Breaking Into Cybersecurity With No Experience: My Realistic Roadmap

When I decided to move into cybersecurity I had a VU bachelor degree in IT, no prior security job, and a list of questions I had no idea how to answer: What do I study first? Which certs actually matter? How do I get hands-on experience without a job to get experience in?

This is the roadmap I built — not what I wish I'd done, but what I actually did over roughly 18 months to reach the point of applying for entry-level SOC and security analyst roles in Melbourne.

Phase 1 — Build the Foundation (Months 1–3)

Start with networking. You cannot understand firewall rules, intrusion detection, or lateral movement without understanding TCP/IP, DNS, DHCP, and routing. Professor Messer's CompTIA Network+ course is free on YouTube and covers everything you need — you do not have to sit the exam, but watch the content.

Then move straight to CompTIA Security+ (SY0-701). This is your first credential and your entry ticket to ATS systems on job boards. My 10-week Security+ study plan covers the full approach. Budget AUD $370 for the exam.

Phase 2 — Get Hands-On (Months 3–7)

TryHackMe

TryHackMe (AUD $14/month) is the most beginner-friendly hands-on platform. Start with the SOC Level 1 learning path — it covers log analysis, SIEM, phishing analysis, network traffic analysis, and basic incident response. Complete it. Your profile becomes a public portfolio piece showing 100+ hours of practical work.

Build Your Homelab

Set up a VirtualBox multi-VM lab and install Wazuh as your SIEM. Run attack scenarios from Kali Linux against Metasploitable and watch the alerts fire. This single setup teaches you more than any course can.

Document Everything on GitHub

Every lab scenario produces a write-up. Post it on GitHub with a proper README. Your GitHub profile is the second thing hiring managers check after LinkedIn — make it look active. Three well-documented projects beat 10 certificates listed on a resume.

Phase 3 — Deepen and Specialise (Months 7–12)

Pick a Direction

At this point you should have a sense of what interests you most. The three main entry-level paths in Melbourne:

• SOC Analyst → CompTIA CySA+ or SC-200 (Microsoft Sentinel)
• Penetration Testing → PNPT (TCM Security, AUD ~$500 including exam) or eJPT (eLearnSecurity, AUD ~$200)
• GRC / Risk → ISO 27001 Lead Implementer or CISM (longer path, better suited after first job)

Intermediate Projects Worth Building

• Automate a network scanner with Python (walkthrough here)
• Write a custom Wazuh detection rule and document the alert lifecycle
• Complete a TryHackMe CTF room and publish the writeup
• Set up a honeypot (OpenCanary is free) and analyse the traffic it attracts

Phase 4 — Apply Strategically (Months 12–18)

Your Resume

Keep it to one page. Structure: Summary → Certifications → Skills → Projects → Education. Do not put "Seeking entry-level role" — that signals insecurity. Write "SOC Analyst | Security+ Certified | Wazuh | Splunk | Python" as your headline.

LinkedIn Optimisation

• Headline: SOC Analyst | CompTIA Security+ | Wazuh · Splunk · Python | Melbourne
• About section: lead with what you can do, not where you are in your career
• Post about your projects monthly — even 3 sentences about what you built. Recruiters see this.
• Connect with every Melbourne MSSP employee you find — CyberCX, Tesserent, Trustwave, Ankura

Where to Apply

See the full Melbourne job search breakdown in my entry-level SOC jobs in Australia guide.

What I Would Tell Myself at the Start

• Labs beat courses. One hour in a real Wazuh SIEM teaches more than four hours of video content.
• Write everything down. Your notes become blog posts. Your blog posts become portfolio. Your portfolio gets you interviews.
• The Australian cyber community is small. Two connections on LinkedIn can reach almost any Melbourne employer. Be visible and genuine.
• Apply before you feel ready. You will never feel ready. Apply anyway at month 12 and let the interview process show you what gaps to fill.