Certified in Cloud Security Professional (CCSP)

As the true entry point to career excellence, a CCSP starts newcomers on their path to cloud security certifications and future leadership roles.

Why Certified in Cloud Security?

ISC2 and the Cloud Security Alliance (CSA) developed and launched the Certified Cloud Security Professional (CCSP) credential to build on ISC2’s Certified Information Systems Security Professional (CISSP) and CSA’s Certificate of Cloud Security Knowledge (CCSK). This standalone credential was designed to ensure that cloud security professionals have the required knowledge, skills, and experience in cloud security design, implementation, architecture, operations, controls, and compliance with regulatory frameworks. Since the co-development and launch of CCSP, ISC2 continues to maintain and update the exam and training materials to ensure ISO accreditation. A CCSP has the advanced technical skills and knowledge to design, manage and secure data, applications and infrastructure in the cloud using best practices, policies and procedures established by the cybersecurity experts at ISC2. A CCSP applies information security expertise to a cloud computing environment and demonstrates competence in cloud architecture, design, operations, data security, risk and compliance. This professional competence is measured against a globally recognized body of knowledge.

Target Audience

Experienced cybersecurity and IT/ICT professionals who are involved in transitioning to and maintaining cloud-based solutions and services. Roles include:

  • Cloud Architect
  • Chief Information Security Officer (CISO)
  • Chief Information Officer (CIO)
  • Chief Technology Officer (CTO)
  • Engineer/Developer/Manager
  • DevOps
  • Enterprise Architect
  • IT Contract Negotiator
  • IT Risk and Compliance Manager
  • Security Administrator
  • Security Analyst
  • Security Architect
  • Security Consultant
  • Security Engineer
  • Security Manager
  • Systems Engineer
  • SecOps


CCSP is relevant across all sectors and industries as broad movement to cloud computing is ongoing, including:

  • Banking, financial services, insurance (BFSI)
  • Cloud and Managed Service Providers
  • Energy
  • Engineering
  • Government
  • Healthcare
  • IT products, services, consulting
  • Pharma
  • Retail
  • Telecom

Required Experience

Candidates must have a minimum of 5 years’ cumulative paid work or paid/unpaid internship experience in information technology, of which 3 years must be in information security and 1 year in 1 or more of the 6 domains of the CCSP CBK. Earning CSA’s CCSK certificate can be substituted for 1 year of experience in 1 or more of the 6 domains of the CCSP CBK. Earning ISC2’s CISSP credential can be substituted for the entire CCSP experience requirement. A candidate who doesn’t have the required experience to become a CCSP may become an Associate of ISC2 by successfully passing the CCSP examination. The Associate of ISC2 will then have 6 years to earn the 5 years of required experience. Quick Read:
  • Requires 5 years’ professional IT experience
  • CCSK certificate holders must have 4 years’ experience
  • Candidates with less experience may become an Associate of ISC2 after successfully passing the exam

Exam Domains

  • Cloud Concepts, Architecture and Design
  • Cloud Data Security
  • Cloud Platform & Infrastructure Security
  • Cloud Application Security
  • Cloud Security Operations
  • Legal, Risk & Compliance

Exam Details

Exam Availability: English | Testing Centre: Pearson VUE

4 hr

Exam Length


Number of
Exam Items

Multiple Choice

Item Format


Passing Score


Course Fee
Exam Fee $890 (AUD)
“This course may be undertaken as a self paced program, which can be completed at your own pace, in your own time.”

Book a call with one of our skilled consultants to discuss your organisations specific requirements.


Steps to Certification


Obtain the required experience

See alternate Associate pathway for those who do not yet meet experience requirement


Take and Pass the Exam

Find a local Pearson VUE Test Center and register for the exam at www.pearsonvue.com/isc2


Complete the endorsement process

Get work experience endorsed by an ISC2 member within 9 months from exam date

Agree to the ISC2 Code of Ethics


Maintain membership

Earn and submit a minimum of 30 CPEs each year; 90 CPEs by the end of the 3-year recertification cycle Pay the annual maintenance fee of $125, due each year upon the anniversary of the certification date (if member holds more than one, whichever anniversary date comes first). Members only pay a single AMF of $125 regardless of how many certifications they hold.

Certified in Cloud Security Professional (CCSP)

Benefits of Certified in Cloud Security

For the Individual

Positioned as an authority figure on cloud security, proving proficiency to keep up with new technologies, developments and threats. Quickly conveys knowledge and inspires trust.

The highest standard for cloud security expertise. Powered by two leading nonprofits, it’s vendor-neutral, accredited and requires both practical knowledge and professional experience to earn.

Advanced knowledge and skills to stay ahead of cloud security best practices, evolving technologies and mitigation strategies.

Vendor-neutral and multivendor knowledge can be applied across a variety of cloud platforms, increasing marketability and ensuring ability to protect sensitive data in a global environment.

Helps practitioners expand into cloud services and win new business. Helps SMEs move into more strategic roles.

According to Certification Salary Survey 75 list, CCSPs reported an average
annual salary of USD $138,610 in the U.S., USD $127,010 worldwide.

For the Organisation

Reinforce risk and legal requirements through cloud contract and SLAs with cloud service providers.

Organizations seeking ISO 27000 certification benefit immensely from practitioners knowledgeable about ISO 27017/ 27018 cloud security standards.

Increase organizational integrity in the eyes of clients and other stakeholders.

Ensure work teams are up-to-date on evolving cloud technologies, threats and mitigation strategies by meeting (ISC)²’s Continuing Professional Education (CPE) requirements.