The Systems Security Certified Practitioner (SSCP) certification demonstrates you have the advanced technical skills and knowledge to implement, monitor and administer IT infrastructure using security best practices, policies and procedures established by the cybersecurity experts at (ISC)².
The SSCP is ideal for IT administrators, managers, directors and network security professionals responsible for the hands-on operational security of their organization’s critical assets, including those in the following positions:
- Network Security Engineer
- Systems Administrator
- Security Analyst
- Systems Engineer
- Security Consultant/Specialist
- Security Administrator
- Systems/Network Analyst
- Database Administrator
- Introducing Security and Aligning Asset Management to Risk Management
- Understanding Risk Management Options and the Use of Access Controls to Protect Assets
- Securing Software, Using Security Protocols and Securing Remote Users
- Security Testing and Incident Handling
- Physical Security, Managing Change and Personnel Training
Candidates must have a minimum of one year cumulative paid work experience in one or more of the seven domains of the SSCP CBK. A one year prerequisite pathway will be granted for candidates who received a degree (bachelors or masters) in a cybersecurity program.
A candidate who doesn’t have the required experience to become an SSCP may become an Associate of (ISC)² by successfully passing the SSCP examination. The Associate of (ISC)² will then have two years to earn the one year required experience.
Part-time work and internships may also count towards your experience.
Valid experience includes information systems security-related work performed, or work that requires information security knowledge and involves direct application of that knowledge. Experience must fall within one or more of the seven domains of the (ISC)² SSCP CBK:
- Domain 1. Access Controls
- Domain 2. Security Operations and Administration
- Domain 3. Risk identification, Monitoring, and Analysis
- Domain 4. Incident Response and Recovery
- Domain 5. Cryptography
- Domain 6. Network and Communications Security
- Domain 7. Systems and Application Security
Full-time Experience: Your work experience is accrued monthly. Thus, you must have worked a minimum of 35 hours/week for four weeks in order to accrue one month of work experience
Part-Time Experience: Your part-time experience cannot be less than 20 hours a week and no more than 34 hours a week.
- 1040 hours of part-time = 6 months of full time experience
- 2080 hours of part-time = 12 months of full time experience
Internship: Paid or unpaid internship is acceptable. You will need documentation on company/organization letterhead confirming your position as an intern. If you are interning at a school, the document can be on the registrar’s stationery.
Go to the (ISC)2 SSCP Homepage