CybersecurityCybersecurity Learning Roadmap from Zero in 2026
A practical roadmap to learn cybersecurity from scratch in 12 months with required skills, certifications, free resources, and expected salaries in the Gulf region
What you will learn
- You will get a detailed 12-month learning plan starting from zero
- You will know the skills and certifications required for each stage
- You will discover the best free resources for every skill
Companies spend billions of dollars annually on cybersecurity — yet 3.5 million jobs remain unfilled worldwide because there is nobody to fill them. This is not a problem — it is your opportunity.
You do not need a computer science degree. You do not need prior experience. All you need is 12 months of structured learning and two hours a day. This roadmap takes you from absolute zero to a level that qualifies you for employment.
Why Is Cybersecurity the Best Career to Enter Right Now?
Cybersecurity offers three things that rarely come together: massive demand, high salaries, and long-term job stability. The talent gap widens every year instead of shrinking, meaning anyone entering the field today has a competitive edge for years to come.
According to the (ISC)² 2025 report, the cybersecurity workforce gap grew by 12.6% compared to the previous year — despite thousands of new specialists entering every year.
Expected Salaries by Level
| Level | Global ($/year) | Saudi Arabia (SAR/month) | UAE (AED/month) |
|---|---|---|---|
| Entry (0-1 year) | $50,000-$65,000 | 10,000-16,000 | 12,000-20,000 |
| Mid (2-4 years) | $75,000-$110,000 | 18,000-30,000 | 22,000-40,000 |
| Expert (5+ years) | $110,000-$160,000 | 30,000-55,000 | 40,000-75,000 |
To learn more about starting your career, read How to Start Your Cybersecurity Career. For field fundamentals, begin with Cybersecurity Fundamentals.
This roadmap is designed for absolute beginners — it assumes no prior knowledge of networking, programming, or operating systems. Each stage builds on the previous one.
What Do You Learn in Phase 1: Foundations (Months 1-3)?
The foundation phase builds the skills everything else rests on. Without a solid understanding of networking and Linux, you cannot advance in any security specialization — these are not optional prerequisites but the actual language of the field.
Month 1: Networking
Networking is the language of cybersecurity. Every attack and every defense travels through the network. You need to understand how devices communicate and how data moves.
What you will learn:
- The OSI model and its seven layers
- TCP/IP, UDP, DNS, HTTP/HTTPS protocols
- IP addresses, Subnetting, NAT
- Network devices: Router, Switch, Firewall
Free resources:
- Professor Messer CompTIA Network+ course (YouTube — completely free)
- subnetting.org for Subnetting practice
Month 2: Linux
Linux is the primary operating system in cybersecurity. Most servers run Linux, and most security tools are designed for it.
What you will learn:
- Command line (Terminal): ls, cd, cat, grep, chmod
- User and permission management
- Process and service management
- Writing simple Bash scripts
Free resources:
- linuxjourney.com (free and well-organized)
- OverTheWire: Bandit challenge (hands-on interactive learning)
Here is a script to set up your learning environment:
#!/bin/bash
# Setting up a cybersecurity learning environment on Ubuntu/Kali
echo "=== Setting up learning environment ==="
# Update the system
sudo apt update && sudo apt upgrade -y
# Networking tools
sudo apt install -y nmap wireshark tcpdump netcat-openbsd curl wget
# Analysis tools
sudo apt install -y python3 python3-pip git vim tmux
# Basic security tools
sudo apt install -y john hashcat hydra nikto dirb
# Verification
echo "--- Verifying installation ---"
for tool in nmap wireshark python3 git john; do
if command -v $tool &> /dev/null; then
echo "[✓] $tool installed"
else
echo "[✗] $tool not found"
fi
done
echo "=== Environment ready! ==="
Month 3: Security Basics + Python
What you will learn:
- The CIA triad (Confidentiality, Integrity, Availability)
- Attack types: Phishing, Malware, DDoS, SQL Injection
- Basic encryption principles
- Python basics for cybersecurity
According to CompTIA's report, 78% of security professionals use Python daily to automate security tasks.
