Is Cyber Bootcamp the "right" decision?

The year is 2022, and the rise of posts and advertisements surrounding the copious amount of Cyber Security Bootcamps is taking over my Instagram feed! Although I am not one to enjoy spam messaging, it is hard to argue that the thought of a career in the field was not thought provoking. After an extensive amount of research on the learning material the Cyber Bootcamps would provide, and weighing the pros and cons of embarking on this journey, I decided to jump in headfirst to obtain a wealth of knowledge that would help me achieve my five year career goals. Allow me to explain my thought process in this post, and weigh the pros and cons on paper as to assist others who may be on the fence of pursuing a career in the Cyber Security Industry as well.

The Start of it all:

In my early career days before I dedicated my potential to this path, I began learning the Python programming language through an online education platform called Codecademy back in January of 2022. I figured if I could not sit in front of a computer for extended periods of time, or even comprehend the language they use to communicate, how could I ever succeed in this field? Finishing the module took about 2 months of daily studying and review of material, and I felt like I was starting to get a grasp on how computers process information locally. This opened up a door to start considering how to learn their connectivity. This is where I started to comb YouTube for any and all educational videos surrounding networking, ethical hacking, and information technology (there are many arguments made for YouTube's efficacy as a learning platform, but I vetted every channel I watched and kept an open mind to the information's accuracy). After all, I am an auditory learner and retain information best when I can hear it explained! My search led me to networkchuck's page, and I was absolutely blown away at the entry level clarity he brought to the table surrounding IT, networking, and most importantly... ethical hacking! His video series called "Free CCNA" stressed the importance of knowing exactly how computers connect and speak to one another across the internet, so I knew that subject matter was the next step in my trail. Little did I know that as fantastic as this wealth of knowledge was, I began to spread my learning capabilities way too thin.

I was about 25% of the way through CCNA learning material when the realm of Cyber Security began to overwhelm me. I was learning networking, security, ethical hacking, programming, Linux, Windows, cloud, and far too many other subjects that are valuable in their own regard, but extremely complicated as a newbie and altogether at once! I had been looking for a career change for years, and Cyber Security is the first subject that truly captivated my attention for the remainder of my hours not spent at a 9-5 day job. I felt lost; I felt like I was becoming a jack of all trades but a master of none. This pivotal moment in my studies caused me to take an extremely introspective look at where I needed to go, and all signs pointed towards a formal education program. The Instagram algorithms kicked in and started to expose my attention to the possibility of a Cyber Bootcamp. I am not one to fall for marketing ploys at all, but I could not write off such an idea without first considering if it was a viable option. After researching different programs, and speaking with advisors on how I could fund one, I decided on Arizona State University's Cyber Security Bootcamp to kickstart my career.

The Bootcamp:

The bootcamp run by Trilogy Education utilizing ASU, in a nutshell, consisted of this: A multifaceted Cyber Security education program teaching relevant job ready skills in systems administration, networking, security GRC, digital forensics, SOC monitoring, penetration testing, cloud architecture, and wrapping up with a passion project of choice. The material reflected a majority of information included in the domains for the CompTIA Security+ (SY0-601), and the bootcamp even included a free exam voucher and CertMaster Practice test environment. The faculty and instructors alike explained that their program, combined with self study and practice, would gift me with the necessary skills to pass the Security+ on your first attempt and set you above a lot of entry level applicants in pursuit of jobs within the field. A significant amount of the latter portion of the Bootcamp was also centered around professional preparation, LinkedIn fortification, networking skills and opportunities, and career service advisement. As a young and aspiring professional, this sounded like the complete package I was looking for! Every decision has its ups and downs, however, and I am sure anyone reading this who is on the fence about Cyber Security is truly curious about whether a huge decision like this is even worth it. The following pros and cons are from MY personal experience, and do not reflect an exact layout of how yours would end up.

PROS:

1. Organization

The sheer amount of knowledge necessary to be successful in a career field such as Cyber Security is almost unfathomable. The landscape is changing constantly, new technologies are being developed at exponential rates, and it almost seems impossible to catch up. The Bootcamp provided structure and purposeful teachings that helped scale my capabilities and provide me with a jumpstart towards specialization (Cyber Security is too broad of a subject on its own; there are many specializations that can be found here).

2. Real-World Projects

One thing my instructors emphasized is that the projects we were working on both in class and for assignments were directly related to actual tasks and tools that are used on the job. We worked in provisioned Vagrant virtual machines with preloaded learning modules, and used actual tools that can be added as skills on a resume. Some tools included Linux (Ubuntu and Kali distros), Windows Server and Active Directory, Hyper-V, Azure, Snort, Autopsy, Splunk Enterprise Security, and many more. This real-world application made these projects perfect to start a working portfolio for a fortified resume!

3. Career Services

This is kind of a gimme, as resume prep and professional portfolio building go hand in hand with university level education, but the Bootcamp provider (Trilogy Education) provided assistance with bolstering online presence via LinkedIn and other job sites. Networking is huge in the IT and Infosec industries, and the knowledge gifted to me regarding this display of my skills and capabilities is invaluable.

4. Networking

The Bootcamp consisted of a class size around 27, and then dwindled down to maybe 18 within the first 2 weeks. Cyber Security is not everyone's cup of tea, and that is totally okay! This bullet point relates to the fact that in my position, I already had 17 other professional network connections that I could collaborate with, support, communicate, and experience this life-changing opportunity together. The comradery is exactly what I would experience in a professional setting, and being able to both learn from and teach my colleagues allowed us all to increase our learning material retention through teamwork. We all came from different industries and backgrounds, so it was easy to relate to one another and lend a helping hand when we needed it!

