Written by Densmore Bartly, assistant information system security officer at USCG Base National Capital Region (NCR)
As Information System Security Officers, we often get the question from others, “How and where should I start to prepare for a career in cybersecurity?”
The following article provides a starting point for researching cyber security roles, as well as the education and certifications required to competitively pursue some of those roles.
There are many entry points into a cybersecurity career, and there are just as many job roles within cybersecurity. If you are considering a career in cybersecurity, you should first begin by researching the different cybersecurity specialty areas.
A good starting point for your research is the Interactive National Cybersecurity Framework found on the website for the National Initiative for Cybersecurity Careers and Studies (NICCS):
“The National Cybersecurity Workforce Framework provides a blueprint to categorize, organize, and describe cybersecurity work into Specialty Areas, tasks, and knowledge, skills and abilities (KSAs). The Workforce Framework provides a common language to speak about cyber roles and jobs and helps define professional requirements in cybersecurity.”
Once you identify a few specialty areas of interest, the next task is to explore required training and certification options. Training and certification are the foundational components of a cybersecurity career. Technology changes rapidly, and cybersecurity professionals must be continuous learners to keep pace with emerging trends.
Coast Guard service members and civilians have three free training resources that host cyber security training courses in their catalogs:
- Federal Virtual Training Environment (FedVTE)
- Cyber Defense Training Cloud (CDTC)
- Skillport Learning Management System.
The information learned from the various certification prep courses found at these sites will help prepare you to challenge various industry certification exams. In addition to training, you must adhere to each individual certification provider’s requirements including meeting experience requirements, and paying any applicable fees. And remember, nothing beats hands-on experience, so don’t forget to join competitions, volunteer, and take special assignments in the cybersecurity field.
Below is one suggested training track for cybersecurity newcomers, which leverages existing free FedVTE training:
Beginner ( 0 – 3 years experience)
1. Baseline IT Knowledge
- CompTIA A+ Certification Prep
- CompTIA Network+ Certification Prep
2. Cybersecurity Concepts
- Cybersecurity Overview for Managers
- Cybersecurity Risk Management for Managers
- CompTIA Security+ Certification Prep
- Cyber Risk Management for Technicians
- (ISC)2™ Systems Security Certified Practitioner
Intermediat e ( 3 – 5 years experience)
- (ISC)2™ Certified Secure Software Lifecycle Professional
- Mobile Security
- Wi-Fi Communications and Security (WNS)
- Trustworthy Software Initiative (TSI)
Advanced Specia lties ( 5+ years experience)
- CompTIA Advanced Security Practitioner Prep
- Penetration Testing
- Certified Ethical Hacker (EC-Council)
- ISACA Certified Information Security Auditor
- ISACA Certified Information Security Manager
- (ISC)2™ Certified Authorization Professional (R) Prep
Expert ( 5+ years experience)
- (ISC)2™ Certified Information Systems Security Professional (CISSP) Certification Prep
- O ptional C onc en trations
- (ISC)2™ CISSP Concentration: ISSAP (Architecture)
- (ISC)2™ CISSP Concentration: ISSEP (Engineering)
- (ISC)2™ CISSP Concentration: ISSMP (Management)