I also have a SOX background and completely agree that audit or compliance can be excellent entry points. While not without challenges, the experience is highly valuable. A few key takeaways: (1) GRC is broad and versatile, offering a range of opportunities from risk management to compliance and beyond; (2) The experience hiring managers are looking for can create a catch-22 for entry-level roles, but certifications can help bridge that gap; (3) Strong communication skills are just as important as technical competencies in GRC’s position as the interface to the business; (4) When done well, GRC is awesome and underrated. Looking forward to your ebook!
@Gerald Auger PhD - Simply Cyber, great video. I also have heard and seen (from job postings) that the CRISC is another ISACA cert that has value for mid to senior risk management roles (I want to go for that soon). I also agree that FISMA work is a great entry point, plus learning the practice of interpreting NIST control catalogs or special publications. Finally, PCI-DSS work is good for audit work since it organizes the requirements for cardholder data environments. Can't wait to read your free book 📚 to absorb some more wisdom.
Thank you Gerry! Currently taking the course and entering into the Risk Management section. I got my security + about 2 months ago. Enjoying your content a ton!
I have an interview in 20 minutes for an associate IT auditor position! Very helpful information, thank you!
I also have a SOX background and completely agree that audit or compliance can be excellent entry points. While not without challenges, the experience is highly valuable. A few key takeaways: (1) GRC is broad and versatile, offering a range of opportunities from risk management to compliance and beyond; (2) The experience hiring managers are looking for can create a catch-22 for entry-level roles, but certifications can help bridge that gap; (3) Strong communication skills are just as important as technical competencies in GRC’s position as the interface to the business; (4) When done well, GRC is awesome and underrated. Looking forward to your ebook!
Highly informative and helpful. Thanks for sharing your knowledge and insights.
Great video!! The number of browser tabs I have open is SIGNIFICANT!! Thank you for the guidance and expertise!
@Gerald Auger PhD - Simply Cyber, great video. I also have heard and seen (from job postings) that the CRISC is another ISACA cert that has value for mid to senior risk management roles (I want to go for that soon). I also agree that FISMA work is a great entry point, plus learning the practice of interpreting NIST control catalogs or special publications. Finally, PCI-DSS work is good for audit work since it organizes the requirements for cardholder data environments. Can't wait to read your free book 📚 to absorb some more wisdom.
Awesome video! Love the real world questions and examples.
Thank you Gerry! Currently taking the course and entering into the Risk Management section. I got my security + about 2 months ago. Enjoying your content a ton!
Look forward for the book.
#TeamSC
🌍🌏🌏👋
My question is do I go for sec+ first or can I get my CGRC and start applying to roles
I’d get sec+. Look at open job postings and see if they are asking for CGRC
Great stuff! I took his course and got hired 2 years ago! Thanks for all you do!
That is awesome!
Holy Shit!
There’s Closed👈🏼 Captioning👈🏼
The glitching triggered my vertigo... good content but now i must go be sick.