Security+ & Cybersecurity Certified from (ISC)2 before CCSK & CCSP Certification - Your Views

Darsh_SecDarsh_Sec Member Posts: 2 ■□□□□□□□□□


My Question:

Do you think I should start my journey in Cloud Security & Cyber Security through the Security+ from Comptia and Cyber Security Certified from (ISC)2 certifications to strengthen my Information Security fundamentals before I move towards Cloud Security, & Cyber Security?

My Background:

I have no technical experience (I have not been part of the engineering team designing or implementing security solutions) in Information Security. I am from a non-technical background. In my current job, I am responsible for Cloud Governance. I am working as a process consultant responsible for defining processes, policies, and guidelines governing cloud workloads within my company. I am Azure Fundamentals, & AWS Cloud Certified Practitioner certified and at the moment working on my SC-900 (Microsoft Security, Compliance, and Identity Fundamentals) certification. I have implemented ISO 27001 Information Security Framework, and I have been ISO 2701 Lead Auditor.

My plan/ambitions:

I want to be certified in Cloud Security & Cyber Security and I am aiming to be CCSK certified in the next 3 months. My objective is not just to get a certificate, I want to have a strong foundation in Cloud Security and move towards Cyber Security Governance, Compliance, & Auditing.

I don't want to be in an actual Technical job (engineering team). I want to be part of the auditing and governance team wherein I get to define processes, procedures, and policies and perform auditing verifying the controls implemented against CSA STAR Certification for Cloud Security and verify the security and Cyber Security posture of an organization using the NIST, or other Cyber Security frameworks or Standards.

Please help me with pointers on how do I start my journey in Cloud Security and Cyber Security.


  • JDMurrayJDMurray Admin Posts: 12,871 Admin
    I'd say have a look at Security+ first. That's the groundwork for many other general InfoSec certs, like the CISSP. Many of the specialty InfoSec certs (e.g., Cloud) contain material found in Sec+ and CISSP too.
  • E Double UE Double U Member Posts: 2,199 ■■■■■■■■■■
    edited January 11
    Since you already have the Azure and AWS foundational certifications, CCSK is a nice way to go. After years of experience you can then pursue CCSP. Security+ should suffice since you do not plan to go too deep/hands on with technical aspects of cybersecurity. 
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • Darsh_SecDarsh_Sec Member Posts: 2 ■□□□□□□□□□
    edited January 11
    Thank you for your response @JDMurray and @E Double U. As you mentioned I will start with the Security+ certification to have the strong foundation
Sign In or Register to comment.