How to Get DOD 8570 Certification for IT Security Jobs

Considering a cybersecurity role with the Department of Defense or government contractor? Then getting DoD 8570 certification is likely required.

The DoD 8570 directive sets baseline standards for technical and management information security roles. Obtaining approved certs demonstrates your skills in protecting critical defense infrastructure and information systems.

But what certifications does 8570 actually mandate? How do you get compliant? This guide will walk through key steps for acquiring the right credentials for DoD cyber jobs.

What is DoD 8570?

DoD 8570 formally titled “Information Assurance Workforce Improvement Program”, provides cyber workforce guidelines for the Department of Defense.

Specifically, it sets required baseline certifications that Defense Department employees and contractors must hold to perform certain technical or specialized IA (Information Assurance) job functions.

These include roles like

• Information Systems Security Engineers
• Database Administrators
• Network Architects
• Software Developers
• IT Project Managers
• And more

Requiring approved certs ensures those serving in crucial security positions have verified skills to execute missions safely and effectively,

So if you want an IT or cybersecurity job with the DoD, you must obtain proper 8570 certification for your role.

Understanding 8570 IAT Levels

8570 establishes 3 Information Assurance Technical (IAT) workforce levels with corresponding certification requirements:

• IAT Level I – Basic IT roles like computer operators. 1 approved CE certificate required.
• IAT Level II – More advanced IT roles like sysadmins, security architects. 1 CE and 1 specialty cert required.
• IAT Level III – Senior technical authority positions. 1 CE and 2 specialty certs required.

Higher levels have higher education and experience expectations. IAT-II is likely needed for many DoD IT positions.

You must have the right IA certs for your desired occupation and responsibility level. Having too few or unapproved certs makes you non-compliant.

DoD 8570 Approved Certifications

Not all certifications meet 8570 directive requirements. There is a specific list of CE (Computing Environment) and specialty certs for each IAT level.

Examples of Approved Certs:

IAT Level I

• CompTIA Security+
• SSCP

IAT Level II

• CySA+
• GICSP
• CASP+
• CCNA Cyber Ops
• GCED
• CISM

IAT Level III

• CISSP
• CISA
• CISM
• GSLC

View the full DoD Approved 8570 Certifications List for all accepted credentials.

Aim for current security certs that align with your desired occupation’s assigned IAT level.

Which Certifications Should You Get?

Choosing which exact certifications to pursue depends on:

• Your specific IT/IA role – Required IAT level and relevant skills/knowledge
• Job role requirements – Certain cyber positions mandate specific certifications
• Your experience level – Select credentials fitting your background
• Exams vs courses – Some credentials involve classes and coursework rather than exams

For example, an experienced systems admin role may require Security+, CySA+, and CISSP to hit IAT Levels I and III.

Review role requirements carefully and obtain the correct certs demonstrating your qualifications.

How to Get DoD 8570 Certification

Once you know which credentials are required, here are general steps to get certified:

• Choose an accredited program – Many organizations like CompTIA or ISC2 offer 8570 approved credential programs.

• Enroll in a prep course (optional) – Complete a certification training program to acquire knowledge needed to pass exams.

• Study exam objectives – Use current exam outlines from vendors to guide self-study if not taking a course.

• Register for the exam(s) – Schedule your certification test(s) at an authorized testing center.

• Take and pass the exam – You must achieve minimum score to earn certification.

• Maintain your cert – Keep up with renewal requirements to prevent expiration every 1-3 years.

Give yourself adequate prep time of 2-6 months depending on exam difficulty and your experience. Patience and dedication will pay off.

Where Can You Get 8570 Certification Training?

Many accredited vendors provide training programs, bootcamps, and prep materials to help you pass DoD approved certifications:

• Cybrary – Online cybersecurity and IT training platform with 8570 aligned courses.

• CompTIA – Leading provider of baseline InfoSec credentials like Security+, CySA+, PenTest+, etc.

• ISC2 – Offers respected CISSP, SSCP, CCSP, and other IA certifications.

• ISACA – Provides CISM and CISA training and certification for management roles.

• GIAC – Specialized certs like GSEC and GCED meet 8570 compliance.

Combining quality instruction with diligent self-study gives you the knowledge foundation and exam confidence needed to earn required certifications.

Maintaining DoD 8570 Compliance

To stay compliant once certified:

• Renew credentials before expiration dates every 1-3 years

• Earn enough CPEs (Continuing Professional Education credits)

• Report certification status changes to your employer

• Review 8570 directive updates for new additions or retirements

• Cross-train and add certs as you advance in your career

Meeting CPE requirements through ongoing training demonstrates you stay current in your field. Don’t let hard-earned certs lapse.

What is CE Certification?

Within DoD 8570, CE refers to Computing Environment certifications that establish:

• Foundation IT skills for managing systems and networks
• Core understanding of general cybersecurity concepts
• Ability to identify and resolve common security issues

Examples are CompTIA IT Fundamentals+, A+, Network+, Security+. These validate basic expertise for IAT Level I roles before pursuing specialized IA credentials.

Why is 8570 Certification Important?

Holding the right DoD 8570 certs for your position proves:

• You have key skills and cyber knowledge required for the job
• An accredited organization validated your expertise via examination
• You will help the agency/contractor securely fulfill crucial IT missions

Mandatory certification protects the country by verifying those charged with safeguarding critical infrastructure and information actually have the ability to do so properly.

In closing, carefully research what DoD 8570 approved certifications match your desired occupation and responsibility level. Look for authorized credential programs and training to help you gain mandatory qualifications for exciting and meaningful work in defense IT and cybersecurity.