Graduate Certificate Programs: Cybersecurity Management

Designed for working information security professionals, the graduate certificate in Cybersecurity Management prepares you to build and execute strategic plans that resonate with business executives, create effective information security policy, design and deploy information security environments, and lead, inspire, and motivate cybersecurity teams.

Format Option: A 100% online option is available
Courses: 5
GIAC Certifications: 5
Credits: 15
Duration: 18-24 months
Total Program Cost: $28,500 USD


Strengthen Your Technical Knowledge and Skills

Gain practical skills you can immediately apply at your job or in a new infosec role.

  • Learn the latest cybersecurity tactics to protect your organization
  • Keep your skills current for career growth and advancement
  • Earn professional GIAC certifications as you complete the program
  • Train on your schedule, to balance work and school
  • Get personalized support from a student advisor 


The SANS.edu Advantage


GIAC Certifications

Earn 5 industry-recognized GIAC cybersecurity certifications.


100% Online Option Available

You have the option of completing the program through live or rewindable online courses.


World-class Faculty

Learn the latest skills and techniques from the world's top cybersecurity practitioners.


Pathway to a Master’s Degree

All credits earned in this program can transfer into our master’s degree program.


SANS.edu Academic Pricing

Get SANS.edu academic pricing on SANS courses and GIAC certifications.


Powerful Network

Make connections with some of the most talented students and teachers in the industry.

InfoSec professional attends SANS.edu info session

Join Us for an Online Info Session

  • Learn more about the SANS.edu cyber security master's degree and graduate certificate programs. Have questions? We’ll answer them. Tue, Feb 14 at 1 pm (ET). Register here.
  • Discover the Graduate Certificate in Cloud Security in a special info session featuring faculty members and Cloud experts Frank Kim and Shaun McCulloughThu, March 9, 2 pm (ET). Register here.

“I have my master's in computer science, but I completed three graduate certificate programs with SANS so I could truly dive deep into technical areas of cybersecurity and learn from instructors who are leading the industry.” - Jeff Sass, Director of Application Security, Adobe

Learn How To:

  • Manage the information security function in an enterprise in a way that takes into account the relationship between and responsibilities shared by the communities of interest, including the general business, information technology, and information security.
  • Apply a standards-based approach to risk management, including business impact analyses, cost-benefit analyses, and implementation methods that map to business needs/requirements.
  • Integrate enterprise security operations, including policy, strategic and continuity planning, implementation programs, and personnel into an operation that can effectively manage the security needs of an enterprise.
  • Articulate legal positions to meet ethical and business needs associated with the protection of information and privacy of an enterprise.
  • Devise and implement strategies for incident detection and response, including business continuity planning and disaster recovery planning (BCP/DRP), that are cost effective and meet the business needs of the enterprise.

Curriculum | 15 Credit Hours

In this hands-on program, you'll learn from some of the world's top cybersecurity experts, gaining hands-on technical and leadership experience you can apply immediately on the job.

Required Core Courses | 9 credit hours

  • SANS Course: MGT512: Security Leadership Essentials For Managers
    Certification: GIAC Security Leadership (GSLC)

    3 Credit Hours

    ISE 5001 uses case studies, group discussions, team-based exercises, in-class games, and a security leadership simulation to help you absorb both technical and management topics. Covering a wide range of security topics across the entire security stack, this course empowers you to become an effective security manager and get up to speed quickly on information security issues and terminology. Data, network, host, application, and user controls are examined in conjunction with key management topics that address the overall security lifecycle, including governance and technical controls focused on protecting, detecting, and responding to security issues.

    The course will prepare you to:

    • Make sense of different cybersecurity frameworks
    • Understand and analyze risk
    • Understand the pros and cons of different reporting relationships
    • Manage technical personnel
    • Build a vulnerability management program
    • Inject security into modern DevOps workflows
    • Strategically leverage a SIEM
    • Change behavior and build a security-aware culture
    • Effectively manage security projects
    • Enable modern security architectures and the cloud
  • SANS Course: SEC530: Defensible Security Architecture and Engineering: Implementing Zero Trust for the Hybrid Enterprise
    Certification: GIAC Defensible Security Architecture (GDSA)

    3 Credit Hours

    Effective security requires a balance between detection, prevention, and response capabilities. Defensible Security Architecture and Engineering is designed to help you establish and maintain a holistic and layered approach to security. You’ll explore the fundamentals of up-to-date defensible security architecture and how to engineer it, with a heavy focus on leveraging current infrastructure (and investment), including switches, routers, and firewalls. You’ll learn how to reconfigure these devices to significantly improve your organization’s prevention capabilities in the face of today's dynamic threat landscape. The course will also delve into the latest technologies and their capabilities, strengths, and weaknesses. Multiple hands-on labs will reinforce key points in the course and provide actionable skills you will be able to leverage immediately at work.

  • SANS Course: MGT514: Security Strategic Planning, Policy, and Leadership
    Certification: GIAC Strategic Planning, Policy, and Leadership (GSTRT)

    ISE 5650 covers the critical processes to be employed by technical leaders to develop the skills and techniques to select, train, equip, and develop a team into a single cohesive unit with defined roles that operate together in harmony toward team-objective accomplishment.

    Topics covered include:

    • Leadership development
    • Coaching and training
    • Employee involvement
    • Conflict resolution
    • Change management
    • Vision development
    • Motivation
    • Communication skills
    • Self-direction
    • Brainstorming techniques
    • Strategic planning and policy development
    • The 10 core leadership competencies

    *Both MGT 514 and SEC 405 must be taken in the OnDemand modality.

