Career Resources

(ISC)² is renowned for its certified information security certifications, such as the Certified Information Systems Security Professional (CISSP). The organization focuses on education, networking, and advocacy for cybersecurity professionals. It offers various resources, including professional development courses, research, and global conferences.

Originally focused on auditing controls for computer systems, ISACA now serves a broader IT governance role, offering certifications like CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), CRISC (Certified in Risk and Information Systems Control), and CGEIT (Certified in the Governance of Enterprise IT). ISACA provides educational resources, networking opportunities, and publications to IT governance professionals.

The SANS Institute is a private U.S. company that specializes in information security and cybersecurity training. SANS offers a wide range of resources, including training courses, certifications, and research, to help professionals develop their skills in cybersecurity defense, incident response, and threat analysis.

CompTIA is known for its vendor-neutral technology certifications, including the Security+, CySA+ (Cybersecurity Analyst), and PenTest+ (Penetration Testing). The organization focuses on education, certification, advocacy, and philanthropy to support the IT and cybersecurity industries.

Best known for the Certified Ethical Hacker (CEH) certification, EC-Council offers a variety of certifications in areas such as penetration testing, encryption, and cybersecurity analysis. The council aims to provide training and certification for IT security skills, particularly in ethical hacking and countermeasures.

The IAPP is the largest and most comprehensive global information privacy community and resource, focused on privacy and data protection. The IAPP offers certifications such as CIPP (Certified Information Privacy Professional) and resources for professionals managing privacy risks.

OWASP is an open community dedicated to enabling organizations to develop, purchase, and maintain applications and APIs that can be trusted. It provides free resources, including tools, standards, and best practices, to improve the security of software.

ISSA is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members.

WiCyS is dedicated to bringing together women in cybersecurity from academia, research, and industry to share knowledge, experience, networking, and mentoring. The organization aims to boost the representation and success of women in the cybersecurity field through conferences, workshops, and scholarships.

Black Girls CODE is focused on providing technology education for African-American girls. The organization offers workshops, after-school programs, and events to introduce coding, computer programming, and technology to girls from underrepresented communities, aiming to build a new generation of coders, coders, and technology leaders.

This organization is a community of LGBTQ women, non-binary and trans individuals, and allies in tech. Lesbians Who Tech & Allies provides resources, mentorship, and networking opportunities to increase visibility and inclusion in the technology sector.

The NSBE, with more than 500 chapters, is one of the largest student-governed organizations based in the U.S. It supports and promotes the aspirations of collegiate and pre-collegiate students and technical professionals in engineering and technology. NSBE’s programs aim to increase the number of culturally responsible Black Engineers who excel academically, succeed professionally, and positively impact the community.

SHPE is dedicated to empowering the Hispanic community to realize its fullest potential and to impact the world through STEM awareness, access, support, and development. The organization offers a variety of programs, scholarships, and events to support Hispanic students and professionals in engineering and science.

AnitaB.org is committed to increasing the influence of women technologists in the global innovation economy. Through research, social enterprise, and community, it advocates for women in tech, provides career development resources, and hosts the annual Grace Hopper Celebration, the world’s largest gathering of women technologists.

AWIB is a non-profit organization that supports Asian women entrepreneurs and professionals. While its focus is broader than technology, AWIB offers resources, networking opportunities, and support for Asian women looking to advance their careers in business, including tech sectors.

Indigenous in Tech is a network aimed at supporting Indigenous peoples in the technology sector. It focuses on promoting diversity and inclusion within tech through advocacy, mentorship, and building connections between Indigenous professionals and allies in the industry.

Out in Tech is the world’s largest non-profit community of LGBTQ+ tech leaders. The organization is committed to creating opportunities for its members by providing resources, mentorship, and support networks to promote career growth and diversity in the tech industry.

Techqueria is a nonprofit that serves the largest community of Latinx professionals in the tech industry. It provides resources, support, and networking opportunities to ensure the growth and advancement of Latinx professionals within the field.

A global certification that validates the baseline skills necessary to perform core security functions and pursue an IT security career.

Focuses on the skills required for cybersecurity analysts within Security Operations Centers (SOCs), covering security concepts, policies, and procedures.

Designed for those new to IT, this certification covers a range of IT topics and provides a broad understanding of IT. It’s an excellent starting point for beginners to assess if a career in IT is right for them.

Focuses on diagnosing, restoring, repairing, and replacing critical Cisco networking and system devices at customer sites. Technicians work closely with the Cisco Technical Assistance Center to quickly and efficiently resolve support incidents.

Offers fundamentals in various IT tracks, such as IT infrastructure (which includes networking fundamentals), database fundamentals, and software development. It’s a great starting point for high school and college students or those new to IT.

It’s a step up from the A+ certification and lays the foundation for a career in IT infrastructure, covering troubleshooting, configuring, and managing networks.