Do not try to learn Python deeply at this stage — learn the basics only: variables, loops, conditionals, lists, and file handling. You will go deeper later when you need to build security tools.
What Does Phase 2: Specialization (Months 4-8) Look Like?
After building the foundations, it is time to dive into cybersecurity specializations. Choose one path and focus on it.
Path 1: Penetration Testing
This path suits you if you enjoy offensive thinking — how hackers break into systems and how to discover vulnerabilities before them.
Months 4-5: Learn Reconnaissance and system scanning
- TryHackMe platform: Pre Security path then Jr Penetration Tester
- Tools: Nmap, Gobuster, Burp Suite
Months 6-7: Learn Exploitation
- Hack The Box platform: easy machines first
- Tools: Metasploit, SQLmap, ffuf
Month 8: Reporting and documentation — a skill beginners overlook but employers value highly
Path 2: Defense and Monitoring (SOC Analyst)
This path suits you if you prefer protection and monitoring — how to detect attacks and respond to them.
Months 4-5: Log Analysis and SIEM systems
- Learn Splunk (free for education)
- Analyze Windows and Linux logs
Months 6-7: Incident Response
- Learn basic malware analysis
- Tools: Volatility, YARA Rules
Month 8: Automating security tasks with Python and Bash
How Do You Get Certified and Find a Job in Phase 3 (Months 9-12)?
Months 9-10: CompTIA Security+ Certification
Security+ is the most important certification for entering the job market. 72% of job postings in the Gulf region require it.
- Exam cost: $404
- Preparation time: two months (after completing previous phases)
- Pass rate: 80-85% for those who completed the phases above
For details on other certifications, read Top 5 Cybersecurity Certifications for Beginners.
Month 11: Build Your Portfolio
- Create a GitHub account and share your tools and scripts
- Write write-ups for TryHackMe and Hack The Box challenges
- Start a technical blog explaining what you have learned
Month 12: Apply for Jobs
Common entry-level positions:
- SOC Analyst (Security Operations Center Analyst)
- Junior Penetration Tester
- Security Analyst
- IT Security Administrator
Do not wait until you feel "100% ready" — that will never happen. Start applying after earning Security+ and having 2-3 projects on GitHub. Companies know that juniors learn on the job.
What Is the Complete Learning Timeline?
| Month | Focus | Goal | Resource |
|---|---|---|---|
| 1 | Networking | CompTIA Network+ | Professor Messer (YouTube) |
| 2 | Linux | Command line + permissions | linuxjourney.com + OverTheWire |
| 3 | Security + Python | CIA + attack types + Python basics | TryHackMe Pre Security |
| 4-5 | Specialization (offense/defense) | Recon and scanning | TryHackMe / Splunk |
| 6-7 | Specialization (advanced) | Exploitation / analysis | Hack The Box / YARA |
| 8 | Documentation and automation | Reports + Python | Personal projects |
| 9-10 | Security+ certification | Pass the exam | Professor Messer + CertMaster |
| 11 | Portfolio | GitHub + blog | Write-ups + tools |
| 12 | Employment | Apply for jobs | LinkedIn + Indeed |
؟Do I need a computer science degree to enter cybersecurity?
No. Many successful cybersecurity professionals come from non-technical backgrounds — including former teachers, accountants, and military personnel. What matters are certifications, demonstrable skills, and a portfolio. CompTIA Security+ combined with TryHackMe and HackTheBox achievements is often more compelling to hiring managers than a degree without practical experience. The Google Cybersecurity Certificate was specifically designed as a degree alternative for career changers.
؟How many hours per day should I study to follow this roadmap?
Two hours daily is the recommended minimum. At this pace, the 12-month roadmap is realistic. If you can dedicate three to four hours daily, you can compress it to eight or nine months. The most important thing is consistency — one hour every day beats ten hours on Saturday only. Use weekend time for hands-on labs and TryHackMe challenges where longer sessions are more productive.
