In partnership with

Edition #35 – The Career Compass

Welcome to Edition #35 of The Career Compass—your go-to guide for navigating cybersecurity careers with clarity and confidence. This week, we’re diving into a head-to-head certification comparison, sharing strategies to ask for a raise, and spotlight blue team careers.

Video of the Week: CompTIA Security+ vs Google Cybersecurity – What Should You Choose in 2025?

Trying to choose the right certification to launch your cybersecurity career? In this video, I compare the two most popular entry-level certs: CompTIA Security+ and the Google Cybersecurity Certificate.

✅ What each certification covers
✅ Salary expectations for entry-level roles
✅ What employers and recruiters are really looking for
✅ Which cert helps you get hired faster
✅ Why doing both might be the smartest move

👉 If you're unsure where to start, this guide will help you make the best choice for your goals.

Do More. Spend less on SaaS.

Launch, grow, and scale your company faster with Notion.

Thousands of startups rely on Notion to move quickly, stay aligned, and replace multiple tools. Whether you're building a wiki, managing projects, or writing documentation, Notion is your all-in-one workspace.

Get up to 6 months of the new Plus plan + unlimited AI, for free!

To redeem your Notion for Startups offer, simply visit the Notion for Startups page and apply.

Get the offer

News & Trends in Cybersecurity

🔒 Microsoft Warns of Nation-State Attacks Targeting Cloud Infrastructure

Microsoft recently warned about a surge in sophisticated nation-state attacks on cloud environments. State-sponsored hacking groups increasingly target identity infrastructure, misconfigured APIs, and third-party services linked to major cloud platforms. These attackers are exploiting weak access controls to escalate privileges and maintain persistence without detection.

What This Means for You: Cybersecurity professionals must tighten configurations and regularly audit all cloud-facing endpoints, especially those managing identity and access management (IAM). Knowledge of IAM tools and cloud security best practices (like Zero Trust architecture) is becoming a critical skill set for job seekers.

AI-Powered Phishing Attacks Are on the Rise

The use of generative AI by cybercriminals has led to a new wave of phishing attacks that are nearly indistinguishable from legitimate communications. AI can now create personalised emails using publicly available information from social media, increasing the success rate of phishing campaigns.

Security teams are responding by deploying AI-driven threat detection tools to counter these advanced threats. However, the arms race between attackers and defenders is escalating, requiring constant innovation and vigilance.

What This Means for You: Understanding how attackers use AI—and how to counteract it—can give you an edge in SOC roles or threat intelligence positions. Explore how platforms like Darktrace and CrowdStrike integrate AI into their defence strategies.

💻 Cyber Talent Shortage Hits Record High

The latest ISC2 Cybersecurity Workforce Study reports a global shortfall of over 4 million cybersecurity professionals—the largest gap on record. The most in-demand roles include SOC Analysts, Cloud Security Engineers, and GRC specialists.

Companies are struggling to hire and looking for candidates who can hit the ground running with practical skills and foundational certifications.

What This Means for You: It’s a great time to break into the field. Entry-level roles are becoming more accessible to those with certifications like Security+, Google Cybersecurity, and hands-on lab experience through platforms like TryHackMe or Hack The Box. Companies are prioritising passion, adaptability, and practical knowledge over traditional four-year degrees.

Pro Tip: Build a portfolio, get active on LinkedIn, and show employers what you can do—not just what you’ve studied.. State-sponsored groups are targeting identity infrastructure and APIs, prompting security teams to double down on identity and access management strategies.

AI-Powered Phishing Attacks Are on the Rise

Generative AI is making phishing campaigns more convincing. Cybercriminals are using tools like Chatgpt to craft personalised, typo-free emails that mimic real employees, making social engineering attacks more dangerous than ever.

Cyber Career Spotlight: Blue Team

Blue Team professionals are cybersecurity defenders, responsible for detecting, responding to, and mitigating cyber threats in real time.

