What I Learned in My First Year in Cybersecurity

Mathew JosephMathew Joseph
2 min read

Finding focus, tuning out the noise, and actually making progress

When I first started my cybersecurity journey, I did what most beginners do: I tried to learn everything at once.

YouTube videos? Watched them.
Free courses? Collected them.
Cybersecurity Twitter, Reddit, Discord, and blogs? I was everywhere.

Along the way, I earned some strong certifications:

  • ISC2 Certified in Cybersecurity (CC)

  • Cisco CyberOps Associate

  • Google Cybersecurity Certificate

  • Microsoft Cybersecurity Analyst Certificate

That looked good on paper, but I didn’t feel like I had a clear direction. I was learning in fragments. One day it was Linux, the next it was phishing emails, then something about malware. It felt like I was moving, but not moving forward

Lesson 1: You Need Structure

What changed everything for me was structured learning. Platforms like TryHackMe and LetsDefend.io gave me a roadmap to follow. I stopped jumping between topics and started focusing on what actually matters in a security role.

I built hands-on experience in things like:

  • Alert triage

  • Threat intelligence

  • MITRE ATT&CK

  • Email and malware analysis

  • Network traffic review

  • SIEM investigations

  • Tools like Wireshark, VirusTotal, and Any.run

Lesson 2: Tune Out the Noise

There's so much content out there. Everyone has an opinion on what you must learn or what certification is best.

But trying to follow every opinion will only slow you down.

I made real progress when I started asking myself, “Will this skill help me land or succeed in an L1 SOC role?” If it didn’t, I put it on the back burner. That decision helped me go from overwhelmed to focused.

Lesson 3: Document Your Journey

This blog is one of the best things I’ve done for myself.

I didn’t start writing because I had everything figured out. I started because I wanted to track my growth and maybe help someone else who’s navigating the same space.

Writing helps me reflect and retain what I learn. It also shows potential employers that I’m not just studying, I’m applying and growing.

Final Thoughts

Cybersecurity is not a race. It's about consistency, clarity, and curiosity.

If you’re just getting started, don’t stress about knowing everything. Pick a path, find structure, and stay curious. That’s how you grow.

If any part of this connects with your own journey, let’s connect. I’m always learning, building, and sharing — and who knows, it might help someone else too.

Follow my journey, connect with me on LinkedIn, and let’s grow together

0
Subscribe to my newsletter

Read articles from Mathew Joseph directly inside your inbox. Subscribe to the newsletter, and don't miss out.

#cybersecuritylearning#cybersecurityinfosecSOC Analysttryhackme#LetsDefendblueteam#LearningPath

Written by

Mathew Joseph
Mathew Joseph

I’m Mathew, a cybersecurity enthusiast on a mission to grow into a top-tier SOC analyst. Here I share what I’m learning, practicing, and discovering as I build my career step by step.