Community Discussions
Explore the latest discussions and community conversations related to this domain.
What are the realities of working in cyber security?
Main Post:
I'm about to pull the trigger on going to WGU to get a Bachelor's and finally move on from help desk after being here 3 years, but I'm stuck on deciding if I want to focus on programming or cyber security. I enjoy both, but I'm trying to figure out if I only enjoy them as a hobby or if my interests can span further into a career.
I understand that red team is a lot more interesting and it's definitely where I would want to end up because I absolutely love working the rooms in tryhackme and HTB, but I could also see blue team as having some interesting work finding threat actors, doing some sleuthing to figure out what they're doing, lock them out, and prevent it from happening again.
My worry for working in cyber is that it'll be nothing like the either hacking fun of red team or the cyber detective fun of blue team, and the reality is more of making sure Ann from accounting doesn't fall for another scam email or Jim from marketing stops writing his passwords on post-it notes on his monitor or making sure a manager or director doesn't put confidential data on a flash drive and forget it at a Starbucks.
Working in help desk for 3 years and tech support for longer, I've learned just how gullible and unaware of security risks people are, and I'm worried most roles in cyber are basically acting as a shepherd making sure people don't stray too far.
Top Comment: Some realities are: Cyber Security is vast, yet many who are on the outside think it's mainly about pen testing or stopping breaches. I don't blame having that perspective because most of the available training online is geared to those areas, but there is so much more out there. Another reality is that no matter what you do in cyber security, documentation, writing reports & meetings are still fundamental parts of the job.
Is it worth it to get into cybersecurity right now? Are jobs really that hard to land?
Main Post:
I have a friend working from home as a cybersecurity analyst and he said that he didn’t have too hard of a time landing a job. All I see on Reddit is people saying it’s extremely difficult to land jobs. What’s the reality of the job market? Is it likely to get better in the next couple years?
Top Comment: It depends. Entry level is going to be a lot harder than mid or experienced level IMO. Based on my almost 20 years in the industry, boom/bust cycles are cyclical, but with the current nonsense going on in the US, I really can’t say how much worse its going to get before it gets better. The best I can say is to be prepared now so you can pounce on opportunities when they arise. Also from my experience as someone who has been hybrid for more than 10 years and fully remote since the beginning of the pandemic, there’s a ton of pushback against full remote work. Fully remote cyber jobs are going to become even more rare, especially entry level ones.
Is Cyber Security actually that great?
Main Post:
For those with experience in Cyber Security, is it really that exciting? I'm sure it varies from person to person and job to job, but I don't understand the excitement people have about Cyber.
I work desktop support, and I never had a strong interest in Cyber. Seeing the incredible competition to get into it made me largely write it off as a career path, but maybe I'm just missing something?
Edit: Thanks for all the replies! I'm of course not trying to shit on anyone's career choice, and I fully understand that it's an essential field in our world
Top Comment: Too many people think it sounds cool when it’s not glamorous at all. There are other specialties with more demand.
If you're looking to get into Cyber Security please consider the following..
Main Post:
- It’s mostly meetings, audits, report writing/reading, and then more meetings. Yes, there is a large technical component, but it’s often overshadowed by paper pushing. This isn’t just true for blue teams - it applies to red teams too. One pentest report could have 12–15 pages dedicated to one IDOR vulnerability.
- Cybersecurity degrees are almost never worth it. College is great, and it’s even better when you’re studying a tried and true degree like Computer Science, which will always offer value well into the future. Howevr, cybersecurity is not an entry level field, and very few people actually graduate and move directly into a JR Sec Analyst/SOC role. It just doesn’t happen. You’re better off doing a 2 year IT program that covers computer science fundamentals/programming from an accredited school, or a 4 year CS degree from a traditional university. If neither of those are an option due to cost or flexibility, then go for certificates from known and reputable vendors - not some random LinkedIn Learning module nobody has heard of..
