What I Learned in My First Year in Cybersecurity


Finding focus, tuning out the noise, and actually making progress
When I first started my cybersecurity journey, I did what most beginners do: I tried to learn everything at once.
YouTube videos? Watched them.
Free courses? Collected them.
Cybersecurity Twitter, Reddit, Discord, and blogs? I was everywhere.
Along the way, I earned some strong certifications:
ISC2 Certified in Cybersecurity (CC)
Cisco CyberOps Associate
Google Cybersecurity Certificate
Microsoft Cybersecurity Analyst Certificate
That looked good on paper, but I didn’t feel like I had a clear direction. I was learning in fragments. One day it was Linux, the next it was phishing emails, then something about malware. It felt like I was moving, but not moving forward
Lesson 1: You Need Structure
What changed everything for me was structured learning. Platforms like TryHackMe and LetsDefend.io gave me a roadmap to follow. I stopped jumping between topics and started focusing on what actually matters in a security role.
I built hands-on experience in things like:
Alert triage
Threat intelligence
MITRE ATT&CK
Email and malware analysis
Network traffic review
SIEM investigations
Tools like Wireshark, VirusTotal, and Any.run
Lesson 2: Tune Out the Noise
There's so much content out there. Everyone has an opinion on what you must learn or what certification is best.
But trying to follow every opinion will only slow you down.
I made real progress when I started asking myself, “Will this skill help me land or succeed in an L1 SOC role?” If it didn’t, I put it on the back burner. That decision helped me go from overwhelmed to focused.
Lesson 3: Document Your Journey
This blog is one of the best things I’ve done for myself.
I didn’t start writing because I had everything figured out. I started because I wanted to track my growth and maybe help someone else who’s navigating the same space.
Writing helps me reflect and retain what I learn. It also shows potential employers that I’m not just studying, I’m applying and growing.
Final Thoughts
Cybersecurity is not a race. It's about consistency, clarity, and curiosity.
If you’re just getting started, don’t stress about knowing everything. Pick a path, find structure, and stay curious. That’s how you grow.
If any part of this connects with your own journey, let’s connect. I’m always learning, building, and sharing — and who knows, it might help someone else too.
Follow my journey, connect with me on LinkedIn, and let’s grow together
Subscribe to my newsletter
Read articles from Mathew Joseph directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by

Mathew Joseph
Mathew Joseph
I’m Mathew, a cybersecurity enthusiast on a mission to grow into a top-tier SOC analyst. Here I share what I’m learning, practicing, and discovering as I build my career step by step.