo.html
If I want to start a cybersecurity consulting business in the future, would GRC experience be more beneficial or should I stick to a SOC analyst. Thanks!
you can offer consulting services in both :)
@@UnixGuy thanks Unix you are the reason im getting into security! I just have another question, “should I work on technical skills like coding and Linux for GRC or is understanding enough?
Hi i just completed your GRC Mastery Course, I also have completed the google cybersecurity certificate program as well as taken and passed the Security+ test and am struggling applying to jobs and getting responses. any advice for applying or job search or training would help so much. from anyone as well not just unix guy, if you have advice please let me know.
congrats on all your hard work. Continue with the study plan as it is:
th-cam.com/video/rz0RL4Xue-A/w-d-xo.html
and I highly reocmmend watching this video to understand what it takes to land a job:
th-cam.com/video/2RfwwlbQecs/w-d-xo.htmlsi=GwJ95Dm-oVM2SLB4
I have taken your GRC course can you update the job section i feel like the resume you provided there is just a basic word doc with no real good structure also the main capstone is not on the resume as a project to show off your skills to potential employers.
you emailed your concerns before, and i understand you don’t like the template, but it is a proven resume template that a lot of people have used.
A good resume template is clean and succint, it is called a ‘template’. Looks like you have a different expectations on what a template is.
You need to put your own experience using your OWN words. You need to also describe the capstone project in one line.
This is what a ‘template’ is, and those templates are usually sold individually for $50 to $200+.
Give us an example of a better template thats proven to work.
@@justanoob111 he has
I am able to map the need of GRC certification who wants to pursue a career with the blue (defensive security) team jobs..... On the other hand, the red (offensive security) team takes care of jobs like penetration testing....
I don't understand your comment
@@UnixGuy: our defensive security (blue team) activities, we focus on risk management, guided by threat assessment reports. We assist in designing data security concepts that align with GDPR compliance, and also perform vendor assessments for third-party solutions with respect to security. These tasks align with the Governance, Risk, and Compliance (GRC) framework, where in-depth technical expertise may not be essential.
On the other hand, the offensive security (red team) in our organization conducts penetration testing, which involves ethical hacking. This area demands detailed technical knowledge for identifying vulnerabilities and testing system defenses.
@@venugopald4147 👍
Hi UnixGuy thank you for a great video, would you like to create video on how to handle politics beautifully in cybersecurity? thank you
you may find this video useful:
th-cam.com/video/86O3ED_Yzg0/w-d-xo.html
@@UnixGuy thank you! I ordered the books: Discipline is destiny & So good they can't ignore you 📚
Thank you for sharing, @UnixGuy. Does having GRC tools (e.g., Vanta, Drata, etc.) experience matter when landing GRC opportunities? Thanks in advance, and all the best!
not really, these tools are mainly glorified spreadsheets with a web interface. What you need is the underlying GRC knowledge:
th-cam.com/video/C6IgksBpMF4/w-d-xo.htmlsi=gJvGNNEMTJEazS_I
@@UnixGuy Thank you!