Cloud Security Professional (CCSP)

• Strong relevance: CCSP remains a high-signal credential for mid-to-senior professionals responsible for cloud security.
• Career mobility: Skills map to multiple roles—cloud security architect/engineer,
  AppSec/DevSecOps lead, IR/SOC with cloud scope, and risk/compliance for cloud portfolios.
• Future-proofing: As organizations deepen cloud adoption and governance, CCSP holders are positioned to lead design, assurance, and operations initiatives.
• U.S. baseline: Information Security Analyst median sits in the low-to-mid $120Ks; CCSP-aligned roles typically trend above this.
• Cloud Security Engineer/Consultant: ~$140K–$180K total cash; seasoned talent in high-cost markets often $180K+.
• Cloud Security Architect / Lead / Manager: ~$160K–$220K+; regulated/DoD or clearance roles can exceed $250K.
• Total comp usually adds 10–25% via bonuses/equity; stacking CCSP with credentials like CISSP/CKS can further lift offers.

By the end of this course, learners will be able to:

• Map business, risk, and compliance requirements to secure cloud architectures.
• Classify, protect, and govern cloud-resident data throughout its lifecycle.
• Engineer platform and infrastructure security controls and validate their effectiveness.
• Apply secure SDLC practices, threat modeling, and assurance/validation for cloud apps.
• Run security operations in cloud environments, including monitoring, IR, and forensics readiness.
• Navigate legal, privacy, audit, and cross-jurisdictional obligations in the cloud.

Cloud Security Architects/Engineers, Security Analysts/Consultants, DevSecOps and Application Security leads, SOC/IR professionals with cloud responsibilities, IT Risk/Compliance/Audit professionals supporting cloud portfolios.

• Cloud Concepts, Architecture & Design: reference architectures, deployment/service models, design principles, and shared responsibility.
• Cloud Data Security: data lifecycle, classification, discovery, encryption and key/secret management, DLP, IRM.
• Cloud Platform & Infrastructure Security: compute, storage, networking, virtualization, hardening, BC/DR.
• Cloud Application Security: secure SDLC, threat modeling, secure coding patterns, API and supply-chain controls.
• Cloud Security Operations: build/operate cloud controls, logging/SIEM, IAM operations, IaC baselines, incident handling, forensics support.
• Legal, Risk & Compliance: privacy, cross-border data, eDiscovery, audits, standards, contracts and SLAs.

Module 1 — Cloud Concepts, Architecture & Design

•  Cloud characteristics, roles, and reference architectures
•  Service & deployment models; multi-cloud and portability
•  Shared responsibility, design patterns, secure baselines
•  Lab: Model a secure multi-tier cloud workload with high availability

Module 2 — Cloud Data Security

•  Data lifecycle (create/store/use/share/archive/destroy)
•  Discovery & classification; labeling and mapping
•  Encryption, tokenization, IRM; keys, secrets, and certificates management
•  Lab: Build a data classification policy and design a multi-region KMS/secret management plan

Module 3 — Cloud Platform & Infrastructure Security

•  Compute, storage, networking; management plane hardening
•  Network segmentation, traffic inspection, zero-trust patterns
•  Vulnerability assessment and continuous hardening
•  BC/DR strategies (RTO/RPO), resilience testing
•  Lab: Design micro-segmented networks and validate control placement

Module 4 — Cloud Application Security

•  Secure SDLC and DevSecOps in cloud; CI/CD guardrails
•  Threat modeling (STRIDE/PASTA), SCA/DAST/IAST approaches
•  API security, supply-chain risk, OSS validation
•  Lab: Implement a “shift-left” threat model and an assurance checklist for a cloud-native app

Module 5 — Cloud Security Operations

•  Build/operate control stacks; logging/telemetry, SIEM in cloud
•  IAM ops (SSO, federation, MFA), secrets rotation
•  Incident response runbooks; acquisition & preservation considerations
•  Lab: Create a cloud IR playbook with event collection, triage, and escalation

