What is the DoD CSSP (cyber security service provider)?

The DoD Cyber Security Service Provider (CSSP) is a certification issued by the United States Department of Defense (DoD) that indicates a candidate’s fitness for the DoD Information Assurance (IA) workforce. CSSP certifications are dependent on job role and require completing a third-party certification and DoD-specific training and requirements. This guide will describe the various job-specific CSSP certifications, the requirements for achieving each version, and the third-party certifications that are accepted for each job role.

Save on DoD 8570 training

Certification boot camps available for every position category, specialty and level.

Learn More

What are the CSSP levels?

The DoD Cyber Security Service Professional levels are broken out by job role. The five possible roles for a holder of a DoD CSSP certification include:

• Analyst
• Infrastructure support
• Incident responder
• Auditor
• Service provider manager

What are the DoD CSSP requirements?

The majority of requirements for a certified DoD CSSP are the same across all job roles. However, the amount of recommended experience varies by job role, and the service provider manager is exempt from some of the requirements.

• Initial training: All CSSP job roles require initial training – in-class, distributed, blended, government and commercial provider options are all acceptable
• CSSP certification: All CSSP roles require earning a CSSP certification within six months
• OJT evaluation: The analyst, infrastructure support, incident responder and auditor job roles are required to complete on-the-job training evaluations
• CE certifications: The analyst, infrastructure support, incident responder and auditor job roles are required to complete a Computing Environment (CE) certification
• Maintaining certification status: All CSSP job roles are required to maintain their certification based on the requirements of their particular certification
• Continuing education: All CSSP job roles must fulfill their certification’s continuing education requirements
• Background investigation: Applicants may need to undergo a background investigation based upon their IA level (computer environment, network environment or enclave) and the requirements outlined in DoDI 8500.2
• Signed privileged access statement: CSSP auditors, infrastructure support, incident responders and auditors must sign a privileges access statement
• Experience: Experience varies based on job role:
  • Auditor: Two years in CSSP technology or related field
  • Infrastructure support: At least four years supporting CSSP and/or network systems and technology
  • Incident responder: five years in CSSP technology or related field
  • Auditor: two years in CSSP technology or related field
  • Manager: At least four years in CSSP management or related field

What are the DoD CSSP certifications?

Certified DoD CSSPs have a choice between different third-party certifications to fulfill their requirements. The certifications accepted depend on the job role sought (analyst, infrastructure support, incident responder, auditor or manager). The certification requirement for the CSSP Analyst job role provides the largest choice of options for a prospective candidate:

• EC Council Certified Ethical Hacker (CEH)
• CompTIA Pentest+
• Logical Operations Inc. CyberSec First Responder (CFR)
• CompTIA Cybersecurity Analyst (CySA+)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Certified Incident Handler (GCIH)
• GIAC Global Industrial Cyber Security Professional (GICSP)
• Cisco Cybersecurity Specialty Certification (SCYBER)

The certification options for CSSP Infrastructure Support applicants include:

• EC Council Certified Ethical Hacker (CEH)
• CompTIA Cybersecurity Analyst (CySA+)
• GIAC Global Industrial Cyber Security Professional (GICSP)
• (ISC)2 System Security Certified Practitioner (SSCP)

The certification options for CSSP Incident Responders include:

• EC Council Certified Ethical Hacker (CEH)
• CompTIA Pentest+
• Logical Operations Inc. CyberSec First Responder (CFR)
• CompTIA Cybersecurity Analyst (CySA+)
• GIAC Certified Forensic Analyst (GCFA)
• GIAC Certified Incident Handler (GCIH)
• Cisco Cybersecurity Specialty Certification (SCYBER)

The certification options for CSSP Auditors include:

• EC Council Certified Ethical Hacker (CEH)
• CompTIA Pentest+
• CompTIA Cybersecurity Analyst (CySA+)
• ISACA Certified Information System Auditor (CISA)
• GIAC Systems and Network Auditor (GSNA)

CSSP Managers have fewer options:

• ISACA Certified Information Security Manager (CISM)
• (ISC)2 Certified Information Systems Security Professional-Information Systems Security Management Professional (CISSP-ISSMP)

The number of options may seem overwhelming, but narrowing down to a targeted position may help. From there, experience level and certification focus are good deciding factors.

For example, the EC Council’s Certified Ethical Hacker (CEH) or CompTIA’s CompTIA Cybersecurity Analyst (CySA+) are worth a look as they are accepted for any role except CSSP Manager.

Save on DoD 8570 training

Certification boot camps available for every position category, specialty and level.

Learn More

Final thoughts on the DoD CSSP

The DoD CSSP certification demonstrates a worker is qualified for work as part of the IA workforce. The CSSP certification is broken up by job role (analyst, infrastructure support, incident responder, auditor and manager) and the primary requirement is that an applicant completes and maintains the requirements for an external certification relating to the selected field. For each job role, the DoD provides at least two options for certification.