| certifications | cloud - Graeme Messina
Is the AWS Security Worth It?
The AWS Security certification is a speciality exam that is aimed at experienced cloud security pros. It allows you to show that you have the skills and knowledge to secure and lockdown the AWS platform. It brings important skills as they relate to security and safety as you operate an AWS instance in the cloud.
The exam covers a myriad of different skills and knowledge, including incident response, logging and monitoring. It also covers infrastructure security and identity as well as access management and data protection. The exam allows you to validate your competence and understanding of how data is classified, as well as data encryption, secure internet protocols, as well as the AWS tools to implement them.
Most importantly, it is the ultimate AWS security certs — even among all the individual cloud security certs available.
What is the AWS Security?
The AWS Security cert is designed as a way of teaching and validating skills as they relate to securing AWS workloads in the cloud. The exam validates many different skills that relate to security. It shows that you have an understanding of data classifications as they relate to AWS data protection mechanisms. A candidate that passes this exam shows that they understand how data encryption methods are implemented and how to secure internet protocols.
The exam also shows that you understand AWS security services and features that provide security within an AWS production environment. People that write this exam can generally expect to validate 2 years of experience working with AWS security. You will also learn how to price out products and decide what costs can be balanced against features when designing or suggesting system features.
What Does the AWS Security Exam Test?
The exam objectives of this certification cover quite a few different domains, all relating to security on the AWS platform. The full document containing all of the exam objectives can be found here.
- Domain 1: Incident Response – 12%
- Domain 2: Logging and Monitoring – 20%
- Domain 3: Infrastructure Security – 26%
- Domain 4: Identity and Access Management – 20%
- Domain 5: Data Protection – 22%
Domain 1: Incident Response: This section deals with issues relating to abuse notices, account breaches and compromised access keys. You must also show that you understand how to verify incident response plans as they relate to AWS services. You should also be able to evaluate and configure automated alerting systems, remediation of security incidents and emerging issues.
Domain 2: Logging and Monitoring: You will need to demonstrate that you know how to design and implement logging, monitoring and alerting in AWS. It also covers important issues about how to troubleshoot security monitoring as well as alerting. You must also be able to design and implement a logging solution and troubleshoot other logging solutions.
Domain 3: Infrastructure Security: You must know how to design edge security on the AWS platform. This section also covers designing and implementation of secure network infrastructure items, and also how to troubleshoot those systems. You should also design and implement host based security.
Domain 4: Identity and Access Management: You must design and implement a scalable authorization and authentication system to access AWS resources. You will also be tested on troubleshooting and authorization authentication systems that access AWS resources.
Domain 5: Data Protection: You should be able to design and implement key management, key management troubleshooting, design and implementation of data encryption solutions for data at rest and data in transit.
How Much Does the AWS Security Exam Cost?
The AWS Security exam costs $300 USD and is 170 minutes long. There are 65 questions in this exam which are of the multiple choice or multiple response types. The exam is scaled from 100 – 1000 and it requires that candidates achieve a score of 75% to 80%.
What Experience Do You Need for AWS Security?
In order to write this exam you need to already hold a Cloud Practitioner or Associate-level AWS certification. You should have at least 5 years of IT security experience where you have helped to design and implement security solutions. You should also have 2 years of practical experience working with and securing AWS systems and loads.
Who Should Take AWS Security?
Anyone that works in the AWS cloud space would benefit from writing this cert. This is because the exam touches on so many different areas that relate to AWS services as a whole. That means that you are likely to find that the security concepts that are covered will probably relate to your current role working with AWS technologies.
AWS Cloud Engineers
If you already work with AWS then you will find that this cert is an excellent way to guide you towards a more security focussed role. The exam is classified in the speciality category, which means that you will have to have a lot of experience working in AWS environments with security elements that you are responsible for. It is recommended that you have at least 5 years of IT security experience designing and implementing security solutions in order to fully prepare for this exam.
ZipRecruiter shows that the average salary for AWS Cloud Engineers averages at $130,977 per year. The role of Cloud Engineer is a generalized one, so earning the AWS Security cert is a great way to steer yourself towards a more security focused career path.
AWS Security Engineer
An AWS Security Engineer is responsible for designing and implementing security solutions. There are other security considerations to take into account as they relate to things like data classifications and policies like GDPR, CCPA and compliance in general. Earning the AWS Security cert will show others that you have the skills and knowledge to carry out security related tasks on the AWS platform.
Becoming an AWS Security Engineer requires a lot of experience in the field as well as certification. Salaries for this kind of role will vary on your level of experience, however the current range is around $100K to $162K per year according to glassdoor. Earning this certification will show that you have the knowledge that is needed to design, administer and implement security systems on AWS.
Is the AWS Security Worth It?
AWS is indeed worth it. It is not an easy certification but it certainly adds value to your skillset. If you are an AWS practitioner that needs to focus on security then this is an excellent certification to get. You will learn how to build and implement solutions that enhance the security of AWS instances.
Using AWS Security to Learn Skills
Even if you are already working in a role where you apply information security techniques to your day to day work you will still learn alot from this cert. Amazon has gone to great lengths to ensure that the most important elements of security are tested in the exam, which means that you will learn many new skills as you progress through the study material. This is a speciality cert so you can expect to be challenged quite often as you cover the exam study material. If you want to learn how an AWS instance should be secured then you will definitely accomplish that by preparing for this exam.
Using AWS Security to Validate Skills
If you are already responsible for working with AWS instances then you know about the basic security features that are in place when you provision new instances on the AWS platform. There is a lot more beneath the surface of each exam objective. Some of these subjects you may already know, however there are going to be some new items that will help you to understand how the configuration and setup ties into the rest of the AWS configuration. This cert is an excellent way to show your colleagues and management teams that you know how to work with AWS technologies and apply the best practices and recommendations that Amazon has developed.