AOC 17X Designated Cyber Operations Officer

AOC Description

AOC 17X is for personnel classification only upon designation for Branch 17 to indicate the officer does not meet the AOC qualifications outlined in DA Pam 600-3. Upon completion of formal training or education the officer will be awarded AOC 17A. AOC 17X will not be used to code positions.

In addition to obtaining certifications in your field, advanced education is another way to enhance job performance.

Continuing Education

For those designated as part of the Cyberspace IT/Cybersecurity Workforce (Cyber IT/CSWF), continuing education may be required to maintain Cyber IT/CSWF certifications.  Resources for continuing education are provided below.

For help in making informed choices on schools and education programs when using tuition assistance, see:

Top
This is an official U.S. Army websiteUpdated: September 30, 2020

In Demand

This certification is considered in demand. The U.S. Department of Labor sponsored CareerOneStop's analysis indicates the certification is frequently mentioned in online job postings.

Click for external link to CareerOneStop's Credentials Center.

Skill Level

The Skill Level reflects the level, based on MOS training and/or experience, the Soldier should be the most prepared to successfully earn the credential. See the Table Legend for details about each level.

Star

Star credentials are MOS enhancing, as designated by the Proponent. MOS enhancing credentials are directly related to an MOS or ASI, are taught either partially or completely as part of a Program of Instruction (POI), and improves the MOS technical proficiency.

Mandatory

This credential is mandatory for some Soldiers, see the Mandated Certifications tab for more information.

Proponent Funded

Indicates the credential may have funding through the MOS proponent. Some proponents offer credentialing opportunities in conjunction with military training and/or as part of MOS development beyond the training base. Click here for more information.

CA Eligible

This certification is eligible for CA.

GI Bill®

Reimbursement for exam fees has been approved for payment through the GI Bill.

Note: GI Bill approval data is updated quarterly. For the latest information, visit the WEAMS Licenses/Certifications Search page. Make sure to select "Both" in the LAC Category Type drop-down before searching.

Click to go to the external link for GI Bill licensing and certification information.

Some

Credential is related to some tasks associated with the duties of the military occupation (at least one critical task but less than 80%)

Most

Credential is directly related to most of the major duties associated with the military occupation (at least 80%)

Other

Credential is related to this military occupation, but is more advanced or specialized and therefore will likely require additional education, training, or experience

Click here to go to CompTIA Network+ ce COOL Snapshot page.

Renewal Period: 3 years

Computing Technology Industry Association (CompTIA), Network+ ce is an intermediate skill level certification for IT technicians who can describe the features and functions of networking components and manage, maintain, troubleshoot, install, operate and configure basic network infrastructure. In addition, certification holders have a basic understanding of enterprise technologies, including cloud and virtualization technologies. Network+ ce is appropriate for computer network technicians, engineers, analysts and administrators. Although not a prerequisite, it is recommended that CompTIA Network+ ce candidates have at least nine months of experience in network support or administration or academic training, along with a CompTIA A+ ce certification.
Click here to go to Certified Information Systems Security Professional (CISSP) COOL Snapshot page.

Renewal Period: 3 years

The International Information Systems Security Certification Consortium, Inc. (ISC 2), Certified Information Systems Security Professional (CISSP) is an advanced skill level certification for experienced security practitioners, managers and executives interested in proving their knowledge across a wide array of security practices and principles. Candidates must have a minimum of five years cumulative paid work experience in two or more of the eight domains of the CISSP CBK. Earning a four-year college degree or regional equivalent or an additional credential from the (ISC)² approved list will satisfy one year of the required experience. Education credit will only satisfy one year of experience.
Click here to go to GIAC Certified Incident Handler (GCIH) COOL Snapshot page.

Renewal Period: 4 years

The Global Information Assurance Certification (GIAC), Certified Incident Handler (GCIH) is an intermediate skill level credential for professionals responsible for handling and responding to incidents. The GCIH certifies the ability to detect, respond to, and resolve computer security incidents using a wide range of essential security skills. GCIHs know how to manage security incidents by understanding common attack techniques, vectors and tools, as well as defend against and respond to such attacks when they occur. There are no prerequisites for this certification. Candidates must pass a written exam.

