I’m super excited to share my latest Cyber Chat with Day Johnson - a Cybersecurity Engineer and Content Creator.

Day and I sat down this past week and dove into his journey in cybersecurity, his path from beginner to established professional, how he built his online business, and more.

Since we’ve both specialized in Detection and Incident Response, it was great to see how our experiences compared and hear his perspective on the industry.

Here’s my conversation with Day.

Who are you and what do you do?

I’m Day, a cybersecurity engineer with a passion for protecting people and businesses online. The core of what I do as a professional has mostly spanned detection, response, and security operations - what you would call the “blue team” side of cybersecurity.

I started working in the SOC doing tier one and tier two investigations before pivoting into detection engineering for cloud environments and SaaS platforms.

Currently, I’m working at Amazon, where I have had a few different responsibilities. My first year, I started with incident response because I wanted to get more experience. Now, I’m working on building a team that works multiple verticals involving threat hunting, intelligence, and adversary emulation to validate our detection, response, and security controls.

On the side, I create content on YouTube and other media platforms, where I share my journey as I navigate the industry. Cybersecurity is such a large field with so many things that no one really talks about. Part of my goal is to demystify that and show people my journey–how I’m improving myself and what I’m learning–then finding creative ways to educate people.

At the core, I’m just someone with a passion for cybersecurity and making sure the people behind technology are actually protected. Because that’s really what cybersecurity comes down to, no matter where you’re working or what you’re doing, cybersecurity is about protecting the people behind the systems.

How did you get into cybersecurity?

For me, it was a couple of different things.

I initially got introduced to cybersecurity in high school. Back then, I was living in Virginia, and I had a teacher who got a grant from Cisco to teach the Cisco CyberOps curriculum.

She turned that into a cybersecurity club, where we would go through the content and just learn about different topics. But I wasn't in Virginia long because I had to move down to Texas. So I wasn’t able to continue the course because I didn’t have access anymore.

Instead, I started binge-watching cybersecurity content on YouTube. That's when I found out about John Hammond, Network Chuck, The Cyber Mentor–all the big ones–and those solidified my interest.

After I graduated high school, I took a gap year before going to college because I was trying to figure out exactly what I wanted to do. I didn't know if I wanted to do software engineering, cybersecurity, or something entirely different.

Over the course of that time, I started exploring different things. And I was like, you know what? I think I'm going to really stick to this cybersecurity thing.

That led me to majoring in cybersecurity my freshman year of college. But, when I got to college, my perspective on a lot of things changed. I realized that college is great, but it's really about how you apply what you're learning. A lot of it is theoretical and doesn't really align with where the industry is today.

So I started to learn things on my own. I built out labs, worked on certifications, and really tried to learn the skills that I needed to get a job.

After getting my first couple of certifications, I landed my first cybersecurity internship before the end of my freshman year of college. And that just springboarded my career into working full-time.

But while I was working and pursuing my bachelors degree at WGU, I ended up changing my major five times. I switched to network engineering, to cybersecurity, to cloud computing, then back to cybersecurity, and finally ended up majoring in information technology.

How do you balance your day-to-day with a full-time job and business as a creator?

When I first started, I was very structured - I had a lot of systems and processes in place that helped me keep on track.

But when I joined Amazon, I quickly realized I’m doing five things at once. Compared to my other roles where I had a lot more mental bandwidth to balance things, I don’t have nearly as much anymore.

I ended up switching from this very structured routine to a more flexible structure where I have pockets of time that are focused on very specific things, and I can move those time blocks around as needed.

In the mornings when I wake up, I try to focus on administrative tasks and getting a workout in. Then I get ready and head to work because I’m in the office now. The middle of the day is completely focused on Amazon, but when I get back home, I work on other things like content, newsletter, my community - whatever other tasks I need to get done for my business.

But even with that structure, I give myself a lot of flexibility just because I know that if I'm super rigid it might stifle my creativity. So, I like having systems and processes that can fit into any routine because I think if your routine is too rigid, if anything happens, it falls apart.

Tell us about your tech stack, both for your day job and your business.

Amazon uses a lot of super niche, internally developed tools because they like to build a lot of things for themselves. It is pretty common knowledge that we use Splunk, but a majority of the tooling is very Amazon-specific.

My personal stack for running my business, content, and community is a combination of different things.

I love and use Route 53 in AWS for DNS.

Discord is great for my Cyberwox Community - we have almost 6,000 members at the moment, and they have a bunch of cool plugins and integrations that help with automation.

Notion is really my second brain, it’s the glue between all of my endeavors. I put all of my tasks and work in Notion to organize myself and stay structured. Even my newsletters, before I put them in Substack, I outline and structure them in Notion.

LinkedIn is great as a high-level funnel for other platforms, professional connections, and community. I have my personal profile and also my Cyberwox Academy page.

I've recently been using Buffer for scheduling posts across LinkedIn, Twitter, X, and Threads, which helps reduce the cognitive load of managing each platform.

Then, of course, YouTube for my video content.

- Today’s Sponsor -

Cyberwox Academy is an online cybersecurity community that fosters learning, networking, andcollaboration among cybersecurity students, professionals, and enthusiasts. Join the premier community to explore various career resources, or engage in activities, groups, and events that will help you acquire new skills and advance your cybersecurity career within a supportive environment. Check out the Cyberwox Academy today!