An entry-level certification for those looking to enter the IT field, focusing on various technologies across IT operational roles and technical support, such as troubleshooting and problem-solving.

An entry-level certification for Linux system administrators. It covers basic maintenance tasks via the command line, installing and configuring a computer running Linux, and configuring basic networking.

Offered by Google, this certificate is for those who want to get started in IT support. It is available on Coursera and covers the fundamentals of IT support, including troubleshooting, customer service, networking, operating systems, system administration, and security.

An entry-level certification for those looking to build their cloud computing skills with Amazon Web Services. It covers fundamental AWS cloud concepts, core AWS services, architecture, security, and pricing.

Focuses on basic knowledge of Internet technologies, network infrastructure, and web browsing. It’s a good certification for individuals seeking to prove their understanding of Internet basics.

Demonstrates knowledge of assessing the security of computer systems by looking for weaknesses and vulnerabilities in target systems, using the same knowledge and tools as a malicious hacker, but lawfully and legitimately.

Applies behavioral analytics to networks and devices to prevent, detect, and combat cybersecurity threats through continuous security monitoring.

Validates a practitioner’s knowledge of information security beyond simple terminology and concepts and proves hands-on skills.

Focuses on the skills required to conduct penetration testing and vulnerability assessment and management. This certification covers various stages of the penetration testing process, including planning, scoping, and reporting, with an emphasis on hands-on skills.

Aimed at security professionals, the CCNP Security certification validates the skills required to secure and manage network infrastructures. It covers security in routers, switches, networking devices, and appliances, as well as choosing, deploying, supporting, and troubleshooting firewalls, VPNs, and IDS/IPS solutions.

Goes beyond hacking techniques and methodologies to offer a pen-testing methodology that can be applied to various pen-testing or ethical hacking situations. It’s structured towards analyzing the outcome of hacking tools and technologies.

Designed for professionals seeking to demonstrate that they not only understand information security terminology and concepts but also possess the skills necessary to perform security tasks. It’s recognized globally for its practicality and relevance to the day-to-day duties of information security professionals.

This certification is focused on security, compliance, and identity management across Microsoft platforms. It’s designed for those looking to validate their skills in these areas and is a stepping stone to more advanced Microsoft certifications.

Aimed at those who design cloud infrastructures and reference architectures, or deploy systems and applications. This certification validates an individual’s expertise in designing and deploying scalable, highly available, and fault-tolerant systems on AWS.

Recognized globally as the standard of achievement for those who audit, control, monitor, and assess an organization’s information technology and business systems. It’s ideal for IT auditors and control professionals.

Offered by (ISC)², this certification is aimed at professionals in the digital forensics field. It covers forensic techniques and procedures, standards of practice, and legal and ethical principles to provide a comprehensive view of forensics.

Focuses on VMware’s network virtualization platform, NSX. This certification validates the ability to install, configure, and administer NSX virtual networking implementations, as well as understand how NSX integrates with VMware vSphere.

Validates the knowledge and skills required to deploy, operate, and manage the Palo Alto Networks Next-Generation Firewalls to protect networks from cutting-edge cyber threats.

An advanced-level certification for IT pros serious about careers in information security. Offered by (ISC)², CISSP is designed to prove expertise in designing, implementing, and managing a best-in-class cybersecurity program.

Focuses on management, design, and oversight of an enterprise’s information security program. Ideal for management-focused IT professionals.

An ethical hacking certification offered by Offensive Security that teaches penetration testing methodologies and the use of the tools included with the Kali Linux distribution.

Beyond the CISSP, (ISC)² offers concentrations for CISSPs who want to further specialize their expertise in areas such as architecture (CISSP-ISSAP), engineering (CISSP-ISSEP), and management (CISSP-ISSMP). These concentrations demonstrate deep knowledge and experience in specific areas of information security.

An advanced level certification from Offensive Security, the OSCE is the next step after the OSCP for those who have mastered a hands-on, technical penetration testing skills. The OSCE challenges individuals to prove they understand advanced penetration testing and exploit writing.

Recognized globally as one of the most prestigious networking certifications, the CCIE Security certifies expert-level knowledge and skills in network security. From securing systems and infrastructure to troubleshooting complex security issues, this certification covers in-depth security topics.

Designed for penetration testing professionals who have passed rigorous testing, the LPT Master certification demonstrates mastery in penetration testing methodologies and the ability to perform testing in various environments and scenarios.

One of the most prestigious certifications in the IT security industry, the GSE is designed for individuals who demonstrate a master-level capability in IT security. It involves a multiple-choice exam followed by a hands-on lab.

This certification demonstrates advanced expertise in the design of distributed systems and applications on the AWS platform. It’s aimed at individuals who can evaluate cloud application requirements and make architectural recommendations for implementation, deployment, and provisioning applications on AWS.