- You’re going to need knowledge across several domains: networking, programming, OS architecture (deep familiarity with Windows, Linux, and macOS internals.. especially command line, file systems, permissions, processes, and memory), incident response, risk management, threat analysis, and much more. Most importantly, soft skills. You will not get hired if people don’t want to work with you.
I just wanted to list these as I feel they are most pertinent to finding a job in cyber security. I work as a Cybersecurity Analyst and have 7 years in IT, and it's PARAMOUNT that you understand the above IMO.
Top Comment: Also, 99% of the time, you don't try to 'catch' cyber criminals in epic detective-like investigations, but prevent Peter from accounting clicking a malicious link while slogging through hundreds of false positives alerts.
Why do so many people want to get into cyber security?
Main Post:
I’m just curious as to why so many people want to get into cyber security when there are many other areas in tech, what’s the draw to cybersecurity? I don’t get it.
Top Comment: Hype and money. Like 80% of the people I interview for Infosec roles say they want to be pen testers, basically none have any idea what that means or have any skill set towards being a pentester. It just has that hype because people like to think they are good guy hackers. There isn't anything wrong with it, it's just a lot longer of a road than people think. And there is a constant bombardment of "we need 2 million Infosec people" in the media and a lot of hype around pay. But to be honest, Infosec DOES pay well currently, compared to tons of tech jobs. And it IS fun, if you like the work. I love working in security, but I also liked designing and implementing cool stuff when I was a systems engineer.
Is it worth starting to learn cybersecurity at 25?
Main Post:
Hi everyone,
I'm currently 25 and have been working on creating websites for a while, but I'm looking to reprofile and move into cybersecurity. Recently, I started learning through TryHackMe, and I really enjoy it so far.
I wanted to ask this community:
- Is it too late to start learning cybersecurity at 25?
- Are there any specific areas or paths I should focus on as a beginner to make the most out of my learning?
- How do I know when I’m ready to apply for entry-level jobs?
If it’s worth pursuing, what other resources, certifications, or skills would you recommend?
I appreciate any advice, tips, or personal stories you might have. Thank you in advance!
Top Comment: If I was 25 again and wanted to get into cyber I would join the military for 10 years then go private sector at 35.
Burnt Out at Work, So I’m Diving Head-First Into Cybersecurity — Roadmap/Resources Anyone?
Main Post:
So I’ve hit that stage where my 9-5 is going smooth, pays well, but I’m just... bored outta my mind . Been deep into Web Dev, DSA, C++, Python, JS, frameworks — done the grind, built cool stuff, shipped real-world apps. But now? I need something fresh. Something real. Something that gets me hyped to wake up at 5AM again.
Cybersecurity
I’m talking the full send — red teaming, blue teaming, ethical hacking, tool building, even building my own OS if I need to. I’m not here for just CEH cert flex — I wanna understand systems, break them, defend them, and maybe build a few badass tools along the way. I’m down for malware analysis, reverse engineering, buffer overflows, the works.
What I’ve Got:
- Strong in programming (C++, C, Python, JavaScript)
- Solid DSA background
- Web Dev pro: HTML, CSS, React, Node, all that jazz
- Time & focus: I can give 6+ hours/day consistently
- Willing to go deep — not afraid of 100–300+ hour courses, bootcamps, or cert paths
- Already checking out stuff like OSCP, SANS, TryHackMe, TCM, and NetworkChuck
What I Need From You Cyber Legends:
- A gritty, full roadmap: beginner to advanced
- Hardcore paid course recommendations (deep stuff, not surface-level)
- Hands-on lab platforms (CTF, home labs, malware labs)
- Any advice you’d give to someone going from 0 to 100 in this field
- Optional: how to not lose your mind while learning memory forensics
I wanna feel like a wizard with a terminal again. Appreciate any resources, stories, or reality checks y’all can drop.
Let’s go break and build some systems.
Top Comment: This post feels very much AI generated. Not to mention if you've built apps and been deep into web dev etc you could probably just search google or this subreddit before making another looking for resources post. Right?