Click here to go to GIAC Certified Intrusion Analyst (GCIA) COOL Snapshot page.

Renewal Period: 4 years

The Global Information Assurance Certification (GIAC), Certified Intrusion Analyst (GCIA) is an advanced skill level credential that demonstrates a professional’s knowledge, skills, and abilities to configure and monitor intrusion detection systems, and to read, interpret, and analyze network traffic and related log files. There are no prerequisites for the GCIA certification. Candidates must pass a written exam.

Click here to go to GIAC Security Expert (GSE) COOL Snapshot page.

Renewal Period: 4 years

The Global Information Assurance Certification (GIAC), GIAC Security Expert (GSE) is an advanced skill level certification for top security consultants and practitioners that is targeted to those pursuing an in-depth technical education in all areas of information security. Candidates must successfully complete three GIAC certifications with at least one Gold designation prior to earning the GSE. There are multiple combinations of prerequisite GIAC certification that will meet the eligibility requirements. In addition, candidates must have real world, hands on experience in relevant subject areas. Candidates must pass a written exam.
Click here to go to GIAC Security Essentials Certification (GSEC) COOL Snapshot page.

Renewal Period: 4 years

The Global Information Assurance Certification (GIAC), Security Essentials (GSEC) is an intermediate level certification that verifies a practitioner's knowledge of information security beyond basic terminology and concepts. GSECs are qualified to perform security-related hands-on IT systems roles. There are no prerequisites for the GSEC certification. Candidates must pass a written exam.

Click here to go to Systems Security Certified Practitioner (SSCP) COOL Snapshot page.

Renewal Period: 3 years

The International Information Systems Security Certification Consortium, Inc. (ISC)², Systems Security Certified Practitioner (SSCP) is an intermediate skill level certification for individuals involved in network and systems security administration responsible for developing the information security policies, standards, and procedures. Candidates manage implementation across various hardware and software programs in their organization. The SSCP is targeted toward those working towards positions such as Network Security Engineers, Security Systems Analysts, or Security Administrators. It is also appropriate for personnel in other non-security disciplines that require an understanding of security but do not have information security as a primary part of their job description, including information systems auditors; application programmers; system, network and database administrators; business unit representatives, and systems analysts. Candidates must meet work experienve requirements to be eligible for the SSCP exam. Candidates must pass a written exam.
Click here to go to CompTIA Security+ ce COOL Snapshot page.

Renewal Period: 3 years

Computing Technology Industry Association (CompTIA), Security+ ce certification designates knowledgeable professionals in the field of IT security. Security+ ce is an entry-level certification that demonstrates a candidates knowledge and skills required to install and configure systems to secure applications, networks, and devices; perform threat analysis and respond with appropriate mitigation techniques; participate in risk mitigation activities; and operate with an awareness of applicable policies, laws, and regulations. The successful candidate will perform these tasks to support the principles of confidentiality, integrity, and availability. It is recommended that candidates hold the Network+ and two years of experience in IT administration with a security focus.
Click here to go to CERT - Certified Computer Security Incident Handler (CSIH) COOL Snapshot page.

Renewal Period: 3 years

The CERT-Certified Computer Security Incident Handler (CSIH) certification program is targeted to computer network incident handling professionals, computer security incident response team (CSIRT) members and technical staff, system and network administrators with incident handling experience, incident handling trainers and educators, and cyber security technical staff. One or more years of experience in incident handling and/or equivalent security-related experience.
Click here to go to Certified Ethical Hacker (CEH) COOL Snapshot page.

