Sign up for a trial of PluralSight.. they have some good courses to get your started. I've worked through all of them before starting a Security role with a company which is "completely cloud"..
Its amazing - nearly every company I know using AWS are practisiing security likes its 2005! They have no IPS/IDS or Traffic filtering, very little visibility on traffic, they are solely getting by on Security Groups and AIM, then rely upon Golden AMI images to avoid infection - Apparently this is "best practise", trying to convince them otherwise is impossible.
Biting the hand that feeds IT
