Relevant Education or Certifications Held

You may satisfy one year of required experience through holding one of the following below (you will then need four years of relevant work experience):

Four-Year College Degree or Regional Equivalent

You can substitute a maximum of one year of work experience if you hold one of the following:

A four-year college degree or regional equivalent
An advanced degree in information security from the U.S. National Center of Academic Excellence in Information Assurance Education (CAE/IAE).

OR

Approved Credential on the ISC2 Approved List
You can satisfy one year work experience if you hold one of the approved credentials on the below ISC2 approved list.

AWS Certified Security - Specialty
Certified in Governance, Risk and Compliance (CGRC)
Certified Cloud Security Professional (CCSP)
Certified Computer Examiner (CCE)
Certified Ethical Hacker v8 or higher
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)
Certified Internal Auditor (CIA)
Certified Protection Professional (CPP) from ASIS
Certified in Risk and Information Systems Control (CRISC)
Certified Secure Software Lifecycle Professional (CSSLP)
Certified Wireless Security Professional (CWSP)
Cisco Certified CyberOps Associate/Professional
Cisco Certified Internetwork Expert (CCIE) Security
Cisco Certified Network Associate Security (CCNA Security)
Cisco Certified Network Professional Security (CCNP Security)
CIW Web Security Professional
CIW Web Security Specialist
CompTIA Advanced Security Practitioner (CASP+)
CompTIA CySA+
CompTIA Security+
Computer Hacking Forensic Investigator (CHFI)
CSA Certificate of Cloud Security Knowledge (CCSK)

EC-Council Certified Security Specialist (ECSS)
EC-Council Certified SOC Analyst (CSA)
GIAC Certified Enterprise Defender (GCED)
GIAC Certified Incident Handler (GCIH)
GIAC Certified Intrusion Analyst (GCIA)
GIAC Cyber Threat Intelligence (GCTI)
GIAC Global Industrial Cyber Security Professional (GICSP)
GIAC Information Security Fundamentals (GISF)
GIAC Information Security Professional (GISP)
GIAC Security Essentials Certificate (GSEC)
GIAC Security Leadership Certification (GSLC)
GIAC Strategic Planning, Policy, and Leadership (GSTRT)
GIAC Systems and Network Auditor (GSNA)
HealthCare Information Security and Privacy Practitioner (HCISPP)
Information Security Management Systems Lead Auditor (IRCA)
Information Security Management Systems Principal Auditor (IRCA)
Juniper Networks Certified Internet Expert (JNCIE-SEC)
Microsoft Identity and Access Management
Microsoft Security Operations Analyst
Microsoft Certified Cybersecurity Architect
Offensive Security Certified Professional/Expert (OSCP/E)
Systems Security Certified Practitioner (SSCP)

CISSP Experience Requirements