Module 6 — Legal, Risk & Compliance

•  Cross-jurisdictional privacy, contractual vs. regulated data
•  eDiscovery, forensics requirements; audit methodologies in cloud
•  Risk analysis, supplier assessments, SLAs, and right-to-audit
•  Workshop: Draft a cloud-specific control & evidence catalog for an audit scenario

End-to-end design review, exam strategy, timed question set with debrief

• From October 1, 2025: Computerized Adaptive Testing (CAT) with 100–150 items in ~3 hours; blueprint (domains/weights) unchanged.
• Experience pathway: 5 years IT (3 in infosec) and 1 year in CCSP domains. CISSP waives the entire experience requirement. CCSK waives 1 year in a CCSP domain. Associate of ISC2 path is available if you pass the exam before completing experience.
• Maintenance: 90 CPEs each 3-year cycle and an AMF (single AMF covers multiple ISC2 certs).

• Comprehensive coverage matched to the official exam outline and domain weights
• Multi-cloud patterns and vendor-neutral controls you can apply immediately
• Exam-focused drills plus design/ops scenarios that mirror real practice

Who is the ideal candidate for this course?
Mid- to senior-level security practitioners responsible for securing cloud data, applications, and platforms, plus auditors/risk professionals evaluating cloud controls.
What are the course prerequisites?
Hands-on familiarity with security, networking, and cloud services. Exposure to IAM, encryption, and virtualization helps.
Does this course align to the official CCSP domains and weights?
Yes. Content, labs, and drills map directly to the six domains and their published weightings.
Can I take the exam before I have all the required work experience?
Yes. You can pass the exam first and hold Associate of ISC2 status while you complete the required experience.
Does holding CISSP waive CCSP experience?
Yes. An active CISSP waives the entire CCSP experience requirement (endorsement still required).
Does CCSK help with CCSP experience?
Yes. CCSK waives one year toward the CCSP domain experience requirement.
How many CPEs and what fees are required to maintain CCSP?
90 CPEs every three years. Annual Maintenance Fee is required; ISC2 members pay a single AMF each year regardless of the number of ISC2 certifications they hold.
What is the exam retake policy?
If needed: wait 30 days after the first attempt, 60 days after the second, and 90 days for the third and subsequent attempts; up to 4 attempts within any 12-month period.
Will this course include practice questions and a mock exam?
Yes—each domain includes exam-style drills, and a proctored mock exam is delivered in the capstone. (Lecture, guided labs, case studies, exam drills, capstone + mock exam)
Is the training vendor-neutral or focused on a single cloud?
Vendor-neutral with multi-cloud examples (public, private, hybrid) and patterns that transfer across providers.
Do I need programming skills?
Not required. Familiarity with APIs, automation concepts, and secure SDLC is helpful.
What roles does CCSP support?
Cloud Security Architect/Engineer, AppSec lead, DevSecOps engineer, Security Analyst, IR/SOC with cloud scope, IT Risk/Compliance/Audit with cloud portfolios.
How does CCSP differ from CCSK?
CCSK validates foundational cloud-security knowledge; CCSP is a deeper, experience-based certification covering architecture, operations, and governance at senior practitioner level.
If I already hold CISSP, is this course still useful?
Yes. CCSP dives deeper into cloud-specific architecture, data protection, application assurance, and legal/compliance nuances across cloud models.
What are job roles am I qualified for?
Cloud Security Architect; Cloud Security Engineer; Cloud Security Consultant; Cloud SecOps
Engineer / Analyst; Cloud Incident Response Lead; Threat Detection / SIEM Engineer (Cloud);
IAM Engineer / IAM Architect; DevSecOps Engineer (Cloud); Application Security Engineer
(Cloud); Cloud Risk and Compliance Analyst / Auditor
Data Security Engineer (KMS / DLP); Cloud Network Security / Zero-Trust Engineer
Solutions Architect (Security, Pre-Sales); Cloud Forensics and eDiscovery Specialist Cloud Security Program Manager
How does Global IT support students after certification?

• Post-training refresher sessions
• Access to additional practice materials, Professional development classes etc.
• Career transition guidance for higher certifications (Network+, Security+, CySA+, etc.)

How can I contact Global IT for questions or support?
Phone: (866)-GO-GIT-GO OR Email: info@global-itech.com