Security Training Scholarship 

In partnership with the SANS Institute, WiCyS is proud to offer the Security Training Scholarship made possible by Google, Bloomberg, Meta, and Craig Newmark Philanthropies. 

Applications open July 20 – August 21, 2022

 

The WiCyS Security Training Scholarship made possible by Google, Bloomberg, Meta, and Craig Newmark Philanthropies is a multi-staged scholarship opportunity for WiCyS members. Those selected will participate in a reliable pathway to launch and advance in their cybersecurity careers through skills development. The focus of this scholarship is to award WiCyS members who are seeking cybersecurity employment within the next 1.5 years. The program is designed for students and/or career changers!

Build and leverage the power of community. During each stage of the scholarship, a cohort is established with mentors and peers to help guide and support recipients. This powerful network will be there through every step of the scholarship experience to lean in on. The collective strength of all involved is priceless. 

Graduates of the program will be ready to pursue careers in cybersecurity!

Stage 1: SANS Beginner-level CTF

August 25 at 9am CT to August 28 at 5pm CT

All eligible applicants will be invited to participate in the SANS Beginner-level CTF. This beginner-level CTF is a fun and exciting way to practice cybersecurity skills in a friendly environment. This multi-disciplined Capture the Flag system has over 28 content packs and a variety of engaging challenges for participants to discover their strengths, while challenging their limits. If new to cybersecurity, Beginner-level CTF is a great place to start as it teaches while challenges are being solved with an integrated hint system.

At the end of Stage 1: 250 candidates will advance to Stage 2

Next Stage/Stage 2  Selection Criteria:

  • Application essay
  • Performance and Engagement in SANS Beginner-level CTF
  • Community engagement in cohort

Stage 2: CyberStart Game

September 8 at 11am CT to November 1 at 11am CT

250 recipients will be invited to participate in the SANS CyberStart Game. This will give participants a chance to demonstrate (and discover) their passion for cybersecurity in an interactive, gamified learning platform. CyberStart Game introduces participants to such topics such as Linux, web attacks, programming, forensics, and more. Full of challenges that will test the persistence and research needed when facing authentic cybersecurity tasks, CyberStart Game builds up participants’ technical skills and creative thinking.

Players become an agent for the virtual Cyber Protection Agency, where they embark on stopping criminal gangs who are using their cyber skills to do damage online. Agents must use various defensive tactics to thwart these cyber criminals’ attempts. The rich narrative, well-designed challenges and user-centric progress system is designed to enable participants to work at their own pace. All players can will earn points as well as dozens of badges to collect as they progress through the Game.

At the end of Stage 2: 100 candidates will advance to Stage 3

Next Stage/Stage 3  Selection Criteria:

  • Application essay
  • Performance during CyberStart Game
  • Community engagement in cohort

Stage 3: CyberGen IQ Assessment

November 9 at 11am CT to November 14 at 11am CT

100 recipients will be invited to participate in the CyberGen IQ. Assessment This will measure participant’s technical aptitude for cybersecurity learning and fundamental skills to gauge potential for moving into the next stage of the program.

At the end of Stage 3: 60 candidates will advance to Stage 4

Next Stage/Stage 4  Selection Criteria:

  • Performance in  CyberGen IQ Assessment
  • Community engagement in cohort

Stage 4: SEC275/Foundations + GFACT

November 30- January 31

60 recipients will be invited to participate in the SEC275/Foundations course + GFACT certification exam. This is an online interactive hands-on learning program that includes 59 modules of foundational material without which students generally struggle in advanced cybersecurity training and in technical cybersecurity roles. Participants will acquire strong understanding of devices and networks work while rapidly progressing into the key concepts of protecting digital components. Additionally, the fundamentals of Windows, Linux and programming in two languages widely used by cybersecurity professionals are taught. The course culminates with active labs that introduce key cybersecurity tools, exploits and mitigation techniques.

These 60 recipients will also be invited to complete the GFACT certification. This certification validates a practitioner’s knowledge of essential foundational cybersecurity concepts. GFACT-certified professionals are familiar with practical skills in computers, technology, and security fundamentals that are needed to kickstart a career in cybersecurity.

At the end of Stage 4: 60 recipients will be invited to participate in the SANS SEC275: Foundations course + GFACT certification exam.

Next Stage/Stage 5  Selection Criteria:

  • Successful completion of Stage 4
  • Community engagement in cohort

Stage 5: Course 2 (SEC401/GSEC) and Course 3 (SEC504/GCIH)

February 1- May 18

These 60 recipients will dive deeper into their cybersecurity coursework by continuing in advanced SANS training courses along with the opportunity to complete additional certifications.