Renewal Period: 3 years

The International Council of Electronic Commerce Consultants (EC-Council), Certified Ethical Hacker (CEH) program certifies professionals who are responsible for securing (or testing the security of) computer networks from a vendor-neutral perspective. A Certified Ethical Hacker understands how to look for the weaknesses and vulnerabilities in networks and/or computer systems, and, lawfully and at the request of an organization, uses the same tools as a malicious hacker. The CEH is appropriate for security officers, auditors, security professionals, site administrators, and others who may be concerned about the integrity of their organizations network infrastructure. Candidates must pass a written exam.
Click here to go to Cisco Certified Network Professional (CCNP) Security COOL Snapshot page.

Renewal Period: 3 years

Cisco Systems, Inc., Cisco Certified Network Professional Security (CCNP Security) is a professional-level certification for candidates in job roles in security technologies. To earn the CCNP security, candidates must pass two exams: a core exam and a concentration exam of the candidate's choice. The core exam focuses on knowledge of security infrastructure. The concentration exams focus on emerging and industry-specific topics. There are no formal prerequisites to sit for the CCNP Security exams; however, it is recommended that candidates have a three to five years of experience implementing security solutions.
Click here to go to GIAC Certified Penetration Tester (GPEN) COOL Snapshot page.

Renewal Period: 4 years

The Global Information Assurance Certification (GIAC), Certified Penetration Tester (GPEN) is an advanced level certification that demonstrates a professional’s ability to use best practice techniques and methodologies to conduct a penetration test. GPEN's are responsible for assessing target networks and systems to find security vulnerabilities and have the knowledge and skills to conduct exploits and engage in detailed reconnaissance and to employ a process-oriented approach to penetration testing projects. Candidates must pass a written exam.

Click here to go to CompTIA Advanced Security Practitioner (CASP+) COOL Snapshot page.

Renewal Period: 3 years

The CompTIA Advanced Security Practitioner (CASP+) certification is targeted to individuals with advanced-level security skills and knowledge. The CASP+ exam is designed to verify an applicant’s knowledge and skill in the areas of enterprise security, risk management, research and analysis, and the integration of computing, communications, and business disciplines. Although there are no required pre-requisites, the CASP+ certification is intended to follow the CompTIA Security+ certification as the next step in security certifications. A minimum of 10 years of experience in IT administration with at least 5 years in hands-on technical security experience is recommended.
Click here to go to GIAC Certified Enterprise Defender (GCED) COOL Snapshot page.

Renewal Period: 4 years

The Global Information Assurance Certification (GIAC), Certified Enterprise Defender (GCED) is an advanced level certification that builds on the security skills measured by the GIAC Certified Security Essentials certification (GSEC). It demonstrates high level technical skills necessary to defend the enterprise environment and protect an organization overall. Knowledge, skills and abilities assessed are taken from the areas of defensive network infrastructure, packet analysis, penetration testing, incident handling, and malware removal. There are no prerequisites for this certification and no education or experience requirements that must be met. Candidates must pass a written exam.

Click here to go to GIAC Reverse Engineering Malware (GREM) COOL Snapshot page.

Renewal Period: 4 years

Global Information Assurance Certification (GIAC), Reverse Engineering Malware (GREM) is an advanced level certification designed for candidates who possess the knowledge and skills to analyze and reverse-engineer malicious software that targets common platforms, as well as how to examine inner-workings of malware in the context of forensic investigations, incident response, and Windows system administration. GREM is targeted toward System and Network Administrators, Auditors, Security Consultants, and Security Managers responsible for protecting an organization from malicious code. GREM does not require any prerequisites or specific training. GREM candidates are required to pass a written exam.
Click here to go to GIAC Certified Forensic Examiner (GCFE) COOL Snapshot page.

Renewal Period: 4 years

The Global Information Assurance Certification (GIAC), Certified Forensic Examiner (GCFE) is an intermediate level certification for professionals who need or want to understand computer forensic for work in the information security, legal and law enforcement industries. The GCFE focuses on core skills required to collect and analyze data from Windows computer systems. It demonstrates that candidates have the skills necessary to conduct typical incident investigations, including e-Discovery, forensic analysis and reporting, evidence acquisition, browser forensics and tracing user and application activities on Windows systems. There are no formal education or experience requirements associated with the GCFE certification. Candidates must pass a written exam.

