In partnership with

The Career Compass – Edition #43
Your guide to career clarity, cybersecurity insights, and professional growth.
By Luke Gough – Career Coach | Tech & Cybersecurity Recruiter | YouTube Creator

Video of the week: How to Get Started in Cybersecurity – A Chat with The BowTiedCyber (Evan Lutz)

Ready to enter the exciting world of cybersecurity? This week, I chat with Evan Lutz, widely known as The BowTiedCyber. Evan shares his insider perspective on launching a successful career in cybersecurity, from understanding the essential foundational skills to navigating your first job applications.

Key takeaways include:

• Detailed breakdown of the most valuable beginner certifications and why employers look for them.

• How to build a compelling cybersecurity portfolio with limited prior experience.

• The best strategies for networking effectively within the cybersecurity community.

Check out Evan’s popular Zero to Hoody Boot Camp, an intensive training designed specifically for newcomers: 👉 Zero to Hoody Boot Camp

Your boss will think you’re a genius

If you’re optimizing for growth, you need ecomm tactics that actually work. Not mushy strategies.

Go-to-Millions is the ecommerce growth newsletter from Ari Murray, packed with tactical insights, smart creative, and marketing that drives revenue.

Every issue is built for operators: clear, punchy, and grounded in what’s working, from product strategy to paid media to conversion lifts.

Subscribe for free and get your next growth unlock delivered weekly.

Sign up now

Cyber Spotlight: Penetration Testers

This week's spotlight shines on Penetration Testers, critical members of cybersecurity teams who ethically "hack" systems to identify vulnerabilities before malicious attackers do.

Role Overview:

• Conduct security assessments and penetration tests across web applications, networks, and cloud infrastructure.

• Document vulnerabilities and provide actionable remediation strategies.

• Work closely with developers and system administrators to fortify defences.

Key Skills and Certifications:

• Familiarity with Linux, scripting languages like Python, and penetration testing tools (e.g., Metasploit, Burp Suite).

• Certifications like OSCP (Offensive Security Certified Professional), CEH (Certified Ethical Hacker), and eJPT (eLearnSecurity Junior Penetration Tester).

Career Path:

Penetration testers can advance into senior roles such as Red Team Lead, Security Consultant, or Security Architect.

News & Trends in Cybersecurity

Rise in API-Related Cyber Threats

• API (Application Programming Interface) attacks have surged, driven by rapid digital transformation. Protecting APIs is becoming a major security focus.

• Skills in API security, including tools like OWASP API Security Top 10, are increasingly sought after.

📊 Growing Importance of Cyber Risk Quantification

• Companies are shifting towards quantifying cybersecurity risks in monetary terms, using tools like FAIR (Factor Analysis of Information Risk).

• Professionals who understand risk quantification and business impact analysis have an advantage in hiring and promotions.

📌 Zero Trust Framework Adoption

• Zero Trust continues to dominate security strategy discussions. Companies are actively seeking candidates familiar with zero trust architectures and principles.

• Relevant experience with solutions like Zscaler, Okta, or Microsoft Azure Active Directory is beneficial.

Career Tip: Mastering Cybersecurity Interviews

Interviewing for cybersecurity roles can be challenging due to the technical depth and problem-solving focus. Here’s a detailed approach on how you can thoroughly prepare and excel:

• Research Common Questions: Familiarise yourself with frequently asked cybersecurity interview questions. Websites like LinkedIn, Glassdoor and Reddit offer valuable insights into actual interview scenarios.

• Practice Real-World Scenarios: Clearly articulate scenarios you've encountered during your training, personal projects, or internships. Explain the problem, your role, the actions taken, and the outcome. This structured storytelling demonstrates your practical experience and analytical thinking.

• Technical Mastery: Be ready to tackle technical questions confidently. Ensure you're well-versed in foundational concepts like networking, encryption, access control, and common vulnerabilities (e.g., DNS poisoning, XSS, SQL injection).

• Logical Problem-Solving: Interviewers often assess your logical reasoning by presenting hypothetical security incidents (e.g., phishing attacks, ransomware detection, insider threats). Outline your step-by-step investigative approach, highlighting your systematic problem-solving skills.

• Soft Skills Demonstration: Cybersecurity roles increasingly require collaboration across teams. Show how you effectively communicate complex technical information clearly and concisely, emphasising your teamwork and communication skills.

Pro Tip: Remember, interviews aren’t just about technical proficiency—they assess your overall fit and potential growth within the team. Stay calm, communicate clearly, and don’t hesitate to ask clarifying questions during the interview. Hiring managers appreciate candidates who demonstrate structured thought processes and proactive engagement.

Tool to Know: Wireshark

Wireshark is the industry-standard tool for network protocol analysis, widely used by cybersecurity and IT professionals.

Practical Uses:

• Identifying security incidents, such as data breaches and malware communications.

• Troubleshooting network performance and latency issues.

• Validating encryption effectiveness and compliance with security standards.

Skills to Master:

• Filtering network traffic and interpreting packet captures.

• Understanding protocols like TCP/IP, DNS, HTTP/HTTPS, and SSL/TLS.

Recommended Training:

• Official Wireshark Training: Comprehensive free tutorials on the official Wireshark website.

• Advanced courses available through platforms like Udemy and Coursera.

ATS and Why Tailoring Your Resume is Crucial

Applicant Tracking Systems (ATS) are software solutions employers use to automate the initial screening of job applications. Here’s why tailoring your resume is essential:

• Keyword Matching: ATS scans resumes for specific keywords found in the job description. Tailoring your resume to reflect these exact keywords increases your chances of getting through this automated screening process.

• Relevant Experience Highlighting: A tailored resume clearly demonstrates relevant experiences and skills aligned with the job role, making it easy for recruiters to quickly identify you as a strong candidate.

• Showcases Genuine Interest: Tailoring your resume for each application indicates genuine interest and effort, setting you apart from candidates using generic resumes.

How to Tailor Your Resume Effectively:

• Carefully read the job description and highlight repeated or emphasized phrases—these are likely ATS keywords.

• Update your professional summary to align with the role’s responsibilities and required skills.

• Adjust bullet points in your experience section to focus on achievements that are most relevant to the position.

• Keep formatting simple: avoid headers, footers, graphics, or tables that may not be ATS-friendly.

💬 Community Question of the Week: Which cybersecurity certification are you currently pursuing, and why did you choose it?

Share your thoughts by replying to this email or messaging me directly on LinkedIn. Your experiences can inspire others!

✉️ Final Thought:

Starting a cybersecurity career might seem daunting, but with clear guidance, continuous learning, and a proactive approach, success is closer than you think. The field is wide open—your opportunity awaits.

Ready to talk through your next steps? Let's connect.

📞 Book Your 15-minute Exploratory Call
📧 [email protected]
🌐 lukegoughcoaching.com

Thanks for reading, and as always, keep levelling up your career.

Best wishes
Luke Gough
Recruiter / Career Coach / Founder of The Career Compass