Join the Community

Tell us more about Cyberwox - How did it start and evolve into what it is today?

Cyberwox is my brand around my content creation, mainly my YouTube channel, podcast, and newsletter.

It started from wanting to create a resource that I wish I had when I started my journey.

There's a ton of cybersecurity communities out there, and I'm in a lot of these discords myself, but they're huge - sometimes 500,000 people in there.

So I thought, what if I just created something smaller where people feel like they have more of a tight knit community? With a lot of larger communities, you have a lot of really skilled professionals in there - which is great to have those people in the community, but I think people earlier in their career can feel judged about asking questions.

The beautiful thing about it has been the camaraderie. Just thinking about myself, I was just still this 19 year old college kid still figuring things out, I wanted to create a community of people on the same level where they could grow together. There are people that just want to be part of the community and feel like they're part of it as well.

One of my goals this year is to do a community meet up where we can all talk and get to meet each other in person.

I also want to partner with other companies and organizations who might want to hire from the community, help the folks that want to learn get access to training resources to help them grow in their careers, or might have a valuable product to show. But I try to do that in a non-corporate marketing way and more with a practitioner’s perspective, where I promote products I actually believe in.

Beyond that, I have my Cyberwox Academy. I started this after noticing that everyone talks about getting that entry-level job. But how do you go from entry-level to mid-level? What about mid-level to senior? And senior to staff? There's a lot of content out there about getting into the industry, but there's not much about thriving and growing in it. I really want to hone down and show the path as I traverse it.

But Cyberwox is really the combination of it all. Content, education, partnerships, and community.

What resources have been most influential for you in your career?

Primarily YouTube, which I consume way too much of as a YouTuber myself, but also newsletters - especially since I discovered Substack. I subscribe to a bunch.

Detection Engineering Weekly is a great one by my former director at Datadog, Zach Allen.

I’m also interested in cybersecurity from a business perspective too, like M&As, investments, and scaling products, so I follow The Cybersecurity Pulse by one of my former coworkers, Darwin Salazar.

Another is Venture in Security by Ross, which goes into cybersecurity from a business and venture perspective.

There’s also a podcast, Inside the Network, where they talk with different security founders and business leaders on how they built their businesses, but I primarily focus on newsletters.

The great thing about Substack is you can also listen to the newsletters, which helps me consume whether I can read at that moment or not.

I ingest the Hacker News feed into my discord, so I get to read a lot of those articles as well. I also keep an eye out for reports from companies like Google, OpenAI, Mandiant, CrowdStrike, Sysdig - those companies release threat reports often.

And then just keeping a pulse for LinkedIn and X posts every now and then.

What do you have on your roadmap this year for your personal development?

Sometime later this year, I am planning to go back to WGU for an accelerated bachelor's and master's program in computer science.

That's probably going to be my focus for the next two, three years, but also working on growing in my current role and getting promoted there.

On the Cyberwox side, I’m looking to scale Cyberwox Academy behind the scenes, and write a lot more on my newsletter.

What advice do you have for beginners or aspiring Cybersecurity professionals?

You have to be in it for the long run. It's very easy to get so short-sighted thinking, “Oh, I've been doing this for the last three or six months, it's not working. I can't get in.” Maybe even longer.

But when you get so blindsided and discouraged like that, you lose sight of the possibilities that come from a 15, 20, 30 year career that comes after that learning curve.

Those three years will be worth it when you look back in 10 years.

I think this also ties into mental resilience. If you have the mindset of “I'm in this for the long term. Whatever it takes for me to get in, however long it takes” and you channel that to focus on building your skill set, what you get out of it is going to be so useful for you long-term in your career.

Optimism also goes a long way, especially in a world environment that's overly pessimistic. An optimistic perspective helps a lot when you realize that not everything is going to go your way.

It's hard to be in this field. There's going to be a lot of hard things you have to do. You're not always going to pass the certification, you won’t always get that promotion, you may not get selected for that job. And if you’re constantly pessimistic, you’re probably not going to end up fulfilled.

Personally, I want to have a fulfilling career and I think most people do too. This is what you do for a large majority of your life - 40 hours a week, every week. An optimistic perspective has a better chance to help you figure out how to make it fulfilling over a pessimistic one.

On the technical side, do whatever it takes to be the best candidate possible. Especially when you're trying to get in, it could mean experimenting with labs, building projects, studying for certifications, networking with people. Definitely make sure to have some structure to what you’re doing, but be prepared to do whatever it takes.

Work on your soft skills as well. A lot of people are great on the technical side, but if you don't know how to communicate your ideas to people, you're more than likely not going to get a job. Behavioral skills definitely make a difference because ultimately, you're going to be working with people.

And of course, just continue to learn. Find people who have more experience to get a different perspective and consume their cybersecurity content.

All the things combined will certainly help out a lot.

Where can we find you?

Twitter | YouTube | Discord | LinkedIn | Substack | Instagram | Threads | TikTok | Cyberwox Academy | Cyberwox Academy YouTube

Securely Yours,

Ryan G. Cox

Just a heads up, The Cybersec Cafe's got a pretty cool weekly cadence.

Every week, expect to dive into the hacker’s mindset in our Methodology Walkthroughs or explore Deep Dive articles on various cybersecurity topics.

. . .

Oh, and if you want even more content and updates, hop over to Ryan G. Cox on Twitter/X or my Website. Can't wait to keep sharing and learning together!