Hi, whenever I want to learn something new, I go to Now Learning and search for a Path, which gives you a step-by-step plan to achieve your outcome. (Notice the icon to the left of the found content under "Learning Content" search results.

https://nowlearning.servicenow.com/

Hi,

I've completed SecOps first to include the two certifications.  I'll then be tackling GRC.

I would recommend the same approach (others may disagree).  SecOps is relatively straight-forward.  You do need some background in security but there are plenty of resources out there.  I would also recommend that find a security "friend" with whom you can discuss what your are learning both in terms of general security and to answer questions.

I assume that you will be taking all three SecOps classes at some point.  You definitely need some degree of security knowledge before taking the classes, and you should definitely do the instructor-presented courses (not sure if on-demand is available yet).  I felt the courses were overall good, except for the Security Incident Response labs, which were way too basic.

GRC, IMHO, has a lot more components to it, and the ones that I am somewhat familiar with do require some background knowledge.  It's a terrific product.

Hope this helps.

-Steve