Careers and certifications

Security admins, pen testers and CISOs are a few of many potential cybersecurity careers. Get advice on making a career choice and finding the trainings and certifications -- such as Security+, CISSP and CCSK -- needed to land an infosec job, along with guidance on succeeding in a security profession.

Top Stories

Tip 30 Jan 2023
5 ethical hacker certifications to consider

From Offensive Security Certified Professional to GIAC Web Application Penetration Tester, learn about the certifications worth earning to begin your ethical hacker career. Continue Reading
Tip 23 Jan 2023
8 cybersecurity roles to consider

Cybersecurity is an exciting and increasingly important field with a wealth of career opportunities. Explore eight cybersecurity roles and the skills, talent and experience required. Continue Reading

News 16 Jan 2023

Judge dismisses Chris Hadnagy lawsuit against DEF CON

DEF CON said it wasn't the only infosec conference to receive code-of-conduct complaints about Chris Hadnagy, claiming Black Hat USA removed him from its review board. Continue Reading
Tip 28 Dec 2022

10 cybersecurity certifications to boost your career in 2023

A consensus of industry professionals rank these 10 security certifications as the most coveted by employers and security pros -- plus links to 10 vendor security certifications. Continue Reading
Tip 21 Dec 2022

10 must-have cybersecurity skills for career success in 2023

Looking to advance your cybersecurity career? Here are the skills you'll need to win that CISO job, land a gig as a threat hunter and snag other security positions in high demand. Continue Reading
Tip 19 Dec 2022

The 14 best cloud security certifications for IT pros in 2023

Certifications can help security pros prove their baseline knowledge of infosec topics. Consider adding these top cloud security certifications to your arsenal. Continue Reading
Tip 16 Dec 2022

Top 12 online cybersecurity courses for 2023

Our panel of experts picked the best free and paid online cybersecurity courses for working professionals looking to advance their careers and for newbies breaking into the field. Continue Reading
Feature 13 Dec 2022

After the CISO role: Navigating what comes next

Former chief information security officers may have numerous career options available but no clear path forward. Here's how to navigate life after the CISO role. Continue Reading
Tip 12 Dec 2022

As a new CISO, the first 100 days on the job are critical

As a chief information security officer, you won't get a second chance to make a first impression. Learn how a CISO's first 100 days lay the foundation for a successful tenure. Continue Reading
Feature 07 Dec 2022

Understanding malware analysis and its challenges

Discover what to expect in a malware analyst career, from the types of malware you'll encounter to important tools to use to difficulties that arise for those new to the field. Continue Reading
Feature 07 Dec 2022

Why is malware analysis important?

Malware continues to plague all organizations, causing data loss and reputational damage. Discover how malware analysis helps protect companies from such attacks. Continue Reading
Tutorial 06 Dec 2022

How to use the Hydra password-cracking tool

Need help brute-forcing passwords? Get started by learning how to use the open source Hydra tool with these step-by-step instructions and companion video. Continue Reading
Tip 01 Dec 2022

Top 5 key ethical hacker skills

Ethical hacking can be a rewarding career, but it requires tenacity, curiosity and creativity, among other traits. Oh, and you better be a good writer, too. Continue Reading
Feature 29 Nov 2022

How to maintain security with an understaffed security team

Unsurprisingly, many companies function without a complete security team. Security tasks often fall to others in the organization. Here's some advice for stand-in security members. Continue Reading
Tip 16 Nov 2022

Reality check: CISO compensation packages run the gamut

A capable security executive is invaluable -- a fact organizations increasingly recognize. CISOs' salaries are generally trending up, but the range in compensation is wide. Continue Reading
Tip 10 Nov 2022

5 essential programming languages for cybersecurity pros

Coding is an important skill across almost every technology discipline today, and cybersecurity is no exception. Learn about the top programming languages for security professionals. Continue Reading
Answer 08 Nov 2022

