Back to RoadmapsCybersecurity Engineer
Build expertise in protecting systems, networks, and data from cyber threats with hands-on offensive and defensive security skills
10 milestones in this roadmap
Step 1beginner6-8 weeks
Networking & OS Fundamentals
Master TCP/IP networking, Linux administration, and Windows internals for security
Curriculum
- 1TCP/IP Stack: ARP, IP, TCP, UDP Protocols
- 2DNS Resolution, HTTP/HTTPS & Application Protocols
- 3Linux Administration: Permissions, Processes & Logging
- 4Windows Internals: Active Directory & Group Policy
- 5Network Architecture & Subnetting
Tools & Platforms
WiresharktcpdumpNmapLinux CLIWindows ServerVirtualBox
Step 1beginner6-8 weeks
Networking & OS Fundamentals
Master TCP/IP networking, Linux administration, and Windows internals for security
Curriculum
- 1TCP/IP Stack: ARP, IP, TCP, UDP Protocols
- 2DNS Resolution, HTTP/HTTPS & Application Protocols
- 3Linux Administration: Permissions, Processes & Logging
- 4Windows Internals: Active Directory & Group Policy
- 5Network Architecture & Subnetting
Step 2beginner4-6 weeks
Security Fundamentals
Learn CIA triad, authentication, encryption basics, and threat modeling methodologies
Curriculum
- 1CIA Triad & Defense in Depth Principles
- 2Authentication & Authorization Mechanisms
- 3Encryption Basics: Symmetric & Asymmetric
- 4Hashing Algorithms: SHA-256, bcrypt, Argon2
- 5
Step 3intermediate5-7 weeks
Web Application Security
Identify and remediate OWASP Top 10 vulnerabilities including XSS, SQLi, and CSRF
Curriculum
- 1OWASP Top 10: Injection, XSS, CSRF
- 2SQL Injection: Union, Blind, Error-Based
- 3Cross-Site Scripting: Reflected, Stored & DOM-Based
- 4Content Security Policy & Security Headers
- 5
Step 4intermediate5-7 weeks
Network Security
Implement firewalls, IDS/IPS, VPNs, and network segmentation for defense in depth
Curriculum
- 1Firewall Configuration: iptables, pf & Cloud Security Groups
- 2Intrusion Detection & Prevention: Snort & Suricata
- 3VPN Technologies: IPSec, WireGuard & OpenVPN
- 4Network Segmentation: VLANs, DMZs & Microsegmentation
- 5
Step 5intermediate5-6 weeks
Cryptography
Master symmetric/asymmetric encryption, TLS, PKI, and key management practices
Curriculum
- 1Symmetric Encryption: AES Modes (ECB, CBC, GCM)
- 2Asymmetric Encryption: RSA, ECDSA & EdDSA
- 3TLS 1.3 Handshake & Certificate Chains
- 4Public Key Infrastructure & Certificate Management
- 5
Step 6intermediate6-8 weeks
Cloud Security
Secure cloud infrastructure with IAM, encryption, and cloud-native security controls
Curriculum
- 1IAM Policies: Least Privilege & Role-Based Access
- 2Cloud Network Security: Security Groups & NACLs
- 3Encryption at Rest & In Transit
- 4AWS Security Hub, GuardDuty & Azure Sentinel
- 5
Step 7advanced6-8 weeks
Penetration Testing
Perform ethical hacking with reconnaissance, vulnerability scanning, exploitation, and reporting
Curriculum
- 1Reconnaissance: OSINT & Subdomain Enumeration
- 2Vulnerability Scanning & Service Fingerprinting
- 3Exploitation Techniques & Payload Delivery
- 4Post-Exploitation: Privilege Escalation & Lateral Movement
- 5
Step 8advanced6-8 weeks
Security Operations
Operate SOC with SIEM, incident response, forensics, and threat intelligence
Curriculum
- 1SIEM Deployment: Log Ingestion & Correlation Rules
- 2Incident Response: IR Lifecycle & Playbooks
- 3Digital Forensics: Disk & Memory Analysis
- 4Threat Intelligence: IOCs, TTPs & MITRE ATT&CK
- 5
Step 9advanced5-7 weeks
Compliance & Governance
Implement SOC 2, ISO 27001, GDPR, and NIST security frameworks and compliance programs
Curriculum
- 1SOC 2 Type I & Type II Audit Preparation
- 2ISO 27001 ISMS Implementation
- 3GDPR & HIPAA Compliance Requirements
- 4NIST Cybersecurity Framework & CIS Controls
- 5
Step 10advanced5-7 weeks
DevSecOps & Automation
Integrate security into CI/CD with SAST, DAST, container security, and policy-as-code
Curriculum
- 1SAST: Static Application Security Testing
- 2DAST: Dynamic Application Security Testing
- 3Software Composition Analysis & Dependency Scanning
- 4Container Security: Image Scanning & Runtime Protection
- 5
Ready to start this journey?
Browse our courses and books to begin your learning path.
