If you have hands-on technical knowledge and experience with implementing, monitoring and administering IT infrastructure in accordance with information security policies and procedures, then the SSCP certification may be just the right credential to enhance your career opportunities.
SSCP validates your practical technical knowledge and competency applicable to day-to-day IT operations responsibilities. SSCPs are viewed as technical experts with demonstrated ability to support key areas of IT operations, including access control, cryptography, network monitoring and analysis, threat detection and remediation, and more.
Backed by (ISC)², the global leader in information security certifications, the SSCP certification draws from a comprehensive, up-to-date global body of knowledge that ensures practitioners have the right knowledge and skills to be successful in information security and IT operational roles.
At least 1 year of cumulative information systems security-related work experience in 1 or more of the 7 domains of the SSCP CBK is required, most new SSCPs have two to 5 years of experience - some more than 10 years.
What job title do you have?
In addition to holding a range of security-specific titles, such as network security engineer and security administrator or specialist, SSCPs work in a range of IT positions where knowledge of information security is increasingly important, such as systems analyst, application programmer, database administrator, and information systems auditor.
What's a typical day like for an SSCP?
You know as well as anyone, there is no typical day. SSCPs hold a variety of responsibilities that require flexibility and a willingness to pivot from one task to the next. Some days are focused on administrative activities and systems maintenance associated with implementing an organization's security policies and procedures. Other days SSCPs are in the hot seat dealing with critical security situations, such as a denial of service attack.
What's your job setting like?
SSCPs work in different types of settings, from network operations centers to small and medium office environments up to the Fortune 1000. Although many SSCPs typically have a "home base" office or cube, they are often on the move troubleshooting with individual employees. They are always "on call" no matter where they are located.
What skill sets are most important to your job?
Technical skills are the foundation. SSCPs must have knowledge of everything related to developing, maintaining, and continuously monitoring the security operations of an organization - from how to maintain the PKI architecture and firewall administration (including IDS, IPS, DLP, and network-based NAP) to maintaining access control lists and server patches. As security technology is constantly evolving, SSCPs, likewise, are evolving their skills and methods to proactively protect their organizations against threats. In addition to strong technical and analytical problem-solving skills, SSCPs also need to be effective communicators. Organizations rely on SSCPs to translate the technical jargon of IT and educate others on the importance of security protocols and procedures in order to ensure a more secure business environment.
If a security breach were to take place, what is your role in handling remediation and/or prevention?
SSCPs are on the front lines when a security breach occurs. They leap into action, creating an initial stop-gap solution while working with management to implement a long-term solution that will prevent future problems. SSCPs interact with others across IT and the business to help guide the response. At smaller organizations where SSCPs might be the only qualified security expert on staff, they are the go-to people in crisis situations, handling the breach assessment and remediation - including directing other IT personnel on what they need to do - in addition to making recommendations to upper management on how to prepare against future attacks.