Table of Contents

Part I: A Career in the Security Industry

  • Chapter 1: Choosing a Career in Information Security
    • Do You Want Job Security for Life?
    • Choosing Your Path: What Specializations Are Available?
      • The Complexity of Our Industry
      • Is There Any Standardization?
      • A Modern Categorization for Tech Companies
      • Career Paths Are Not Linear
  • Chapter 2: Cloud Security as a Career Path
    • The Rise of Cloud Security: Why Choose a Career in This Domain
    • So, What Exactly is Cloud Security?
  • Chapter 3: Understanding Career Levels
    • A Look at Progression Frameworks
    • Don't Take Titles Too Seriously...
    • ...But Also, Titles Do Matter

Part II: Entering the Field

  • Chapter 4: What Skills Do You Really Need?
    • Is Formal Education Necessary?
    • Learn Foundational Computer Science
    • Learn To Code
      • Understand Software Design Principles
      • Get Familiar With at Least One Programming Language
      • Develop a Small Web Application
    • Learn Version Control
    • Learn Foundational Security Concepts
    • Learn General AppSec Concepts
  • Chapter 5: Tips for Effective Learning
    • Find Your Learning Style
    • Create a Learning Plan
    • Build a Knowledge Base
    • Avoid Relying on "AI" Chatbots
  • Chapter 6: What Does It Mean To Be At This Stage
    • The Experience Paradox
    • What's Expected of You
      • Observe and Learn
      • Be Curious
      • Cultivate a Growth Mindset
      • Be Slow But Steady
      • Learn How To Ask Questions
    • Avoid Making a Bad Impression
    • In Summary: Make Yourself an Easy Hire
  • Chapter 7: Working Towards the Next Stage
    • Do Your Job
    • Have Some Side Projects
      • Why Having Side Projects is Important
      • Need Some Inspiration?
    • Start Building Your Personal Brand
      • Be Consistent
      • Have a Personal Website
      • Have a LinkedIn Profile
      • Have a GitHub Profile
      • Have a Twitter Profile

Part III: Establishing Yourself

  • Chapter 8: The Essential Skills You Need To Learn
    • Improve Your Software Engineering Skills
      • Be Proficient With Git
      • Get Used To Treat Everything as Code
      • Pay Attention To Code Quality
      • Pay Attention To Your Writing Skills
      • Know Your Tools
    • Become Familiar With a Cloud Provider
      • Understand the Concept of Cloud Computing
      • Pick a Cloud Provider
      • Key Concepts To Comprehend
    • Understand the DevOps Philosophy
    • Learn How To Manage Servers
    • Learn Containers
      • The Basics
      • The Components
      • Working With Images
    • Learn Container Orchestration
      • Why What You Think You Know is Probably Wrong
      • Understanding Kubernetes Architecture & Components
      • Get Hands-On Experience
      • If You Want To Be “Production Ready”
    • Learn Container and Kubernetes Security
    • Learn Infrastructure as Code
    • Learn CI/CD
    • Next, Tackle DevSecOps
      • Embedding Security in the Development Process
      • A Modern DevSecOps Pipeline
    • Pay Attention To Secrets Management
  • Chapter 9: Tips for Effective Learning
    • Keep Focus
    • Practice, Practice, Practice
    • Certifications: How Important Are They?
      • Some Caveats To Consider
      • Certifications I Would Recommend for Cloud Security Engineers
  • Chapter 10: What Does It Mean To Be At This Stage
    • Working Towards the Senior Role
      • The Many Faces of the Senior Role
      • Being Considered a “Senior”
    • What's Expected From You
      • Technical Competence
        • Execute. Execute. Execute
        • Champion Technical Excellence
        • Be a Product Engineer
      • Have Excellent Communication Skills
      • Be a Professional
        • Be Reliable
        • Treat Others With Respect
        • Be a Manager of One
  • Chapter 11: Working Towards the Next Stage
    • Keep Growing Your Skills With Side Projects
      • First, Build a Lab
      • Then, Start Experimenting
      • Practice Shipping
      • Consider Open Source
    • Build Your Brand Internally Within Your Company
      • Market Yourself
        • Weekly Digests
        • Brag Documents
        • Tell Me About a Time Documents
      • Manage Up
      • Plan For Promotion
    • Keep Building Your Brand Externally Within The Industry
      • Keep Working on Your Personal Brand
      • Share Your Knowledge
      • Network
      • Speak at Conferences
      • Watch Out for Pitfalls

Part IV: Thrive

  • Chapter 12: The Skills You Need To Master To Be Well-Rounded
    • Dig Deeper in the Security Aspects of Cloud Providers
    • Work With Kubernetes Beyond the Basics
    • Refine Your Terraform Skills
    • Know How To Secure CI/CD Pipelines
    • Know About Supply Chain Security
    • Know About Security Logging and Monitoring
    • Other Topics You Should Know About
  • Chapter 13: Tips for Effective Learning
    • Learn From Others
    • Consider Investing in Professional Coaching
    • Own Your Career
  • Chapter 14: What Does It Mean To Be At This Stage
    • Reaching Staff+
      • What is a Staff+ Anyway?
      • Avoid Over-Specializing in a Niche
    • What's Expected From You
      • Technical Leadership
      • Consider Communication Your Primary Skill
        • Writing is Where You’ll Spend Most of Your Time
        • Public Speaking Can Help, Too
      • Be Able To Influence
      • Help Others Grow
        • Share Your Knowledge
        • Mentor Others
      • Cooperate With Management
        • Own Project Management
        • Consider a Stint in Management
  • Chapter 15: Final Tips for a Long Career
    • Your Brand is Your Most Important Asset
    • Stay Relevant
    • It's Time in the Game, Not Timing the Game

Part V: Interviewing and Choosing Your Next Company

  • Chapter 16: Pick Your Adventure
    • FAANG: For World-Scale Expertise
    • Startups: For Growing Quickly
    • BigCos: For Learning Solid Processes
    • Consultancies: For a Breadth of Knowledge
    • Non-Tech: Avoid Them If You Can
    • Government: For the Greater Good
    • Putting It All Together
  • Chapter 17: Where To Look for Jobs
    • Job Boards
    • Recruiters
    • Networking
  • Chapter 18: Get Ready for Interviewing
    • Polish Your CV
    • Polish Your Skills
  • Chapter 19: Managing the Interview Process and Securing Offers
    • Understanding the Different Stages of an Interview Process
    • Manage the Process
    • Dealing With Offers