3 best professional certifications for CISOs and aspiring CISOs

While one doesn't necessarily need professional cybersecurity certifications to become a CISO, they don't hurt. Explore the best certifications for CISOs and aspiring CISOs. Continue Reading
Tip 01 Nov 2022

Ideal CISO reporting structure is to high-level business leaders

CISOs usually report to a high-level executive, but reporting to a top-level business executive like the CEO rather than a technology executive protects the business best. Continue Reading
Feature 28 Oct 2022

Equipment to include in a computer forensic toolkit

Computer forensic investigators require more than software to do their job. Learn what equipment constitutes a complete computer forensic toolkit. Continue Reading
Feature 28 Oct 2022

Advice for beginner computer forensic investigators

For those interesting in becoming a computer forensics investigator, learn about the career and what to expect, as well as why digital evidence is the most volatile evidence. Continue Reading
Feature 19 Oct 2022

Top 10 pen testing interview questions with answers

Are you pursuing a career in pen testing? Prepare with this list of 10 pen testing interview questions and answers created by three security experts. Continue Reading
Feature 19 Oct 2022

Top IT security manager interview questions

Are you looking for a leadership role in cybersecurity? Three security experts offer their advice on how to answer the most common IT security manager interview questions. Continue Reading
Feature 05 Oct 2022

Top zero-trust certifications and training courses

Most organizations are expected to implement zero trust in the next few years. Learn about zero-trust certifications and trainings that can help prepare your security team. Continue Reading
Tip 27 Sep 2022

How to get into cybersecurity with no experience

Cybersecurity needs new talent now more than ever, but landing that first job without a computer science degree can still be difficult. Here are five tips for getting in the door. Continue Reading
Guest Post 26 Sep 2022

Tips for developing cybersecurity leadership talent

Navigating the skills gap from an employer's perspective starts with investing in talent. Get advice on how to develop and hire emerging leaders from an industry analyst. Continue Reading
Tip 20 Sep 2022

Cybersecurity career path: 5-step guide to success

Taking the lead from ISSA's framework, here's a guide to how you can map out a long and profitable career in cybersecurity. Continue Reading
Tip 13 Sep 2022

How to become a CISO

The chief information security officer role is growing in profile and importance. Explore six actionable tips for aspiring CISOs as they work toward cybersecurity's top job. Continue Reading
Quiz 09 Sep 2022

Sample CompTIA CASP+ practice questions with answers

Preparing for the CompTIA Advanced Security Practitioner certification or refreshing your knowledge to renew your cert? Use these CASP+ practice questions to test your smarts. Continue Reading
Feature 09 Sep 2022

The ultimate guide to cybersecurity planning for businesses

This in-depth cybersecurity planning guide provides information and advice to help organizations develop a successful strategy to protect their IT systems from attacks. Continue Reading
Feature 09 Sep 2022

How to prepare for the CompTIA CASP+ exam

Are you pursuing the CompTIA Advanced Security Practitioner certification? The author of a CASP+ cert guide offers advice on how to prepare for the exam. Continue Reading
Tip 07 Sep 2022

7 CISO succession planning best practices

Nothing is certain except death, taxes and CISO turnover. Learn how to prepare for the inevitable and future-proof your security program with a succession plan. Continue Reading
Tip 01 Sep 2022

Cybersecurity budget breakdown and best practices

Once budget is secured, CISOs must figure out where it should be allocated -- as well as how to justify the costs. Get the lowdown on a cybersecurity budget breakdown here. Continue Reading
Tip 19 Aug 2022

Top 10 cybersecurity interview questions and answers

Interviewing for a job in cybersecurity? Memorizing 100-plus security definitions won't cut it. Here are the 10 interview questions you should be ready for -- and how to answer them. Continue Reading
News 18 Aug 2022

