Infosec Security Clearance? What does it mean? how to get it?

hello fellow Infosec people. i have a security + and GCIH certification.

but i'm looking around at job descriptions and i often see (Clearance Level Needed) - what does it mean? are there diff types of clearance..

how is a security clearance different from having certifications? im just curious about that.

I found this pdf document but - i'm wondering how does this apply to Information Security. I keep seeing jobs that ask for "minimium security clearance" and they give acronyms that i've never heard of before.

https://www.clearancejobs.com/security_clearance_faq.pdf

Find more posts tagged with

Comments

aftereffector

A security clearance just means that you have been investigated and are qualified to receive and handle material that is classified at a certain level. For instance, the military uses Secret and Top Secret designations for its classified data, and servicemembers may be granted a Secret or TS clearance to perform their duties. There are different agencies that grant clearances - for instance, the Department of Defense and the Department of State both issue Top Secret clearances but through a slightly different process.

Unfortunately, unlike certifications, security clearances aren't something that we as individuals can apply for. The clearance investigation must be initiated by your employer.

bkhayes

aftereffector wrote: »

A security clearance just means that you have been investigated and are qualified to receive and handle material that is classified at a certain level. For instance, the military uses Secret and Top Secret designations for its classified data, and servicemembers may be granted a Secret or TS clearance to perform their duties. There are different agencies that grant clearances - for instance, the Department of Defense and the Department of State both issue Top Secret clearances but through a slightly different process.

Unfortunately, unlike certifications, security clearances aren't something that we as individuals can apply for. The clearance investigation must be initiated by your employer.

wow. very interesting. so - i need to work for a place that initiates it for me. very cool. i hope i can get one someday.

i have a question then, what does DoD 8570 clearance mean.

i see this website says that GIAC certifications mean that - i have it. am i wrong?

Dept of Defense Directive: DoDD 8570

https://www.sans.org/media/dod8570/dod8570.pdf

aftereffector

DoD 8570 is something quite different actually! That directive outlines the minimum certification requirements for certain defined positions (IAM, IAT, and IASAE levels I through III, plus a few others). Several different certs can fulfill the requirements for a particular position. For instance, CISSP can be used to cover IAT III, IAM II, and IAM III, as well as IASAE I and II.

Here is the information straight from the source:
DoD Approved 8570 Baseline Certifications
and
DoD 8570 Information Assurance Workforce Improvement Program Home

bkhayes

aftereffector wrote: »

DoD 8570 is something quite different actually! That directive outlines the minimum certification requirements for certain defined positions (IAM, IAT, and IASAE levels I through III, plus a few others). Several different certs can fulfill the requirements for a particular position. For instance, CISSP can be used to cover IAT III, IAM II, and IAM III, as well as IASAE I and II.

Here is the information straight from the source:
DoD Approved 8570 Baseline Certifications
and
DoD 8570 Information Assurance Workforce Improvement Program Home

thanks man. i appreciate it.