It is important to mention that you do “NOT” need a college degree to land a job in Cybersecurity or IT for the US Federal Government. What you do need is the ability to demonstrate that you have the necessary experience to work in a Cybersecurity job.

What does help and will always give you preference for men and woman strong and disciplined enough and willing to serve in US military service:

US Navy

US Marine Corps

US Army

US Coast Guard

US Space Force

US Air Force

Perks is why I joined in 2001:
100% Tuition for college (Graduate 100% Debt Free)
0% Down Payment on Houses (Entire US + Territories)
100% Free Healthcare for myself + my family and dependants
30 Days Paid Vacation
Paid Housing
Free Global Travel (ROFL)
Enlistment Bonuses ($$ Varies by Branch of Service)
Priority in Hiring for US Gov and US Employer Jobs

One thing I will mention for Green card holders or permanent residents, from what I have heard from other immigrants. Military service is the fastest path to US Citizenship.

I am NOT a recruiter, I am just speaking about my own personal experience as a US Navy Veteran and I do not speak on behalf of the US Government or any US military branches of service. This is a 100% personal opinion.

The 1st place you look before you jump into any IT or Cybersecurity training program (if your looking at possibly working for the US Government as a Civilian Employee or a Government Contractor (FYI: The US Federal Government is the largest employer in the US).

DOD Cyber Exchange (Public) (DOD Instruction 8570 is being phased out):

https://public.cyber.mil/wid/dod8140/dod-approved-8570-baseline-certifications/

(How to Read These Specifications. Please keep in mind, these are the “minimum” requirements. You can and should try to exceed the bare minimums).

Beginner (Newbie): IAT Level I, IAM Level I, IASAE I, CSSP Analyst, CSSP Auditor

JourneyMan (Mid Career): IAT Level II, IAM Level II, IASAE II, CSSP Infrastructure Support, CSSP Manager

Advanced (Management): IAT Level III, IAM Level III, IASAE III, CSSP Incident Responder

US Department of Defence Recognized Vendors
Cisco
CompTIA (Computing Technology Industry Association)
EC-Council
ISC2 (nternational Information Systems Security Certifications Consortium)
ISACA (Information Systems Audit and Control Association)
GIAC (Global Information Assurance Certification)

This means as a baseline. You will need to look at any of the following Cybersecurity Certifications as a baseline start to your career.

Cisco CCNA

ECCouncil CEH

ISC2 SSCP

ISC2 CCSP

ISC2 CISSP (Most Recognized Management Cyber Certification Worldwide)

CompTIA Security+ CE (CE = Continous Education Required)

CertNexus CFR

CompTIA CySA+

Free basic training (so that you do not have to go through many 3rd party providers) can be found here through CISA.

https://fedvte.usalearning.gov/

DOD Directive 8140.03 (New) will start being required in 2025 and mandatory in 2026.

DOD 8140.03

For many years, the US Cybersecurity industry followed the DOD (Department of Defence) Baseline Instruction of 8570. If you are looking to join or are currently in the federal workforce. You will need to comply and become eligible for the Cybersecurity Workforce Directive DOD 8140.03 by the following dates:

• February 15, 2025 the DoD will require civilian employees and military service members in DCWF work roles under the cybersecurity workforce element to be qualified in accordance with DoDM 8140.03.

• February 15, 2026 all DoD civilian employees and military service members in DCWF work roles under the cyberspace IT, cyberspace effects, intelligence (cyberspace), and cyberspace enabler workforce elements qualified in accordance with DoDM 8140.03.

• The major shift from DOD 8570 to DOD 8140.03 moves away from the stiff reliance on specific IT certifications as a qualifier and moves to a workforce that is practical, hands-on and can demonstrate their capabilities. IT Certifications alone as no longer the primary identifier for any workforce roles. That being said, a combination of experience, IT certifications and demonstration of capability (e.g. industry participation, online teaching, community impact, etc) will help to make sure you land the job of your dreams.

IT Certifications for the following Certifications are NOT recognized officially in any DOD Workforce or NIST instructions by the US Federal Government or Department of Defense.

This does not mean that the certifications themselves are not valuable and great knowledge and learning or experience. It just means that if you are actually looking for immediate employment in areas with a high DOD or US Federal Government or US Gov Contracting workforce are, you should do any of these certifications “after” you have the one’s that are in high demand. They will help with demonstration of capability and experience that is practical versus theorectical book knowledge and multiple-choice online exams:

TCM Certifications:

PJPT, PNPT, PCRP, PJMR, PJMT, PJWG, PWPT, PJOR, PJIT

Offensive Security Certifications:

OSCP, OSCE, OWSE, OSWP, OSEE, PWK, AWAE, CTP, AWE

Security Blue Team Certifications:

BTL1, BTL2, CSOM

There are an endless amount of 3rd party Security Vendors who have their own Cybersecurity programs and their associated Certifications:

Qualys, Splunk, Dynatrace, Microsoft, Google, Amazon, Crowdstrike, Sentilone, Rapid7, Tanium, Fortinet, etc…there are just too many to name. Don’t bother learning what you do not work on daily. It’s just too complicated and too much. If you don’t need it for your job. Ignore it. You do not need to do what everyone else is doing just because.

The top IT Cybersecurity Certifications that were the most in demand and asked for by cybersecurity jobs by recruiters when I was doing a recent job search as of July 2024 across hundreds of companies and company recruiters (i.e. not 3rd party hustling recruiters):

CompTIA Security+ CE (CE = Continous Education Required)

ECCouncil CEH

ISC2 CCSP

ISC2 CISSP (Most Recognized Management Cyber Certification Worldwide)

The top 2 Linux Certifications that was the most recognized also by these same recruiters:

RHCSA: Red Hat Certified Systems Administrator

LFCSA: Linux Foundation Certified Systems Administrator

What is the #1 Way to Apply for GovTech Jobs?

Apply direct!!! Do not apply through 3rd parties if you are applying for a US Federal Government contractor job. If are applying to the US Federal Government directly as a federal civilian. There is only one (1) way to apply and that is through this website:

https://www.usajobs.gov

(How to Apply = YouTube Shea’s Tech US GovTech Direct)

If you have absolutely no IT Experience and no Cybersecurity Experience. Start with this process to get a running jump:

1. Google Cybersecurity Certificate

2. ISC2 CC Certification

3. CompTIA Security+

4. Build out your LinkedIn Profile

5. Launch a website with your portfolio and stuff you have done. Launch a blog or newsletter on LinkedIn and be consistent. Launch a YouTube channel to build the following. Make yourself look valuable!!

6. Keep going!