WiresharktcpdumpNmapLinux CLIWindows ServerVirtualBox
Threat Modeling: STRIDE & DREAD Methodologies
Tools & Platforms
OpenSSLGPGHashcatCyberChefOWASP Threat Dragondraw.io
Step 2beginner4-6 weeks
Security Fundamentals
Learn CIA triad, authentication, encryption basics, and threat modeling methodologies
Curriculum
- 1CIA Triad & Defense in Depth Principles
- 2Authentication & Authorization Mechanisms
- 3Encryption Basics: Symmetric & Asymmetric
- 4Hashing Algorithms: SHA-256, bcrypt, Argon2
- 5Threat Modeling: STRIDE & DREAD Methodologies
Tools & Platforms
OpenSSLGPGHashcatCyberChefOWASP Threat Dragondraw.io
Secure Session Management & Input Validation
Tools & Platforms
Burp SuiteOWASP ZAPSQLMapPostmanBrowser DevToolsDVWA
Step 3intermediate5-7 weeks
Web Application Security
Identify and remediate OWASP Top 10 vulnerabilities including XSS, SQLi, and CSRF
Curriculum
- 1OWASP Top 10: Injection, XSS, CSRF
- 2SQL Injection: Union, Blind, Error-Based
- 3Cross-Site Scripting: Reflected, Stored & DOM-Based
- 4Content Security Policy & Security Headers
- 5Secure Session Management & Input Validation
Tools & Platforms
Burp SuiteOWASP ZAPSQLMapPostmanBrowser DevToolsDVWA
Packet Analysis & Network Forensics
Tools & Platforms
WiresharkSnortSuricatapfSenseWireGuardZeek
Step 4intermediate5-7 weeks
Network Security
Implement firewalls, IDS/IPS, VPNs, and network segmentation for defense in depth
Curriculum
- 1Firewall Configuration: iptables, pf & Cloud Security Groups
- 2Intrusion Detection & Prevention: Snort & Suricata
- 3VPN Technologies: IPSec, WireGuard & OpenVPN
- 4Network Segmentation: VLANs, DMZs & Microsegmentation
- 5Packet Analysis & Network Forensics
Tools & Platforms
WiresharkSnortSuricatapfSenseWireGuardZeek
Key Derivation Functions & Key Management
Tools & Platforms
OpenSSLLet's EncryptVault by HashiCorpcertbotGnuPGage
Step 5intermediate5-6 weeks
Cryptography
Master symmetric/asymmetric encryption, TLS, PKI, and key management practices
Curriculum
- 1Symmetric Encryption: AES Modes (ECB, CBC, GCM)
- 2Asymmetric Encryption: RSA, ECDSA & EdDSA
- 3TLS 1.3 Handshake & Certificate Chains
- 4Public Key Infrastructure & Certificate Management
- 5Key Derivation Functions & Key Management
Tools & Platforms
OpenSSLLet's EncryptVault by HashiCorpcertbotGnuPGage
Multi-Account Security Architecture & SCPs
Tools & Platforms
AWS Security HubAzure SentinelGCP Security Command CenterProwlerScoutSuiteCloudTrail
Step 6intermediate6-8 weeks
Cloud Security
Secure cloud infrastructure with IAM, encryption, and cloud-native security controls
Curriculum
- 1IAM Policies: Least Privilege & Role-Based Access
- 2Cloud Network Security: Security Groups & NACLs
- 3Encryption at Rest & In Transit
- 4AWS Security Hub, GuardDuty & Azure Sentinel
- 5Multi-Account Security Architecture & SCPs
Tools & Platforms
AWS Security HubAzure SentinelGCP Security Command CenterProwlerScoutSuiteCloudTrail
Professional Reporting & Remediation Guidance
Tools & Platforms
Burp Suite ProMetasploitNmapGobusterNucleiHack The Box
Step 7advanced6-8 weeks
Penetration Testing
Perform ethical hacking with reconnaissance, vulnerability scanning, exploitation, and reporting
Curriculum
- 1Reconnaissance: OSINT & Subdomain Enumeration
- 2Vulnerability Scanning & Service Fingerprinting
- 3Exploitation Techniques & Payload Delivery
- 4Post-Exploitation: Privilege Escalation & Lateral Movement
- 5Professional Reporting & Remediation Guidance
Tools & Platforms
Burp Suite ProMetasploitNmapGobusterNucleiHack The Box
Detection Engineering & Alert Triage
Tools & Platforms
SplunkElastic Security (ELK)VelociraptorTheHiveMISPYARA
Step 8advanced6-8 weeks
Security Operations
Operate SOC with SIEM, incident response, forensics, and threat intelligence
Curriculum
- 1SIEM Deployment: Log Ingestion & Correlation Rules
- 2Incident Response: IR Lifecycle & Playbooks
- 3Digital Forensics: Disk & Memory Analysis
- 4Threat Intelligence: IOCs, TTPs & MITRE ATT&CK
- 5Detection Engineering & Alert Triage
Tools & Platforms
SplunkElastic Security (ELK)VelociraptorTheHiveMISPYARA
Risk Assessment & Security Policy Development
Tools & Platforms
VantaDrataOneTrustServiceNow GRCArcherNIST CSF Tool
Step 9advanced5-7 weeks
Compliance & Governance
Implement SOC 2, ISO 27001, GDPR, and NIST security frameworks and compliance programs
Curriculum
- 1SOC 2 Type I & Type II Audit Preparation
- 2ISO 27001 ISMS Implementation
- 3GDPR & HIPAA Compliance Requirements
- 4NIST Cybersecurity Framework & CIS Controls
- 5Risk Assessment & Security Policy Development
Tools & Platforms
VantaDrataOneTrustServiceNow GRCArcherNIST CSF Tool
Policy-as-Code: OPA, Kyverno & Supply Chain Security
Tools & Platforms
SnykSemgrepTrivyOpen Policy Agent (OPA)GitHub Advanced SecurityFalco
Step 10advanced5-7 weeks
DevSecOps & Automation
Integrate security into CI/CD with SAST, DAST, container security, and policy-as-code
Curriculum
- 1SAST: Static Application Security Testing
- 2DAST: Dynamic Application Security Testing
- 3Software Composition Analysis & Dependency Scanning
- 4Container Security: Image Scanning & Runtime Protection
- 5Policy-as-Code: OPA, Kyverno & Supply Chain Security
Tools & Platforms
SnykSemgrepTrivyOpen Policy Agent (OPA)GitHub Advanced SecurityFalco