CompTIA Advanced Security Practitioner (CASP+): Validating Cybersecurity Skills for Government and Corporate Teams

by Patrick Lane | Jan 28, 2019
A look at the salary range and responsibilities of a cybersecurity architect

When the U.S. Navy needed a way to assess its cybersecurity practitioners, CompTIA answered the call with the CompTIA Advanced Security Practitioner (CASP+) certification in 2012. But this advanced-level cybersecurity certification can be applied to the corporate sector as well.

The IT certification validates the skills of some of the highest-paying cybersecurity jobs, according to Cyberseek, including cybersecurity architect and cybersecurity engineer.

The following topics are covered by this cybersecurity certification:

  • Risk management
  • Enterprise security operations and architecture
  • Research and collaboration
  • Integration of enterprise security

CASP+ is the only hands-on, performance-based certification for cybersecurity practitioners not managers at the advanced skill level. While cybersecurity managers help identify what policies and frameworks could be implemented, CASP+-certified professionals figure out how to implement solutions within those policies and frameworks.

How CASP+ Skills Apply to the Corporate Sector

When CompTIA responded to the U.S. Navy’s need for a performance-based certification, the U.S. Department of Defense (DoD) approved and mandated CASP+ as part of the DoD 8570 directive.

Many corporations that provide services to the U.S. government, such as General Dynamics IT (GDIT), Booz Allen Hamilton and the Johns Hopkins University’s Applied Physics Lab, require personnel to earn CASP+ for specific job roles.   

But since 2012, civilian corporations have also adopted CASP+ certification to validate the skills of their cybersecurity professionals. For example, Verizon Connect, Nationwide, Network Solutions and SecureWorks all have CASP+-certified employees. The skills are necessary to ensure enterprise networks are secure, regardless of government or non-government status.

To receive DoD approval, CASP+ required accreditation through ISO/ANSI 17024. Regulators and government rely on ANSI 1704 accreditation because it provides confidence and trust in the outputs of an accredited program.

Different Job Titles for the Same Role

While the skills required by civilian and DoD companies are the same, the job titles vary.  CASP+ aligns with 11 work roles in the framework used by the DoD to define cybersecurity jobs – the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (NCWF), also known as National Institute of Standards and Technology (NIST) SP 800-181. In the table below, we’ve matched up common civilian job titles to those in the NICE framework to show how the skills align.

Civilian Cybersecurity Job Titles Compared to DoD Job Roles and Skills

Civilian Job Roles DoD/NICE Job Roles Skills Number of Job Listings Average Salaries
Cybersecurity Architect or Security Architect Enterprise Architect, SP-ARC-001
Security Architect, SP-ARC-002
Systems Requirements Planner, SP-RP-001
Design, build, test and implement cybersecurity systems 5,640 $129,000
Cybersecurity Engineer or Security Engineer Security Control Assessor, SP-RM-002
Cyber Defense Analyst, PR-DA-001
Cyber Defense Incident Responder, PR-IR-001
Vulnerability Assessment Analyst, PR-VA-001
Cyber Crime Investigator, IN-CI-001
Monitor networks for cybersecurity breaches and vulnerabilities; test and screen security software; provide recommendations for improvements 40,988 $108,000
Technical Lead Analyst Warning Analyst, AN-TA-001
Research and Development Specialist, SP-RD-001
Manage a team; set up, configure, test and analyze systems 26,013 $85,000*
Application Security Engineer Information Systems Security Developer, SP-SYS-001 Design, test, and implement web security, mobile security and cryptography 26,013 $85,000*

*The closest salary and job listings match on Cyberseek.org is cybersecurity analyst.

As you can see, the jobs are similar, but they have different names. For example, DoD personnel may be cyber defense incident responders, but in the civilian world they might be security engineers. Both job roles perform incident detection and response.

See how CompTIA certifications map to DoD 8570 job roles.

Why Should Job Seekers Care?

Fast track your career. Click here to subscribe today and save 10 percent on CompTIA products.

As a cybersecurity professional, performance certifications like CASP+ can show employers that you have the skills they are looking for. When you apply for jobs and go on interviews, highlight the skills covered by your IT certifications, whether the employers listed the certifications in the job description or not.

By not just listing your certifications and skills, but by being able to explain what they mean and how you’ve applied them in your previous roles, you can prove to employers that you are the right candidate for the job.

Why Should Corporations Care?

