We at The State of Security are committed to helping aspiring information security professionals reach their full potential. Towards that end, we compiled a list of the top 10 highest paying jobs in the industry. We even highlighted the U.S. cities that tend to reward security personnel with the best salaries, amenities and other benefits.
Knowing which job title you’d like and where you’d like to live goes a long way towards advancing one’s infosec career. But there’s something missing. IT security folks also need to know which training providers they can use to hone their skills in the field.
Don’t worry. We’ve got that covered, too!
Here is a list of 11 respected IT security training providers. Our resource lists these organizations, which range from free to paid-per-class providers, in alphabetical order. It does not rank them.
Cybrary is an open-source community where information security professionals can advance their skills for free. All Cybrary’s educational content is online, which means members can complete courses by skill type (Beginner, Immediate, and Advanced) or career level anywhere they have Internet access. They can even take tests designed by the company’s Education committee to certify their skills in key industry areas. For more intensive training, Cybrary also enables organizations to design training programs for their entire IT security teams.
The International Council of E-Commerce Consultants, otherwise known as EC-Council, has helped train and certify over 220,000 information security professionals in 145 countries. The Council offers numerous degree programs, including “Certified Network Defender” and “Certified Ethical Hacker.” Most of these programs offer paid-for training in live classes conducted online as well as computer-based self-learning. EC-Council also offers consulting and advisory services on topics ranging from vendor risk management to IT governance, from cloud security to PCI DSS compliance.
The Federal Virtual Training Environment (FedVTE) is a system that provides U.S. government employees, members of the military and veterans with free online training in multiple fields. For instance, members can access more than 800 hours of training on risk management, malware analysis and other topics relating to digital security. Managed by the U.S. Department of Homeland Security, these courses of varying difficulty align with industry certifications such as Certified Information Systems Security Professional (CISSP).
4. Global Information Assurance Certification
Global Information Assurance Certification (GIAC) is an organization that offers more than 30 certifications to aspiring information security professionals. Interested parties can choose an education and enrollment track such as forensics and software security. They can then pay to take an exam for their desired certification and use the GIAC online portal to schedule a certification attempt at a Pearson VUE Testing Center near them. Depending on their test results, members may pay for Attempt Retakes as well as time extensions. Professionals can even use GIAC to renew their certifications.
5. Infosec Institute
InfoSec Institute has been in operation since 1998. Since then, it’s helped train 15,000 individuals interested in honing their IT security skills. Today, InfoSec Institute offers more than 557 boot camps and subscription-based courses for certifications offered by 11 different vendors such as (ISC)2, CERT, Metasploit, and others. Trainees can complete these courses on their own schedule. Alternatively, they can enroll in a version of the course that uses live 2-way communication with their instructor and other students.
(ISC)2 is a non-profit organization that offers multiple certifications for information security professionals. It’s been in operation for 30 years. Today, (ISC)2 boasts a membership of 140,000 trained IT security professionals. To help grow its base, the organization offers certification training in systems security, digital forensics, information security, cloud security and other topics. Aspiring professionals can study for these certifications including the acclaimed Certified Information Systems Security Professional (CISSP) certification in the classroom, in Live Online courses, at their own pace in an online format and even with other team members.
7. MIS Training Institute
MIS Training Institute (MISTI) has helped train more than 200,000 students across five continents since its founding in 1978. It now offers certificate programs in in internal audit, fraud and data analytics, risk and compliance, IT audit and information security. Students can complete these programs through a series of live webinars and/or online self-study courses. With the aim of reaching as wide an audience as possible, MISTI hosts events for CISOs and other executives.
8. Offensive Security
Offensive Security believes that the best way organizations can protect themselves is by subjecting themselves to real-world intrusion simulations. As such, it has designed a training program whose learning materials challenge students to think creatively as they explore the tools and tactics of offensive security. Students can learn these exercises to achieve certification as a web expert (OSWE), certified professional (OSCP), certified expert (OSCE), wireless professional (OSWP) or exploitation expert (OSEE). They can do so either live or in person, but if additional people at a given company are interested, Offense Security can lead in-house training to build everyone’s skills at the same time.
9. The SANS Institute
SANS has educated 165,000 information security professionals since its inception in 1989. Today, aspiring security personnel can receive training in the classroom from a SANS-certified instructor, a self-paced program that is conducted online or a mentored setting. As part of its in-person training, SANS offers more than 400 multi-day courses in over 90 cities worldwide. It also maintains a partnership with GIAC and the National Security Workforce through which it offers 30 digital security courses to professionals as part of the National Initiative for Cybersecurity Education (NICE) Framework.
Founded in 2003, SecureNinja provides professional training, certifications and services on topics relating to information technology and digital security. The organization has worked with Lockheed Martin, Northrop, Bitdefender as well as several U.S. government agencies. It’s also a partner of Microsoft and EC-Council. Many of SecureNinja’s training programs, which cover topics including ethical hacking, hacking forensics and the CompTIA Security+ program, involve hands-on training via lab work. However, the organization does run a testing center in Washington DC.
11. Security University
Security University has been serving information security professionals since 1999. Today, it offers five qualified professional programs: Q/ISP (Qualified Information Security Professional), Q/IAP (Qualified Information Assurance Professional), Q/WP (Qualified Wireless Professional), Q/CND (Qualified Cyber Network Defender) and Q/SSE (Qualified Penetration Tester License). These programs help professionals obtain standard certifications in the industry. Some of these programs’ courses are available online; students can complete the other courses in classroom locations with Security University.
Do we get all the right IT Security Training Providers?
We hope the IT security training providers listed above will help information security professionals everywhere reach their goals.
Did we miss a provider? If so, let us know on Twitter – @TripwireInc