Click here to go to GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) COOL Snapshot page.

Renewal Period: 4 years

Global Information Assurance Certification (GIAC), Exploit Researcher and Advanced Penetration Tester (GXPN) is an advanced level certification for security personnel whose job duties involve assessing target networks, systems, and applications to find vulnerabilities. GXPN recognizes candidates who have the knowledge, skills, and ability to conduct advanced penetration tests, to model the abilities of an advanced attacker to find significant security flaws in systems, and to demonstrate the business risk associated with these flaws. GXPN does not require any prerequisites or specific training. GXPN candidates are required to pass a written exam.
Click here to go to GIAC Critical Controls Certification (GCCC) COOL Snapshot page.

Renewal Period: 4 years

Global Information Assurance Certification (GIAC), Critical Controls Certification (GCCC) is an advanced level certification that recognizes a candidate's knowledge and skills for implementing and executing the Critical Security Controls, an approach to security recommended by the Council on Cybersecurity, and for performing audits based on the standard. GCCC candidates must have a solid understanding of the philosophies and driving forces behind the creation of the Controls, the scope of the Controls, and how the Controls can be used to prioritize information security controls based on community risk assessment efforts. Candidates must also have an understanding of how the Controls relate to other information assurance standards and can be used to meet the goals of those standards. GCCC is designed for security professionals, auditors, Chief Information Officers (CIOs), and risk officers who want to demonstrate their ability to assess and implement the Top Critical Security Controls. GCCC does not require any prerequisites or specific training. GCCC candidates are required to pass a written exam.
Click here to go to GIAC Continuous Monitoring Certification (GMON) COOL Snapshot page.

Renewal Period: 4 years

Global Information Assurance Certification (GIAC), GIAC Continuous Monitoring Certification (GMON) is an advanced level certification for security architects, engineers, analysts, and managers who assess and implement defensible security architecture and continuous security monitoring. GMON candidates must be able to securely architect a network that is resistant to breaches and lends itself to monitoring and monitor, analyze, and detect threats and anomalies on the network. GMON does not require any prerequisites or specific training. GMON candidates are required to pass a written exam.
Click here to go to GIAC Python Coder (GPYC) COOL Snapshot page.

Renewal Period: 4 years

The Global Information Assurance Certification (GIAC), GIAC Python Coder (GPYC), certification validates a practitioner's understanding of core programming concepts, and the ability to write and analyze working code using the Python programming language. GPYC practitioners have demonstrated knowledge of common python libraries, creating custom tools, collecting information about a system or network, interacting with websites and databases, and automating testing. GPYC is ideal for Information security professionals; Python developers; Forensic analysts; Network detectors; and Penetration testers. There are no prerequisites to be eligible for the exam. Candidates must pass a written exam.
Click here to go to CompTIA Cybersecurity Analyst (CySA+) COOL Snapshot page.

Renewal Period: 3 years

The CompTIA, Cybersecurity Analyst (CySA+) uses continuous security monitoring to apply behavioral analytics to devices and networks to prevent, detect and combat cybersecurity threats. CySA+ certification validates that the professional has the knowledge and skills required to  leverage threat detection techniques and intelligence, find and address vulnerabilities, analyze and interpret data, recommend preventative actions, and successfully respond to and recover from incidents. While there is no required prerequisite, CySA+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus. Candidates must pass a written exam.
Click here to go to CyberSec First Responder (CFR) COOL Snapshot page.

Renewal Period: 3 years

CertNexus, CyberSec First Responder (CFR) is a mid-level certification for security professionals who are the first responders against cyber attacks. Candidates should be able to identify, respond to, protect against, and remediate malicious activities involving computing systems. Additionally, candidates should have the foundational knowledge to deal with a changing threat landscape and will be able to assess risk and vulnerabilities, acquire data, perform analysis, continuously communicate, determine scope, recommend remediation actions, and accurately report results. While there are no formal education or experience prerequisites, the certification is targeted to professionals with three to five years of experience working in a computing environment as part of a CERT/CSIRT/SOC who desire or are required to protect critical information systems before, during, and after an incident which may be a cybersecurity attack.
Click here to go to Certified Network Defender (CND) COOL Snapshot page.