Elective Courses | 6 credit hours

Students select two of the following.

  • SANS Course: SEC566: Implementing and Auditing Security Frameworks and Controls
    Certification: GIAC Critical Controls Certification (GCCC)

    3 Credit Hours

    Cybersecurity attacks are increasing and evolving so rapidly that is more difficult than ever to prevent and defend against them. ISE 6001 will help you to ensure that your organization has an effective method in place to detect, thwart, and monitor external and internal threats to prevent security breaches. As threats evolve, an organization's security should too. Standards based implementation takes a prioritized, risk-based approach to security and shows you how standardized controls are the best way to block known attacks and mitigate damage from successful attacks.

  • SANS Course: MGT525: Managing Cybersecurity Initiatives & Effective Communication
    Certification: GIAC Certified Project Manager (GCPM)

    3 Credit Hours

    In ISE 5800 you will learn how to improve your project planning methodology and project task scheduling to get the most out of your critical IT resources. The course utilizes project case studies that highlight information technology services as deliverables. ISE 5800 follows the basic project management structure from the PMP® Guide 5th edition and also provides specific techniques for success with information assurance initiatives. All aspects of IT project management are covered — from initiating and planning projects through managing cost, time, and quality while your project is active, to completing, closing, and documenting as your project finishes.

  • SANS Course: MGT551: Building and Leading Security Operations Centers
    Certification: GIAC Security Operations Manager (GSOM)

    3 Credit Hours

    Managing a security operations center (SOC) requires a unique combination of technical knowledge, management skills, and leadership ability. Whether you are looking to build a new SOC or take your current team to the next level, this course provides the right balance of these elements to super-charge your people, tools, and processes. You will learn how to build a high-performing SOC tailored to your organization and the threats it faces. You will be given the tools needed to manage an effective defense, measure progress towards your goals, and build out more advanced processes like threat hunting, active defense, and continuous SOC assessment. Each section includes hands-on labs, introductions to some of the industry's best free and open source tools, and an interactive game in which you will apply your new SOC management skills in real-world scenarios.

  • SANS Course: AUD507: Auditing & Monitoring Networks, Perimeters & Systems
    Certification: GIAC Systems and Network Auditor (GSNA)

    3 Credit Hours

    (Not available as an elective in the MSISM program)

    ISE 6715 is organized specifically to provide a risk driven method for tackling the enormous task of designing an enterprise security validation program. After covering a variety of high level audit issues and general audit best practice, students have the opportunity to dive deep into the technical how to for determining the key controls that can be used to provide a level of assurance to an organization. Tips on how to repeatably verify these controls and techniques for continuous monitoring and automatic compliance validation are given from real world examples.

  • SANS Course: LEG523: Law of Data Security and Investigations
    Certification: GIAC Law of Data Security & Investigations (GLEG)

    3 Credit Hours

    (Not available as an elective in the MSISM program)

    ISE 6720 introduces students to the new laws on privacy, e-discovery, and data security so students can bridge the gap between the legal department and the IT department. It also provides students with skills in the analysis and use of contracts, policies, and records management procedures.


Study with the best faculty in cyber security


Take Your Next Step

Need more information? We’re happy to answer your questions. Join us for an info session, email info@sans.edu or call 301.241.7665.

Ready to apply? We look forward to learning about you and your career goals.


“Earning a graduate certificate from SANS is what really accelerated my career. The technical skills I learned in the program have given me the confidence to successfully lead my team and prepare them for new challenges.” - David Cox, Manager, Cyber Threat Management, EY

Success Stories


“You get a lot of personal attention to get through the program because of the student advisors. They are the foundation of the SANS.edu experience.” - Christopher Hurless, Systems Engineer, Northwestern University in Qatar

Christopher Haller

SANS.edu Graduate Certificate Student Wins National Cyber League Championship

Christopher Haller beat out more than 6,000 competitors to earn the #1 individual player ranking in the Spring 2022 National Cyber League competition. See why he chose to pursue a graduate certificate at SANS.edu — and learn about his career path from the US Navy to his current role as Director of Professional Services at Centripetal Networks.

Course Delivery Options

Complete any of our cybersecurity degree or certificate programs by taking courses that are 100% online or that start with weeklong in-person events held across the country and around the world. Or you can do a mix of both.

Join us for a free online info session to learn more.



Total program cost: $28,500 USD

Tuition includes the cost of the course, textbooks, and certification tests that serve as mid-term or final exams for courses.

Get the Credit You Deserve
Students who have taken SANS training classes and have active GIAC certifications may be able to waive one course and GIAC certification into the program. See our waiver policy.

Funding Options



We're happy to help. Email info@sans.edu or call 301.241.7665.

About the SANS Technology Institute

Founded in 2005, the SANS Technology Institute (SANS.edu) is the independent, regionally-accredited, VA-approved subsidiary of SANS, the world's largest and most trusted provider of cybersecurity training, certification, and research. Offering graduate and undergraduate programs at the cutting edge of cybersecurity, SANS.edu is strengthening the cyber workforce through a career-focused curriculum built on proven SANS courses and industry-recognized GIAC certifications.

The SANS Technology Institute is accredited by The Middle States Commission on Higher Education (1007 North Orange Street, 4th Floor, MB #166, Wilmington, DE 19801 - 267.284.5000), an institutional accrediting agency recognized by the U.S. Secretary of Education and the Council for Higher Education Accreditation.