🔹 What They Do:

• Monitor networks and systems for threats using SIEM tools

• Conduct threat hunting and vulnerability scanning

• Implement security patches and system updates

• Collaborate with red teams to test and improve defences

🔹 Key Skills:

• Incident response and forensic analysis

• Familiarity with tools like Splunk, Wireshark, and CrowdStrike

• Strong understanding of networking, firewalls, and endpoint security

• An analytical mindset and quick decision-making

🔹 Career Path:

• Entry-Level: SOC Analyst, Cybersecurity Technician

• Mid-Level: Blue Team Specialist, Security Operations Analyst

• Senior-Level: Incident Response Lead, Security Engineer, Threat Intelligence Analyst

🔹 Salary Range:

$70,000 to $140,000+, depending on experience, location, and specialisation.

Thinking About Asking for a Pay Rise? Here's How to Approach It with Confidence

Asking for a raise can be daunting, but with the right approach, it can also be empowering.

1. Do Your Research: Know your market value by checking your field's and region's salary benchmarks.

2. Document Your Wins: Come prepared with clear examples of your impact—projects completed, problems solved, KPIs exceeded.

3. Time It Right: Ideally, ask during a performance review or after a big win. Avoid times of company stress or uncertainty.

4. Be Professional, Not Personal: Focus on your contributions and value, not personal needs or frustrations.

5. Practice Your Pitch: Confidence comes from preparation. Rehearse with a friend or coach.

Even if the answer is "not right now," it starts a valuable conversation that puts your goals on the table.

Resume Tailoring and LinkedIn Optimisation – My Consulting Services

If you're applying to jobs and not hearing back, it’s likely your resume and LinkedIn profile aren’t doing you justice. I offer 1-on-1 consulting services to position you as the ideal candidate for your target roles.

🔹 Resume Tailoring

Tailoring your resume means more than just swapping out job titles. I help clients:

• Analyse job descriptions and identify high-impact keywords

• Rewrite bullet points to focus on outcomes and achievements (not just duties)

• Organise your resume for clarity and readability—employers spend less than 10 seconds on the first scan

• Highlight transferable skills if you're switching careers into cybersecurity or tech

• Create targeted resumes for multiple role types (e.g., SOC Analyst vs. Risk & Compliance)

When your resume speaks the employer’s language, you increase your chances of landing interviews.

🔹 LinkedIn Optimisation

With over 90% of recruiters using LinkedIn to vet candidates, your profile needs to make a strong first impression. Together, we’ll:

• Craft a compelling headline and summary that reflect your value

• Update your experience and skills to align with your goals

• Use keywords to improve visibility in recruiter searches

• Build a content strategy to attract connections and opportunities

Your LinkedIn profile should function as your digital resume, networking tool, and job magnet.

Need help standing out? Reach out for a consult—we'll turn your application into a compelling story that gets noticed.

Why a Personal Statement Belongs on Your Resume

A personal statement, also known as a professional summary or profile, is a 2–4 sentence snapshot of your professional identity, career goals, and value proposition. Placed at the top of your resume, it’s your opportunity to immediately connect with hiring managers.

🔹 Why It Matters:

• Instant context: Provides recruiters with a quick overview of your background, skills, and career focus.

• Positioning: Helps you frame yourself as the right fit before they dive into your work history.

• Customisation: Can be adjusted slightly for each role to reflect the employer’s priorities.

• Differentiation: You can show personality, clarity, and confidence early on.

🔹 What to Include:

• Your current role or title (or career goal if transitioning)

• Years of experience or relevant education

• Key skills, certifications, or achievements

• The kind of roles you're targeting

✅ Example 1:

"Entry-level cybersecurity professional with a background in IT support, Comptia Security+ certified, and passionate about helping organisations protect their systems. Eager to contribute to a growing SOC team."

✅ Example 2:

"Career changer transitioning from finance to cybersecurity, with hands-on lab experience in threat detection, Python scripting, and vulnerability scanning. Strong analytical mindset and a commitment to continuous learning."

🔹 Pro Tip:

Write your statement in the first person and focus on what you bring to the role, not just what you're looking for.

A strong personal statement helps you control your narrative and make a powerful first impression.

Challenge of the Week

Write (or rewrite) your personal statement.

Whether it’s for your resume or LinkedIn, spend 15 minutes crafting a strong, targeted personal statement. Focus on your strengths, career goals, and what you bring to the table. Share it with a mentor or peer for feedback.

Thank you for being part of The Career Compass community. Stay curious, take action, and never stop levelling up your career. I’ll see you in the next edition!

Best Wishes,
Luke Gough
Career Coach / Founder of The Career Compass