Renewal Period: 3 years

The International Council of Electronic Commerce Consultants (EC-Council), Certified Network Defender (CND) certification program focuses on creating Network Administrators who are trained to protect against, detect, and respond to network threats. Network administrators are typically familiar with network components, traffic, performance and utilization, network topology, location of each system, security policy, etc. CNDs  demonstrate fundamental understanding of the true construct of data transfer, network technologies, software technologies, network operations, what software is automating and how to analyze the subject material. Candidates must meet training or experience requirements. Candidates must pass a written exam.
Click here to go to CompTIA PenTest+ COOL Snapshot page.

Renewal Period: 3 years

The CompTIA PenTest+ certification verifies that successful candidates have the knowledge and skills required to plan and scope an assessment, understand legal and compliance requirements, perform vulnerability scanning and penetration testing, analyze data, and effectively report and communicate results. Candidates are recommended to have Network+, Security+ or equivalent knowledge and a minimum of 3-4 years of hands-on information security or related experience. While there is no required prerequisite, PenTest+ is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus.
Click here to go to Cisco Certified DevNet Associate COOL Snapshot page.

Credential description coming soon.
Click here to go to Cisco Certified DevNet Professional COOL Snapshot page.

Credential description coming soon.

High

Highly attainable: Credential is related to the duties performed within the military occupation, the minimum education requirement = HS or less and/or minimum experience = 2 years or less experience and no additional requirements.

Medium

Moderate ease of attainment: Credential is related to the duties performed within the military occupation, the minimum education requirement = Associate's and/or prerequisite and/or minimum experience = more than 2 years and less than 10 years of experience.

Low

May be difficult to attain: Credential is related to the duties performed within the military occupation, the minimum education requirement is a Bachelor's degree, and/or minimum experience is 10 or more years.

Most – Tasks in these careers match most duties of the military job or specialty (approximately 80% or greater)
Some – Tasks in these careers match some duties of the military job or specialty (greater than 20% but less than 80%)
Bright Outlook – new job opportunities are very likely in the future for this job

Registered Apprenticeship

An apprenticeship program is registered with the U.S. Department of Labor. Go to the Apprenticeship Finder and enter career path or location to find apprenticeship opportunities.

Click here for the external link to: My Next Move for Veterans - Chief Executives
Click here for the external link to: My Next Move salary info for Chief Executives

Bright Outlook – new job opportunities are very likely in the future for this job

Click here for external link to: My Next Move for Veterans State Map for Chief Executives

Click here for the external link to: My Next Move for Veterans - Computer and Information Systems Managers
Click here for the external link to: My Next Move salary info for Computer and Information Systems Managers

Bright Outlook – new job opportunities are very likely in the future for this job

Click here for external link to: My Next Move for Veterans State Map for Computer and Information Systems Managers

Click here for the external link to: My Next Move for Veterans - Computer Network Support Specialists
Click here for the external link to: My Next Move salary info for Computer Network Support Specialists

Bright Outlook – new job opportunities are very likely in the future for this job

Click here for external link to: My Next Move for Veterans State Map for Computer Network Support Specialists

Click here for the external link to: My Next Move for Veterans - Information Security Analysts
Click here for the external link to: My Next Move salary info for Information Security Analysts

Bright Outlook – new job opportunities are very likely in the future for this job

Click here for external link to: My Next Move for Veterans State Map for Information Security Analysts

Click here for the external link to: My Next Move for Veterans - Network and Computer Systems Administrators
Click here for the external link to: My Next Move salary info for Network and Computer Systems Administrators

Bright Outlook – new job opportunities are very likely in the future for this job

Click here for external link to: My Next Move for Veterans State Map for Network and Computer Systems Administrators

This credential has been accredited by:
This credential has been accredited by: