I've said it before and I'll say it again: The best approach for you if your goal is to land a cyber security job is the generalist approach.
When you learn, don't be hyper-focused on a single specialisation.
An extreme common case of this that I say on a weekly basis is the obsession to wanting to a penetration tester (ethical hacker).
The problem?
If you are chasing penetration testing, you are competing for one of the tightest job pools in cyber security. Many candidates only realise this after months of study and job searching.
In this video, I break down a smarter path, using the real story of someone who pivoted from a narrow pentesting focus into a much broader and more employable direction:
and if your goal is GRC or SOC analyst, don't worry, I got you. I'll show how to acquire AppSec skills after you finished acquiring GRC and SOC analyst skills.
Glaring issues with obsessing over Penetration Testing:
1) The Hidden Opportunity Most Beginners Ignore
Many aspiring hackers focus purely on penetration testing without realising how limited that market can be, especially at entry level.
Application Security Engineering sits in a powerful position between developers and security teams. It opens doors into multiple career paths and dramatically improves employability when approached correctly.
That's just one example. Don't sleep on other areas like GRC, Security operations, and Cloud.
2) The Real Reason Some Candidates Get Stuck
The biggest blocker is rarely intelligence or work ethic. It is usually strategy.
I walk through a common pattern I see repeatedly: hardworking candidates doing the right effort in the wrong direction. Small positioning mistakes in learning paths and resumes can quietly eliminate opportunities.