Shunned researcher Hadnagy sues DEF CON over ban

Researcher Christopher Hadnagy is seeking damages from DEF CON and founder Jeff Moss over their decision to ban him citing multiple claims of conduct violations. Continue Reading
Tip 15 Aug 2022

Cybersecurity skills gap: Why it exists and how to address it

The cybersecurity skills shortage is putting enterprises at risk. Worse, it shows no sign of abating. Here is why it's happening and what employers can do to mitigate the problem. Continue Reading
Guest Post 26 Jul 2022

3 ways to help cybersecurity pros avoid burnout

Many security professionals are pushed to their breaking point. Discover three ways employers and managers can help their employees avoid burnout. Continue Reading
News 20 Jul 2022

DOJ report warns of escalating cybercrime, 'blended' threats

The Department of Justice's cyber review report warned that the lines between conventional cybercriminal activity and national security threats have all but disappeared. Continue Reading
Feature 05 Jul 2022

How to write a cybersecurity job posting

Is your organization struggling to find cybersecurity talent? Your job descriptions could be the problem. Learn how to write a good cybersecurity job posting. Continue Reading
Feature 05 Jul 2022

A 'CISO evolution' means connecting business value to security

As cybersecurity has changed, so has the CISO role. 'The CISO Evolution: Business Knowledge for Cybersecurity Executives' aims to help security leaders succeed in the C-suite. Continue Reading
Feature 05 Jul 2022

How to find your niche in cybersecurity

It's difficult to navigate a career in cybersecurity, especially with all the varying roles. A veteran CISO offers advice on how to find your niche in the security industry. Continue Reading
Tip 28 Jun 2022

Negotiating a golden parachute clause in a CISO contract

If a CISO becomes the company scapegoat after a security incident, a strong golden parachute clause can mean the difference between a soft landing and a hard crash. Continue Reading
News 20 Jun 2022

Cleveland BSides takes heat for Chris Hadnagy appearance

The Cleveland BSides security conference is experiencing turmoil after booking a 'surprise' keynote speaker who was recently barred from DEF CON for misconduct. Continue Reading
News 17 May 2022

North Korean IT workers targeting US enterprises

North Korean nationals are looking to land jobs at U.S. and European companies to collect sensitive data that could help the reclusive government's military programs. Continue Reading
Feature 22 Apr 2022

Unethical vulnerability disclosures 'a disgrace to our field'

The cybersecurity field needs more people who use their powers for good, the lead author of Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition says. Continue Reading
Tip 07 Mar 2022

Top DevSecOps certifications and trainings

Check out some of the top DevSecOps certifications and trainings that can help professionals learn how to shift security left in the software development lifecycle. Continue Reading
Feature 28 Feb 2022

Tips for creating a cybersecurity resume

Resumes help candidates leave an impression on potential employers. But did you know one resume often isn't enough? Learn this and other tips for creating a cybersecurity resume. Continue Reading
Feature 28 Feb 2022

How to manage imposter syndrome in cybersecurity

The imposter syndrome phenomenon is readily apparent in cybersecurity. Learn how to manage it, along with mishaps to avoid during the job hunt and other career advice. Continue Reading
News 10 Feb 2022

DEF CON bans social engineering expert Chris Hadnagy

Hadnagy, an influential figure at the DEF CON security conference, was permanently banned following allegations of misconduct at the annual Las Vegas gathering. Continue Reading
Feature 02 Feb 2022

A day in the life of a cybersecurity manager

The role of a cybersecurity leader is often misunderstood. Experience a day in the life of a cybersecurity manager with this breakdown of a security leader's typical schedule. Continue Reading
Feature 02 Feb 2022

Top cybersecurity leadership challenges and how to solve them

Security isn't always a top business priority. This creates challenges for the cybersecurity managers and teams that hope to integrate security into their company's agenda. Continue Reading
Feature 25 Jan 2022

What does an IT security manager do?