5. Encouragement

When I embarked on this journey, I was extremely hard on myself and my ability to learn these new competencies as fast as I could. The Bootcamp is abridged education, after all, and the words I would use to describe its teachings are "all gas, no brakes." There were weeks that I was not quite grasping the subject matter, and I truly had to bury my face in a book in order to stay with the pace of the class, but my instructor never gave up or allowed me to give in to defeat. The positivity, the mentorship, and the consistent reminder that I could succeed no matter where I started from influenced me to push harder and keep pursuing excellence. I have no doubt he did the same for every other student in my cohort or the cohorts prior.

CONS:

1. Job Outlook vs Reality

At the time of writing this it is September on 2023. I have been applying to entry level SOC Analyst, GRC Analyst, and Network Analyst jobs for about 9 months since graduation. I have obtained my Security+ (04/26/2023), and I have continued to receive hundreds, and I mean hundreds, of denials for positions that appear to be very "industry beginner" friendly. This can be attributed to the massive tech layoffs of 2023, the poor state of the US economy, and the immutable paradox of "needing a job but have no experience, and can't get experience because of no job." This is not to say I cannot complete projects on my own free time that portray relevant real-world skills, but admittedly this is difficult when working a full time job during the week. I have been working every day for almost 2 years now on other certifications and side projects, bolstering my resume and portfolio, and have only received 1 in person interview (which was early in my application process and I was severely underprepared for). When people discuss the shortage in the Cyber Security industry, they fail to mention this: the shortage lies in advanced positions that are not entry level. There is a massive skill gap that leaves higher level positions vacant, and the exorbitant amount of newcomers to the industry all applying to the same entry level jobs make it even more difficult to stand out instead of being disregarded as another statistic. I could sit and complain about this all day, or I can do something about it by creating content and bettering my chances of standing out through networking and resume enhancement. This doesn't change that relevant to the bootcamp, it is a con worth considering: you will be fighting right out the gate for a job.

2. Affordability

Hindsight is 20/20, and boy do I wish I had my current patience level back then. Financing is always available, but student debt is almost unavoidable in this market. Without revealing specifics, the financing option is rather predatory and irrational in the way they have you pay them back. Their idea is that you pay minimally while in class, and then your bill kicks up a little time after graduation. They bank on you getting in a position right out of the Bootcamp, but as you read above, this is not the case. It is my own fault for choosing this financing option, as I was on a time crunch for registration and could not apply for FAFSA in time, but it is still worth mentioning that if you do not have the finances for this, there are many free opportunities to learn the same material online. Because of my situation, I required a faster process of learning with more structure. Those are the luxuries I paid for by registering for this Bootcamp, and at the end of the day, if you can gain the knowledge for free (and are not constricted to an arbitrary timeline), then do it for free!

3. The Resume...

You're probably confused seeing this item listed here. I'll be honest, I am confused why I even have to write it here! Long story short, a resume needs to be tailored to a specific role you are applying for, there is no avoiding it. The resume I submitted to career services for review was in their eyes, "bulletproof." I spent 7 long months of applications thinking that I only lacked experience in the field. Then I decided to dig a little deeper with how the Application Tracking System (ATS) works. I found this free version that could parse my resume and tell me how likely my resume would pass the tracker's screening, and I was appalled at the results. This whole time I had humans telling me my resume looked immaculate, and the computer was barely telling me I had one at all! Devastated and rightfully irritated, I had to dedicate a significant amount of time towards researching how a proper Cyber Security resume looks that would also defeat the ATS and be seen by a human. I ran my revised resume and it scored a lot higher, but it does not negate that I had no idea I was even using an "unqualified" resume for that long with not the slightest indication. Something to consider, use the ATS provided in the link to test your resume early so this doesn't happen to you!

Final Thoughts:

I believe anyone who is remotely curious about a Cyber Security Bootcamp needs to at least consider these pros and cons. If I were to have done it differently, I would have utilized a lot more of my free time specializing in a career path, and I would have done a lot more research on other opportunities to learn for free or cheaper. I am biased because of my own financing situation, but if you do not need to climb into debt, don't! The most important takeaway of all though can be summed up in one word: Networking. After reading articles of layoffs, watching the ATS fail to deliver my resume to the proper eyes, and pursuing the watering hole that is applying for the same job as everyone else, networking is the most important tool of all. It allows you to circumvent gatekeeping technology, prove your skills through collaboration and asking questions, and it opens a plethora or doors that could one day be held open if your portfolio contains what an employer is looking for. I have parsed through industry experts' advice and the most common agreeance is the focus on networking. This is not to say that other hands on skills are not required; what you bring to the table matters just as much, but meaningful professional connections will take you farther than any piece of paper submitted through a mass aggregation system will. I am still on the hunt every single day, and I do not plan on backing down from the challenge. The Bootcamp has taught me that it is possible to enter the industry, but it is going to take hard work, focus, and patience. You decide what is best for your current situation, and I hope this at least shed some light on whether or not a Cyber Security Bootcamp is in your future. If you want to begin that networking journey now (WHICH YOU SHOULD), feel free to connect with me on LinkedIn and bring questions, insight, or feedback from your own experiences as well!