Course 2: SEC401 Course + GIAC Security Essentials (GSEC) certification

SEC401 is an interactive hands-on training course. The following is a sample of the lab activities that students will carry out:

  • Set up a virtual lab environment
  • Conduct tcpdump network analysis
  • Use Wireshark to decode network traffic
  • Crack passwords
  • Use hashing to verify the integrity of digital evidence
  • Analyze networks with hping3 and Nmap
  • Steganography
  • Secure and audit a Windows system against a security template

The GIAC Security Essentials (GSEC) certification validates a practitioner’s knowledge of information security beyond simple terminology and concepts. GSEC certification holders are demonstrating that they are qualified for hands-on IT systems roles with respect to security tasks.

  • Active defense, defense in depth, access control & password management
  • Cryptography: basic concepts, algorithms and deployment, and application
  • Defensible network architecture, networking & protocols, and network security
  • Incident handling & response, vulnerability scanning and penetration testing
  • Linux security: structure, permissions, & access; hardening & securing; monitoring & attack detection; & security utilities
  • Security policy, contingency plans, critical controls and IT risk management
  • Web communication security, virtualization and cloud security, and endpoint security
  • Windows: access controls, automation, auditing, forensics, security infrastructure, & securing network services

Course 3: SEC504 Course + GIAC Certified Incident Handler (GCIH) certification OR Equivalent Elective aligned with Career Goals

SEC504 is for individuals who lead or are a part of an incident handling team. General security practitioners, system administrators, and security architects will benefit by understanding how to design, build, and operate their systems to thwart attacks. Participants will learn:

  • How to best prepare for an eventual breach
  • The step-by-step approach used by many computer attackers
  • Proactive and reactive defenses for each stage of a computer attack
  • How to identify active attacks and compromises
  • The latest computer attack vectors and how you can stop them
  • How to properly contain attacks
  • How to ensure that attackers do not return
  • How to recover from computer attacks and restore systems for business
  • How to understand and use hacking tools and techniques
  • Strategies and tools to detect each type of attack
  • Application-level vulnerabilities, attacks, and defenses
  • How to develop an incident handling process and prepare a team for battle
  • Legal issues in incident handling

The GIAC Certified Incident Handler (GCIH) certification validates a practitioner’s ability to detect, respond, and resolve computer security incidents using a wide range of essential security skills. GCIH certification holders have the knowledge needed to manage security incidents by understanding common attack techniques, vectors and tools, as well as defend against and respond to such attacks when they occur. Areas covered are:

  • Incident Handling and Computer Crime Investigation
  • Computer and Network Hacker Exploits
  • Hacker Tools (Nmap, Nessus, Metasploit and Netcat)

2022 – 2023 Cohort Timeline 

July 20: Applications Open

August 21: Applications Close

August 24: Notifications for Stage 1 Acceptance Distributed

August 25-28: SANS Beginner-level CTF

September 6: Notifications for Stage 2 Acceptance Distributed

September 7 at 8pm CT: Stage 2 Welcome Webinar

September 8: CyberStart Game Starts

November 1: CyberStart Game Ends

November 4 at 4pmCT: Ask Me Anything w/ Bloomberg

November 7 by 5pm CT: Notifications for Stage 3 Acceptance Distributed

November 9-14: Stage 4 Application and CyberGen IQ

November 18 by 5pm CT: Notifications for Stage 4 Acceptance Distributed

November 30: SEC275/ SANS Foundations Begins

TBD Welcome Scholarship Recipients Webinar

January 31: SEC275/SANS Foundations ends + GFACT

February 1: Stage 5 -First Course Begins

March 15: Stage 5 – First Course Ends

March16-18: WiCyS Conference

March 16: Stage 5 – Second Course Begins

May 18: Stage 5 – Second Course Ends

2020-2021 Security Training Scholarship

HIGHLIGHTS

The trifecta of WiCyS Strategic Partners are excited to join forces to make an impact on the WiCyS community!

Placement Updates:

 

  • A. Rawles – Southwest Airlines, Associate Technology Analyst
  • B. Tripathi – Ernst & Young, job offer in progress for US sponsorship
  • J. Kong – Slipstream Cybersecurity, Cyber Analyst
  • J. Galiher — Southwest Airlines, Associate Technology Analyst
  • K. Gibson – Apple, Security Engineer
  • K. Gebala – Microsoft, Cloud Solution Architect
  • L. Murphy – US Cyber Advisory Team, Analyst, S-RM Intelligence and Risk
    Consulting
  • M. Witz – Wisconsin Department of Public Instruction, IAM Architect
  • N. Nguyen – State Farm, Information Security Intern
  • P. Mittal – Deloitte, Intern
  • T. Blacksher – Lucid, Security Analyst 1
  • U. Steshenko – Assurance Lab, Consultant
Copyright © 2022 Women in CyberSecurity (WiCyS)
All rights reserved.
No part of this content may be reproduced or used in any manner without the prior written permission of the copyright owner.
To request permissions contact [email protected]