IT security managers need to have a passion for learning and critical-thinking skills, as well as understand intrusion prevention and detection. Continue Reading
Feature 29 Dec 2021

Editor's picks: Top cybersecurity articles of 2021

As we call it a wrap on 2021, SearchSecurity looks at the top articles from the last 12 months and their sweeping trends, including ransomware, career planning and more. Continue Reading
Feature 29 Nov 2021

The components and objectives of privacy engineering

Privacy engineering helps organizations balance business and privacy needs, while mitigating the impact of data breaches. Learn about its components and objectives. Continue Reading
Feature 29 Nov 2021

The intersection of privacy by design and privacy engineering

Data privacy concerns are widespread. Privacy by design and privacy engineering help organizations balance privacy with utility and usability. Learn how. Continue Reading
Guest Post 16 Nov 2021

How to create security metrics business leaders care about

Security metrics must be clear, actionable and resonate with business leadership. Learn how to create metrics that business leaders care about and will act upon. Continue Reading
Feature 26 Oct 2021

5 cybersecurity personality traits for a successful career

In this excerpt of 'Confident Cyber Security,' author Jessica Barker outlines five cybersecurity personality traits employers look for in job candidates. Continue Reading
Feature 26 Oct 2021

How to start a career in cybersecurity from the human side

Discover how the co-founder of an infosec consultancy and author of 'Confident Cyber Security' started her career and became a leader in the human nature side of security. Continue Reading
Quiz 30 Sep 2021

10 CIPP/US practice questions to test your privacy knowledge

Advance your privacy career by becoming a Certified Information Privacy Professional. Use these 10 practice questions from Wiley's IAPP CIPP/US study guide to prepare for the exam. Continue Reading
Feature 30 Sep 2021

How to prepare for the CIPP/US exam

The co-authors of a CIPP/US study guide offer advice on the IAPP certification, including career benefits, how to prepare and how the U.S. exam differs from other regions' exams. Continue Reading
Guest Post 15 Sep 2021

CompTIA SYO-601 exam pivots to secure bigger attack surface

The latest CompTIA Security+ exam, SYO-601, tests skills and knowledge for dealing with an expanded attack surface and the latest forms of assault on cybersecurity defenses. Continue Reading
News 25 Aug 2021

HackerOne launches AWS certification paths, pen testing service

A select group of penetration testers in HackerOne's community will be able to obtain three AWS certifications, including the Security - Specialty certification. Continue Reading
Feature 12 Aug 2021

How privacy engineers promote innovation and trust

Forward-thinking companies are hiring privacy engineers. Could your organization benefit? Uncover how these experts promote innovation and fortify customer trust. Continue Reading
Quiz 04 Aug 2021

Sample CompTIA CySA+ test questions with answers

Going for your CompTIA CySA+ certification? Test what you know before taking the exam with these sample test questions on vulnerability assessment output. Continue Reading
Feature 04 Aug 2021

How to prepare for the CompTIA CySA+ exam

The author of the CompTIA CySA+ certification guide offers advice on how to prepare for the exam, discusses the benefits of the cert and more. Continue Reading
Tip 19 Jul 2021

Comparing top identity and access management certifications

In addition to learning security fundamentals applicable to identity and access management, the top IAM certifications can yield rewarding career and networking opportunities. Continue Reading
Feature 30 Jun 2021

What is the BISO role and is it necessary?

Relatively new and somewhat controversial, the business information security officer, or BISO, acts as the CISO's tactical and operations-level ambassador to the business units. Continue Reading
Guest Post 15 Apr 2021

5 cybersecurity testing areas CISOs need to address

With increasing board interest in cybersecurity risk, CISOs need to explain the preventive steps they are taking to have the right cybersecurity testing in place to minimize risk. Continue Reading
Quiz 14 Apr 2021

Sample CCISO exam questions on security project management

This excerpt of 'CCISO Certified Chief Information Security Officer All-In-One Exam Guide' explains security project management fundamentals and provides practice CCISO exam questions. Continue Reading
Feature 14 Apr 2021

CCISO exam guide authors discuss the changing CISO role

Learn more about EC-Council's Certified CISO exam and how the certification helps CISOs at any organization manage successful infosec programs and a changing threat landscape. Continue Reading
Feature 12 Apr 2021

Advice on how to prepare for the CompTIA Security+ exam

The CompTIA Security+ certification is a smart starting point for cybersecurity career hopefuls. Learn how to prepare for the exam, what to expect post-certification and more. Continue Reading
Quiz 12 Apr 2021

Sample CompTIA Security+ exam questions and answers

The CompTIA Security+ exam covers a wide swath of topics, from threats to compliance to architecture. Test what you know about malware with these sample test questions. Continue Reading
Guest Post 26 Feb 2021

6 ways to prevent cybersecurity burnout

Consider investing in training for new employees, offering mentoring and setting goals, automating where possible and more to help prevent cybersecurity burnout. Continue Reading
Feature 29 Jan 2021

The case for applying psychology in cybersecurity training

Chartered psychologist Rebecca McKeown describes how psychology in cybersecurity can improve incident response and makes the case for a research-based approach to training. Continue Reading
Quiz 30 Dec 2020

Review 6 phases of incident response for GCIH exam prep

'GCIH GIAC Certified Incident Handler All-in-One Exam Guide' takes a deep dive into the six phases of incident response to help security pros with GCIH exam prep and certification. Continue Reading
Feature 30 Dec 2020

Preparing for GIAC Certified Incident Handler certification

The author of 'GCIH GIAC Certified Incident Handler All-in-One Exam Guide' shares advice on how to prepare for the exam and why an incident response career can be so rewarding. Continue Reading
Guest Post 18 Dec 2020

How to address the skills gap of security and IT personnel

In part two of Jonathan Meyers' look at the skills gap challenge companies face in cybersecurity, he offers recommendations to consider when ensuring your teams have the skills needed. Continue Reading
Feature 24 Nov 2020

Compare 5 SecOps certifications and training courses

Explore five SecOps certifications available to IT professionals looking to demonstrate and enhance their knowledge of threat monitoring and incident response. Continue Reading
Feature 09 Nov 2020

Free online cybersecurity classes, with certificates

Check out SearchSecurity's catalog of free online security courses led by information security experts on today's most popular security topics. Continue Reading
Tip 24 Sep 2020

Cybersecurity team structure stronger with 3 new roles

Having the right cybersecurity team in place can help reduce how long it takes to control threats. Consider adding cloud security, third-party risk and digital ethics specialists. Continue Reading
Feature 22 Sep 2020

Inclusive job descriptions key for infosec hiring

When seeking candidates for infosec job roles, it helps to think outside the box. Inclusive job descriptions and cutting back on unnecessary requirements are good places to start. Continue Reading
Guest Post 09 Sep 2020

Best practices for ethically teaching cybersecurity skills

Jonathan Meyers has recommendations that teachers and students can use to enhance their teaching and learning of cybersecurity skills to remain relevant in this fast-paced industry. Continue Reading
Quiz 20 Aug 2020

CISSP practice exam questions and answers

Test your knowledge and preparedness for the CISSP exam with 16 questions taken directly from the latest 'CISSP All-in-One Exam Guide' from McGraw Hill. Continue Reading
Feature 03 Aug 2020

Which type of CISO are you? Company fit matters

Incompatibility between CISOs and their companies can lead to stress, frustration, burnout and rapid turnover. Identify your CISO style to target the ideal role and environment for you. Continue Reading
Opinion 03 Aug 2020

Develop internal cybersecurity talent to build your dream team

Cybersecurity duties have changed, with cloud and coding being essential knowledge now. But CISOs can still build their dream cybersecurity team through internal talent development. Continue Reading
03 Aug 2020

Develop internal cybersecurity talent to build your dream team

Continue Reading
Feature 22 Jul 2020

Minorities in cybersecurity face unique and lasting barriers

IT is facing renewed scrutiny into its lack of diversity. Explore the unique barriers minorities in cybersecurity face and why hiring approaches are ill equipped to address them. Continue Reading
Tip 07 Jul 2020

Navigate the DOD's Cybersecurity Maturity Model Certification

The Cybersecurity Maturity Model Certification requires DOD contractors to achieve baseline security standards. Explore the five levels of certification and how to achieve them. Continue Reading
Feature 07 Jul 2020

Why COVID-19 won't stop cybersecurity jobs and recruitment

The economy is struggling, and many careers are taking hits, but cybersecurity jobs and careers will likely stay in demand as companies need to keep data and customers safe. Continue Reading
Feature 16 Jun 2020

Invest in new security talent with cybersecurity mentorships

Cybersecurity mentorships provide a great opportunity for those just entering the industry who want a successful start. Having the right guidance is a must. Continue Reading
Feature 01 May 2020

CISO stress and burnout cause high churn rate

The nature of the CISO role can take a toll, say industry vets, with frustration and stress contributing to high turnover rates and burnout. Learn how to make it work. Continue Reading
Feature 07 Apr 2020

Skill building is key to furthering gender diversity in tech

Gender disparities imperil the threat intelligence community. Shannon Lietz, leader and director of DevSecOps at Intuit, discusses current efforts to attract female talent. Continue Reading
Feature 26 Mar 2020

CISA exam preparation requires learning ethics, standards, new vocab

The CISA certification is proof of an auditor's knowledge and skills. However, the exam isn't easy and requires some heavy learning -- especially when it comes to vocabulary. Continue Reading
Quiz 26 Mar 2020

CISA practice questions to prep for the exam

Ready to take the Certified Information Systems Auditor exam? Use these CISA practice questions to test your knowledge of the audit process job practice domain. Continue Reading
Feature 12 Mar 2020

ITOps security requires attention to training

Becoming fluent about IT security is critically important for numerous aspects of ITOps, yet many organizations fail to train their ITOps staff in security. Continue Reading
Answer 26 Feb 2020

Good cybersecurity thesis topics for a master's degree

Writing a master's thesis? A strong topic positions you for academic and professional success, while a weak one promises to make an already intensive process arduous at best. Continue Reading
Feature 07 Jan 2020

The who, what, why -- and challenges -- of CISM certification

Think you're ready for the CISM certification exam? Peter Gregory, author of CISM: Certified Information Security Manager Practice Exams, has some pointers for you. Continue Reading
Answer 26 Nov 2019

What is the role of CISO in network security?

The role of CISO in network security goes beyond risk management. It also requires understanding compliance regulations and business needs, as well as the ability to communicate security policies to nontechnical employees. Continue Reading
Feature 06 Nov 2019

4 innovative ways to remedy the cybersecurity skills gap

Learn how companies should adapt to hire, recruit and retain top-notch employees during the current cybersecurity workforce shortage. Continue Reading
Feature 01 Nov 2019

A cybersecurity skills gap demands thinking outside the box

Today's security team shortages can't be filled using yesterday's thinking. Learn what other IT security leaders are doing to plug the skills gap and keep their organization safe. Continue Reading
01 Nov 2019

A cybersecurity skills gap demands thinking outside the box

Continue Reading
Infographic 01 Nov 2019

Enterprises feel the pain of cybersecurity staff shortages

It's hard enough keeping up with today's threats on a good day. But when your IT organization is spread thin, especially in terms of cybersecurity staff, the challenges mount. Continue Reading
News 16 Sep 2019

DerbyCon attendees and co-founder reflect on the end

DerbyCon attendees and co-founder Dave Kennedy reflect on the legacy and future of the conference following its final event, which took place in Louisville, Ky. Continue Reading