Hey guys, I want to do a cyber security career. For me it's the most interesting field in CS. How can I get started? Is it worth to do some online courses where you get certifications (asking this because they are kind of pricey). I'm a QA Tester with 1 year of work experience, don't know if I should just apply to jobs or acquire skills/certificates first. Thanks for all the incoming answers. :D

Do you want to be a pen tester/security analyst or do you want to do security research?

Security analyst

@CamelCase001 It's mostly about the mindset, I'd say.

I've had a cybersecurity/privacy (they often go hand in hand) mindset since about 10 years ago.

With every device I see, every project I do (and so on) it's always about security and privacy for me.

And this is how I got hired as a junior cyber security engineer! I have zero certifications but loads of technical/security knowledge.

Feel free to ask me questions!

There are cybersecurity courses from Maryland on coursera or edx, but they are fine just to get you to know the area.

But becoming the real cs guy takes much more. You basically should become a great developer, but instead of learning patterns and architecture you should turn on to a different road and learn the quirks.

On top of that, C and some asm, network protocols, SQL and other dbms syntaxes, js and web standards are necessary.

Good luck

As a security analyst you need to like breaking things and be creative about ways to do that.
A security mindset alone isn't enough.
But if you only have the latter, jojn the defense. Every exploitable flaw that isn't created, doesn't need to be found and fixed.