Corporations are increasing their ability to fight cyber threats and weaknesses with the skills covered by the CASP+ certification. Making CASP+ certification a requirement in job postings increases the likelihood that you will hire the right person for your cybersecurity enterprise operations.

CASP+ certification ensures that your employees can exercise critical thinking and judgment across a broad spectrum of security disciplines to propose and implement solutions that map to enterprise goals.

Learn more about the CompTIA Advanced Security Practitioner (CASP+) certification.

Find Your Path to a Cybersecurity Career

CASP+ is the endpoint of the CompTIA Cybersecurity Career Pathway. The pathway aligns with the skills needed to support and manage IT cybersecurity.

The CompTIA Cybersecurity Career Pathway

Click the image to learn more about the CompTIA Career Pathways

Learn with CompTIA

Official CompTIA Content is the only study material exclusively developed by CompTIA for the CompTIA certification candidate; no other content library covers all exam objectives for all certifications. Official CompTIA study guides have been developed with Official CompTIA Content to help you prepare for your CompTIA certification exams with confidence. You now have everything you need to learn the material and ensure you are prepared for your exam and your career. See what training materials are available for CASP+.

Want to learn more about CASP+? Download the exam objectives to see what’s covered.

---

Patrick Lane is a director of product management for CompTIA. He manages IT workforce skills certifications, including CompTIA Cybersecurity Analyst (CySA+), CompTIA PenTest+ and CompTIA Advanced Security Professional (CASP+). He has implemented a wide variety of IT projects, including an intranet and help desk for 11,000 end users. Patrick has received certifications in CompTIA Network+, Security+, (ISC)2 CISSP, Microsoft MCSE and CIW Internetworking Professional and Server Administrator.

Jen Blackwell also contributed to this article. She is a senior products marketing manager at CompTIA and oversees the certifications along the CompTIA Cybersecurity Career Pathway.

9 Comments

  • PAUL BURNETT

    Friday, February 1, 2019

    Hi, I'm a Marine Corps veteran is there a discount for veterans for CompTIA Security+ certifications exam???

  • Pedro Garza

    Friday, February 1, 2019

    This was a very insightful as well as useful article. I am currently not working in the IT field but did for 24 years previous and will be looking into maintaining my certifications along the way. This will certainly be one that I look into further.

  • Derek keogh

    Saturday, February 2, 2019

    Very interested.

  • gwinyai Sadza

    Saturday, February 2, 2019

    Hello, Do I have to complete both the CySA+ AND the PenTest+ or just one or the other if I want to pursue the CASP+?

  • Wednesday, February 6, 2019

    Hi, Paul! Thanks for your question. We do not directly provide discounts specifically for veterans, but you do have a number of options for getting discounted - or possibly free - vouchers and training. Check out these articles for more info: https://certification.comptia.org/it-career-news/post/view/2018/08/31/voucher-discount and https://certification.comptia.org/it-career-news/post/view/2017/11/09/how-to-use-the-gi-bill-for-it-certifications

  • Wednesday, February 6, 2019

    Hi, Gwinyai! Thanks for your question. Technically you don't have to complete any other certifications before pursuing CASP+ if you have the recommended skills and experience. That said, the topics covered in both CySA+ and PenTest+ will prepare you for what is covered by CASP+. It depends on your career path and what skills you're looking to validate - do you work in offensive or defensive cybersecurity? This article might help answer your questions: https://certification.comptia.org/it-career-news/post/view/2018/09/28/cybersecurity-red-team-or-blue-team

  • Ivan

    Friday, February 15, 2019

    Hi, I am very interested, however, I would like to received information my Path to a Cybersecurity Career. what should I focus on. first what is the first exam to take. Thank you

  • Alireza ghahrood

    Sunday, February 17, 2019

    πŸ‘ŒπŸ½πŸ‘ŒπŸ½Im certified

  • Monday, February 18, 2019

    Hi, Ivan! Thanks for your question. Take a look at this article that outlines the full CompTIA Cybersecurity Career Pathway. It will show you how to start from the beginning and use certifications to guide your cybersecurity career. Good luck! https://certification.comptia.org/it-career-news/post/view/2017/09/27/the-comptia-cybersecurity-career-pathway-employable-skills-found-here

Leave a Comment

Boost your Career with a Certification

Find out more about our Certifications

How to get Certified

4 Steps to Certification

Already certified? Let us and others know!

Share Your Story