The highest level of certification offered by VMware, the VCDX demonstrates the ability to design and implement VMware solutions in complex enterprise environments. It involves a rigorous application process, submission of a design, and a defense before a panel of experts.

An advanced certification that demonstrates deep knowledge and skills in designing, deploying, configuring, maintaining, and troubleshooting the vast majority of implementations based on the Palo Alto Networks platform.

Advanced certification for Check Point’s security products, the CCSE is aimed at experts who need to efficiently build, modify, deploy, and troubleshoot Check Point Security systems on the Gaia OS.

While mentioned earlier, the CCSP deserves a spot in advanced certifications for its depth in cloud security. It’s aimed at individuals with extensive experience in IT/cloud security, covering architectural concepts and design requirements, cloud data security, cloud platform and infrastructure security, and compliance.

Recognized globally for IT professionals and risk practitioners, CRISC certification signifies expertise in identifying and managing enterprise IT risk and implementing and maintaining information systems controls.

Reflects in-depth knowledge of cloud security architecture, design, operations, and service orchestration, offered by (ISC)².

Though not solely focused on cybersecurity, CCNA covers basics of networking and network security concepts, making it a good foundational certification.

Focuses on detecting, responding, and resolving computer security incidents using a variety of tools and techniques.

Offered by ISACA, it’s the first experience-based, technical certification of its kind, focusing on implementing privacy by design which results in the creation of products and services that build trust and advance data privacy.

Focuses on the protection of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems. This certification is designed for professionals responsible for safeguarding critical infrastructure and operational technology.

Offered by various organizations, this certification targets professionals who wish to demonstrate their expertise in blockchain technology, its application, and implementation. It covers blockchain’s principles, underlying technologies, and uses in various industries.

Validates skills for securing mobile devices in an enterprise environment, including understanding the security challenges associated with mobile devices and how to mitigate them, and conducting forensic analysis of mobile devices.

Offered by (ISC)², this certification combines cybersecurity skills with privacy best practices and techniques. It demonstrates the ability to implement, manage, and assess security and privacy controls to protect healthcare data.

Designed for engineers, analysts, architects, and leaders working in critical infrastructure protection, the GCIP certification validates the knowledge and skills necessary to secure critical infrastructures and operational technology.

Also offered by (ISC)², CAP certification focuses on the Risk Management Framework (RMF) applied to federal information systems. It’s ideal for IT, information security, and information assurance practitioners and contractors who work with federal information systems.

Focuses on handling and responding to various security incidents, such as network security incidents, malicious code incidents, and insider attack threats. The certification demonstrates the ability to manage and prepare for incidents effectively.

While not solely focused on security, CompTIA Cloud+ is a specialized certification that validates the skills needed to deploy and automate secure cloud environments that support the high availability of business systems and data.

Validates the skills for professionals managing, advising, or providing assurance services around enterprise IT governance. This certification emphasizes the management and governance of IT resources to align with business goals.

Targets professionals involved in the software development lifecycle (SDLC), emphasizing the importance of implementing security practices in each phase of the SDLC to make applications more secure.

Focuses on the security aspects of AWS cloud services, validating an individual’s ability to secure the AWS platform. It covers topics such as data protection and encryption, infrastructure security, incident response, and compliance.

• Detail: Dice is a well-established job board focusing on technology and IT roles, with a significant number of listings in cybersecurity. It offers advanced search options that allow candidates to filter positions by skill set, job title, and location. Dice also provides career advice and resources specifically tailored for IT professionals.
• Link: Dice.com

• Detail: This is an official U.S. government site designed to help cybersecurity professionals find jobs in the public sector. It aims to connect top cybersecurity talent with federal agencies looking to strengthen their defenses against cyber threats. The site also offers resources for understanding the cybersecurity workforce framework and the types of roles available in government.
• Link: CyberCareers.gov

• Detail: CyberSecurityJobs.com focuses exclusively on cybersecurity roles, offering a global platform for job seekers. The site makes it easy to search for positions by keyword, location, and job type (permanent, contract, etc.). It serves as a hub for cybersecurity professionals looking for career opportunities, events, and the latest industry news.
• Link: CyberSecurityJobs.com

• Detail: InfoSec Jobs is a job board specializing in information security roles across various sectors. The platform is designed to help professionals find positions in areas such as penetration testing, security architecture, and risk management. It offers a clean interface for easy navigation of job listings and the option to receive job alerts tailored to specific interests.
• Link: InfoSec Jobs

• Detail: This is a UK-based job site for individuals with security clearance or who are seeking roles that require clearance. It caters to a niche market, including cybersecurity jobs in defense, government, and aerospace. The site offers a range of positions from entry-level to senior roles for candidates who meet the security clearance criteria.
• Link: SecurityClearedJobs.com