Certification Roadmaps

Role-based certification paths for cybersecurity careers. Each roadmap progresses from entry-level to expert.

Quick Navigation

Role	Entry Cert	Target Cert
SOC Analyst	Security+	CISSP
Penetration Tester	Security+	OSCP/OSEP
Security Engineer	Security+	CISSP
Incident Responder	Security+	GCFA/GREM
Security Architect	Security+	CISSP/SABSA
Cloud Security Engineer	Security+	CCSP
GRC Analyst	Security+	CISA/CRISC
Threat Intelligence	Security+	GCTI
Application Security	Security+	OSWE
Network Security	Network+	CCNP Security

SOC Analyst

Security Operations Center analyst monitoring and responding to security events.

Security+ ──> CySA+ ──> GCIH ──> CEH ──> GCIA ──> CISSP
   Entry       Core     Incident  Ethical  Intrusion  Senior
                        Handler   Hacking  Analysis

Level	Certification	Organization
Entry	Security+	CompTIA
Core	CySA+	CompTIA
Intermediate	GCIH	GIAC
Intermediate	CEH	EC-Council
Advanced	GCIA	GIAC
Senior	CISSP	(ISC)²

Penetration Tester

Offensive security professional testing systems for vulnerabilities.

Security+ ──> PenTest+ ──> CEH ──> OSCP ──> OSEP/GXPN
   Entry       Entry       Mid    Gold      Expert
              Pentest            Standard

Level	Certification	Organization
Foundation	Security+	CompTIA
Entry Pentest	PenTest+	CompTIA
Intermediate	CEH	EC-Council
Advanced	OSCP	OffSec
Expert	OSEP	OffSec
Expert	GXPN	GIAC

Security Engineer

Building and maintaining security infrastructure.

Security+ ──> CySA+ ──> SecurityX ──> CISSP ──> CCSP
   Entry       Mid      Advanced     Expert    Cloud

Level	Certification	Organization
Foundation	Security+	CompTIA
Intermediate	CySA+	CompTIA
Advanced	SecurityX	CompTIA
Expert	CISSP	(ISC)²
Cloud	CCSP	(ISC)²

Incident Responder

Responding to and investigating security incidents.

Security+ ──> CySA+ ──> GCIH ──> GCFA ──> GREM
   Entry       Core     Handler  Forensics Malware

Level	Certification	Organization
Entry	Security+	CompTIA
Core	CySA+	CompTIA
Core IR	GCIH	GIAC
Forensics	GCFA	GIAC
Malware	GREM	GIAC

Security Architect

Designing enterprise security architecture.

Security+ ──> SecurityX ──> CISSP ──> CCSP ──> SABSA/TOGAF
   Entry       Advanced     Required  Cloud   Architecture

Level	Certification	Organization
Foundation	Security+	CompTIA
Advanced	SecurityX	CompTIA
Required	CISSP	(ISC)²
Cloud	CCSP	(ISC)²
Architecture	SABSA	SABSA Institute
Enterprise	TOGAF	The Open Group

Cloud Security Engineer

Securing cloud infrastructure across AWS, Azure, GCP.

Security+ ──> AWS/Azure Security ──> CCSK ──> CCSP ──> CISSP
   Entry       Vendor-Specific       Neutral  Advanced Expert

Level	Certification	Organization
Foundation	Security+	CompTIA
AWS	AWS Security Specialty	AWS
Azure	Azure Security Engineer	Microsoft
Neutral	CCSK	CSA
Advanced	CCSP	(ISC)²
Expert	CISSP	(ISC)²

GRC Analyst

Governance, Risk, and Compliance specialist.

Security+ ──> CISA ──> CRISC ──> CISSP ──> ISO 27001 Lead Auditor
   Entry      Audit    Risk     Advanced  Compliance

Level	Certification	Organization
Foundation	Security+	CompTIA
Audit	CISA	ISACA
Risk	CRISC	ISACA
Advanced	CISSP	(ISC)²
Compliance	ISO 27001 Lead Auditor	PECB

Threat Intelligence Analyst

Analyzing and reporting on cyber threats.

Security+ ──> CySA+ ──> GCTI ──> GCIA ──> GOSI
   Entry       Core     Intel   Intrusion OSINT

Level	Certification	Organization
Foundation	Security+	CompTIA
Core	CySA+	CompTIA
Intel	GCTI	GIAC
Intrusion	GCIA	GIAC
OSINT	GOSI	GIAC

Application Security

Securing software and web applications.

Security+ ──> CEH/CySA+ ──> CSSLP ──> OSWE ──> GWAPT
   Entry       Foundation    SDL     Web App  Web Pentest

Level	Certification	Organization
Foundation	Security+	CompTIA
Foundation	CEH	EC-Council
SDL	CSSLP	(ISC)²
Web Expert	OSWE	OffSec
Web Pentest	GWAPT	GIAC

Network Security Engineer

Securing network infrastructure.

Network+ ──> Security+ ──> CCNA ──> CCNP Security ──> CISSP
   Entry      Security     Cisco    Advanced        Expert

Level	Certification	Organization
Foundation	Network+	CompTIA
Security	Security+	CompTIA
Cisco	CCNA	Cisco
Advanced	CCNP Security	Cisco
Expert	CISSP	(ISC)²

Study Resources

Free

Professor Messer - CompTIA video courses
Cybrary - Free courses
TryHackMe - Hands-on labs

Paid

Udemy - Jason Dion, Mike Meyers courses
INE - Security specialization
CBT Nuggets - Video training

Practice Exams

Boson - Premium practice tests
ExamCompass - Free practice
Pocket Prep - Mobile app

See the main README for complete certification tables with all links.

Navigation

Home

Projects

Guides

Resources

Progress: 3/60

View on GitHub

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Certification Roadmaps

Certification Roadmaps

Quick Navigation

SOC Analyst

Penetration Tester

Security Engineer

Incident Responder

Security Architect

Cloud Security Engineer

GRC Analyst

Threat Intelligence Analyst

Application Security

Network Security Engineer

Study Resources

Free

Paid

Practice Exams

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Navigation

Projects

Guides

Resources

Clone this wiki locally