؟Should I choose penetration testing or SOC analysis as my specialization?
Penetration testing suits you if you enjoy figuring out how things break, puzzles, and creative problem-solving — and you are comfortable with uncertainty and open-ended challenges. SOC analysis suits you if you prefer systematic monitoring, pattern recognition, and responding to structured incidents. Entry-level SOC analyst positions are more abundant than junior penetration tester roles, making SOC the lower-friction path to a first job. Many professionals start in SOC and transition to offensive security after gaining experience.
؟What is the cheapest way to complete this roadmap?
Most resources in this roadmap are free. TryHackMe has a free tier sufficient for the Pre Security and Jr Penetration Tester paths. Professor Messer's Network+ and Security+ courses are completely free on YouTube. LinuxJourney.com and OverTheWire are free. The main costs are the Security+ exam ($404) and optionally TryHackMe Premium ($14/month). The total cost of following this roadmap can be under $500 — significantly less than any bootcamp or degree program.
؟How do I build a cybersecurity portfolio with no professional experience?
Document everything on GitHub: your TryHackMe write-ups, HackTheBox solutions, custom security scripts, and lab reports. Start a technical blog and write about what you are learning — teaching forces you to understand deeply and makes your knowledge searchable. Contribute to open-source security tools. Participate in Capture the Flag (CTF) competitions and document your approach. By month 12, you will have a GitHub profile demonstrating consistent learning and real technical ability that any hiring manager can verify.
؟What is the fastest path to a first cybersecurity job?
The fastest path combines the ISC2 CC (free certification, 1-2 months), TryHackMe Pre Security path (free, 1 month), and CompTIA Security+ (2-3 months preparation). In parallel, document your learning on GitHub and write-ups. With these three completed, you are ready to apply for junior SOC analyst and security administrator roles — typically 4-6 months from absolute zero. The speed depends entirely on consistency. Also see our guide on best cybersecurity certifications for beginners for the optimal certification order.
؟Is Python necessary for cybersecurity?
Python is the most valuable programming language in cybersecurity but you do not need to master it before starting. Basic Python — variables, loops, conditionals, file handling, and simple scripts — is sufficient for the first year. You will use it to automate repetitive tasks, write simple scanning tools, and analyze security data. Bash scripting is equally important for Linux automation. Advanced programming knowledge becomes more critical if you specialize in malware analysis, exploit development, or security tool creation.
؟How do I stay updated with cybersecurity developments after completing the roadmap?
Follow the SANS Internet Stormcast (daily 5-minute podcast), read Krebs on Security and Bleeping Computer for threat news, and join cybersecurity communities on Reddit and Discord. Subscribe to the CISA weekly advisories for critical vulnerability alerts. Follow CTF competitions even as a spectator — reading writeups from more advanced players accelerates your own learning. Set aside 15 minutes daily for security news, and budget 2-3 hours per month for exploring new tools and techniques beyond your current specialization.
What Is Your First Step?
Do not let this roadmap overwhelm you — the journey starts with a single step. Sign up for TryHackMe today (free) and complete your first learning room. It takes only 30 minutes — and you will know immediately whether this field is right for you.
Sources & References
Related Tools
Related Articles
How to Start a Cybersecurity Career from Scratch in 2026
3.5 million unfilled cybersecurity jobs worldwide. A complete practical guide to starting from zero: 12-month roadmap, required skills, certifications, and expected salaries
Top IT Certifications in 2026: Most In-Demand & Highest Paying
Discover the most valuable IT certifications in 2026 from CompTIA and AWS to CISSP, with expected salaries, a practical study plan, and a comparison table to pick the right one
Information Security vs. Cybersecurity: A Clear and Complete Guide
What's the difference between information security and cybersecurity? A simplified explanation with a detailed comparison table, practical examples, technical commands, career paths, and salaries for each specialization.