Good timing to start building a portfolio, your CCNA-level networking foundation actually gives you a head start most beginners don't have. Here's what actually matters:

What carries the most weight:

TryHackMe writeups over everything else at your stage*.* Not just "I completed this room", document your thinking. What did you find, why does it matter, how would you defend against it. One solid writeup shows more than 10 completion badges.

Packet Tracer is great for learning but doesn't impress anyone reviewing a portfolio. A basic VirtualBox setup with Kali + a Windows VM running real tools is worth far more. Since you're doing CCNA level networking, add pfSense as your virtual firewall it bridges your networking knowledge directly into security.

Specific projects that make sense at your stage:

• Build a small virtual network (pfSense firewall + Windows client + Kali attacker) and document the traffic flow. Run an Nmap scan, capture it in Wireshark, explain what you see

• Set up Snort or Suricata as an IDS on your home lab, trigger some alerts intentionally and write up what fired and why

• Take one OWASP Top 10 vulnerability, set up DVWA locally, exploit it, then document both the attack and the fix

What to document and where: GitHub for everything. Even a basic README explaining what you built and why is enough to start. Recruiters and hiring managers google candidates a GitHub with 3-4 security projects is more memorable than a blank profile with certs listed.

TryHackMe is better for structured learning at your current stage. Move to HackTheBox when you want harder unguided challenges, it's less hand-holdy and more impressive on a portfolio once you're ready.

Your CCNA knowledge will shine when you start doing network traffic analysis and firewall labs most people doing these have weak networking foundations. That's your edge, use it.