GRC Certification Roadmap v1.0: Recommended Training and Certs #cybersecurity #grc

preview_player
Показать описание

// MAIN POINTS //
🎓 Education is only 10% of a Career Development Plan, but the bottom line is that certs have value because hiring managers prefer certified candidates
📚 The beginner level (year 1) focuses on foundational knowledge
💼 The intermediate level (years 2-3) is about becoming an independent consultant and leader
🪡 The roadmap is an illustrative example and can be tailored to individual needs and goals

Feedback on the roadmap is welcome. Views expressed are my own.

// REFERENCES //

#cybersecurity #career #grc #CareerAdvice #CareerGoals #ProfessionalDevelopment #JobSearch #CareerGrowth
  1. Steve McMichael - CPA to Cybersecurity
Рекомендации по теме
GRC Certification Roadmap 0:09:54

GRC Certification Roadmap v1.0: Recommended Training and Certs #cybersecurity #grc

A Day in 0:00:16

A Day in the Life of Cyber Security | SOC Analyst | Penetration Tester | Cyber Security Training

Cloud Connectivity Certification 0:20:55

Cloud Connectivity Certification Guide | Snack Minute Ep. 125

Your Cybersecurity GRC 0:13:54

Your Cybersecurity GRC Career Plan: How to Grow Faster #GRC #cybersecurity

Simply Cyber GRC 0:12:14

Simply Cyber GRC Analyst Masterclass Study Notes: Chapter 4 Risk Work in GRC #cybersecurity #grc

Kimi K2 Deep 2:41:33

Kimi K2 Deep Dive: Groq Interview, Live Setup & AI Hangout

Is there a 0:01:26

Is there a certification for NIST 800 171

How do the 0:01:47

How do the NIST CSF and the RMF compare to one another

Are RMF and 0:03:18

Are RMF and CSF the same?

Best Top Entry-level 0:13:01

Best Top Entry-level IT Certifications To Launch Your Career In 2023 - InfoSec Pat

How to Break 0:12:33

How to Break into Cybersecurity GRC: 3 First Steps (Rant Epilogue Part 1) #GRC #cybersecurity

CMMC Explained: Certified 0:03:22

CMMC Explained: Certified Professional | Edwards Performance Solutions

Who Needs a 0:03:09

Who Needs a CMMC Certification?

Tips to Preparing 0:18:56

Tips to Preparing for the Updated CGEIT Exam

CMMC: An Overview 0:57:35

CMMC: An Overview and New Developments

How to Pass 0:07:07

How to Pass the CEH in 30 Days | Study Techniques, Resources, Tools,

RSAC 365 Virtual 1:27:48

RSAC 365 Virtual Seminar: Risk Management & Governance (Part 1)

The High Level 0:05:22

The High Level CMMC v1 Level 1 Overview

Gravel-Bike Kaufberatung (2025): 0:03:31

Gravel-Bike Kaufberatung (2025): Top 3 Fehler für Einsteiger | Nach Test auf Deutsch

An Introduction to 0:08:14

An Introduction to CMMC Assessment Guides

Free Cybersecurity Training 0:11:07

Free Cybersecurity Training | Snack Minute Episode 119

Azure security best 1:07:16

Azure security best practices and patterns

Breaking #Cybersecurity #GRC 0:57:27

Breaking #Cybersecurity #GRC Skill Fit Stereotypes in Cloud Security Office Hours

How the C|CISO 0:05:40

How the C|CISO Certification Transformed My Cybersecurity Career | Shaikh Mohammad Abdullah

Комментарии
Автор

Great roadmap! Security+ was my first cert and changed the trajectory of my career. In years 2-3, I recommend getting one or both of the Cloud Security Alliance certifications, Certificate of Cloud Security Knowledge (CCSK) or Certificate of Cloud Auditing Knowledge (CCAK). Most of the auditing and GRC work is oriented toward cloud-hosted environments, so understanding the cloud, specifically the shared responsibility models, and how to audit the cloud is important.

Fencelete
Автор

I look forward to crowdsourcing answers to these questions at GRC Study Hall tonight, with Chris Whitlock from the Simply Cyber community. Here's another one I received: "I want to pursue my career in GRC Auditing. But I am confused about the certifications in Auditing. I have knowledge of cybersecurity and penetration testing and also have experience in that. For Auditing we have iso27001 LA but if I go with PECB or BSI, then the certification is costly. But there is one more provider SKILLFRONT, which is cheaper. Can you tell me if I can go with skillfront certification or not."

cpatocybersecurity
Автор

This was a really good roadmap breakdown. Thank you!

JustAGrl
Автор

Valuable info, what do you think about CRISC certification ?

MK-obzy
Автор

My concern is gaining an experience actual work in the field as a being inner so far, I’ve done the simply cyber grc master class and currently taking a Google cert on grc .

JuanMartinez-nhni
Автор

Ok, so the job postings will name Isaca certs but job postings seem to always say “or other equivalent” so I decided I should (and I did) get the CCSK certification and open book or not it was difficult do pass. Note the questions where written (maybe Europeans communicate differently than US and therefore it adds a language disconnect?).

Also, i took two udemy classes for cloud and got through the AWS practitioner certification previous to the CCSK and this was great because the CCSK material is in there and CCSK reaffirmed (shared responsibility model etc). The cloud knowledge was key in helping me get straight all the tech involved such as monitoring, backing up, least privilege, siem, edr…

HINT: You missed software as a possible route such as becoming an admin for something such as Service now or Archer??

I feel that after the AWS cloud Practitioner and CCSK I was ready to see the practical workaday stuff and took the GRC masterclass which his stream of consciousness way of instructing was perfect to let me see how a seasoned GRC professional completes audits and risk assessment etc.

gritred
Автор

Thank you for this wealth of information, I will be using it. I completed my Security+ training in February and afterwards completed a GRC mastery course by Unixguy on youtube. I was looking to take the IT Risk Fundamentals exam by ISACA as it seemed like a cert I qualified for as someone with no IT experience. Do you think it will be worthwhile to pursue?

Cybera
Автор

Nice video, thanks for the video, after sec and Net+ Comptia and GRC certification, which roadmap Do you suggest for becoming Data loss prevention analyst?

mauricecioccato
Автор

what do you think about the grc mastery by unixguy compared to the simply cyber master class in terms of getting knowledge directly transferable 1:1 to the job and interview success

AdelSnow
Автор

I know it's not security, but would having the CCNA cert and a little experience in networking be a not too difficult of a transition to GRC, instead of the networking career path? Sorry if the question is too vague.

bryan
Автор

just curious to know why did you not just transfer over into data analytics with your professional background and credentials

DallasFort
Автор

is experience in cloud security important?

cyberaddict
Автор

hi, thank you for your video. I am based in the UK, I have no experience in cyber security and/or IT, but I want to change careers and I believe i have transferable skills for GRC roles. Is this roadmap suitable for UK residents? if not, could you please advise on a road map for uK residents, thank you.

Fayobi
Автор

Jones William Young Kevin Lewis Anthony

SymonsChasel-fw
visit shbcf.ru