Security Engineer
Career Path
Security Engineers are security-minded architects and builders. This career path will provide you with the foundational knowledge and key skills needed to succeed as an entry-level Security Engineer.
43
H
40
M
Intermediate
27
Learners at 96% of Fortune 1000 companies trust Cybrary
.svg){kind=small}
About this Career Path
Cybrary’s Security Engineer career path and associated assessments will equip you with the knowledge and hands-on skills you need to launch your career as a Security Engineer. Over the course of 20+ courses and hands-on virtual labs, you will learn security engineering fundamentals, infrastructure and operations security, application security, and data security.
Completing this career path and the associated assessments will start your journey toward a Security Engineer role or prepare you for further specialization in advanced skills like cloud security and cybersecurity architecture.
Skills you'll gain
- Security engineering fundamentals
- Infrastructure and operations security
- Application security
- Data security
Path Outline
Collection Outline
Coming Soon
The Leadership and Management Career Path is expected to release in Q2 of 2025. Sign up now to explore our other leadership courses and content.
Start Learning for FreeLearn
Learn core concepts and get hands-on with key skills.
Security Engineering and Cyber Risk
In this course, you will learn the core principles of security engineering and their relationship to cyber risk. You will learn how to identify, analyze, and mitigate risks in a security engineering context.
DevSecOps
In this course, you will be introduced to the principles of the DevSecOps methodology. You will learn about several common strategies and tools for implementing DevSecOps throughout an organization.
Zero Trust Architecture
This course will explore the Zero Trust security model, emphasizing the need to verify every request as though it originates from an open network, and explaining how to implement and manage Zero Trust principles in an organization.
Threat Modeling
In this hands-on lab, you will learn the basics of Threat Modeling. You will create a basic Threat Model for a web application, identify and and analyze threats to the application using a common threat methodology, and determine mitigations for the application.
Infrastructure and Operations Security Basics
This course introduces the foundational concepts of infrastructure and operations security, covering key principles, threats, and protective measures.
Deploying and Configuring Firewalls
In this hands-on lab, you will learn the basics of how to deploy and configure network firewalls. You will practice installing and configuring various features of a pfSense firewall in an emulated network environment.
Secure Network Architecture
In this hands-on lab, you will learn the basics of creating a secure network architecture. You will practice evaluating and modifying a network in the GNS3 network simulator.
Next-Gen Firewalls
In this hands-on lab, you will be introduced to the product category known as Next-Generation Firewalls (NGFW). You will practice installing the Zenarmor NGFW on a pfSense firewall and configuring different application-level controls.
Virtualization Security Administration
This course covers the administration of virtualization security, focusing on protecting virtual environments from security threats through configuration, monitoring, and management techniques.
System Hardening
In this course, we will cover best practices for system hardening to reduce attack surface and improve security posture.
SOAR
In this hands-on lab, you will learn the basics of Security Orchestration, Automation, and Response (SOAR). You will practice integrating multiple security tools and creating automation playbooks for common actions.
Application Security Basics
This course provides a brief introduction to application security, covering fundamental concepts, common vulnerabilities, and basic strategies for securing applications.
Secure Coding Best Practices
This course covers the essential best practices for secure coding, designed to help security engineers understand how to support the development of code that is resistant to attacks and vulnerabilities.
Static Code Analysis
In this hands-on lab, you will learn the basics of Static Code Analysis. You will practice running static code analyses using SonarQube, a fully-featured and open-source static analysis engine, as well as interpreting its results and determining remediation steps for the security issues it identifies.
Dynamic Code Analysis
In this hands-on lab, you will learn the basics of Dynamic Code Analysis. You will practice running dynamic code analyses, as well as interpreting its results and determining remediation steps for the security issues it identifies.
API Security
In this hands-on lab, you will learn the basics of API Security. You will practice identifying vulnerabilities in API endpoints using OWASP ZAP and Postman.
Data Security Basics
In this course, you will learn the basics of data security, including data states, data classifications, data protection strategies, data security tools, and common threats to data security.
Database Security
This course covers the critical aspects of securing databases, including access control, encryption, and regular security assessments.
Secure Data Storage and Transmission
In this hands-on lab, you will learn about securing data at rest and in transit using encryption and other security measures. You will practice securing a MariaDB database and applying OpenSSH to RDP administration.
Data Classification
In this hands-on lab, you will learn the basics of data classification. You will practice discovering sensitive data using DataVeil and Data Hound. You will also practice tagging data using DataHub.
Data Loss Prevention
In this hands-on lab, you will learn the basics of Data Loss Prevention (DLP) solutions. You will practice using Windows utilities and a Wazuh SIEM/XDR solution to simulate several of the core features of DLP.
Data Masking
In this hands-on lab, you will learn about data masking as a data obfuscation technique. You will practice using data masking tools to protect sensitive information by creating a copy of a production database and masking its data using DataVeil.
File Integrity Monitoring
In this hands-on lab, you will the basics of file integrity monitoring. You will practice implementing file integrity monitoring on Windows using both WinFM.NET and Wazuh.
Practice
Exercise your problem-solving and creative thinking skills with security-centric puzzles
Cybrary's Next Top Threat Modeler
In this challenge, you will strut the catwa- I mean, practice threat modeling...
pfSense and Sensibility
In this hands-on challenge, you will practice configuring firewall rules to meet network security requirements.
Die Hardening
In this challenge, you will practice hardening a Windows system.
Get Me an Analysis, Stat(ic)
In this challenge, you will practice performing static code analysis.
Dynamic Analysis Paralysis
In this hands-on challenge, you will practice performing dynamic code analysis.
TransMission Impossible
In this challenge, you will practice securing data transmissions for an Apache web server.
TRUE InteGRITy
In this challenge, you will practice configuring a file integrity monitoring solution.
Prove
Assess your knowledge and skills to identify areas for improvement and measure your growth
Security Engineering Fundamentals
Test your Security Engineering Fundamentals knowledge and skills to identify strengths, gaps, and weaknesses in areas like Cyber Risk, DevSecOps, Zero Trust, and Threat Modeling. Measure your mastery of Security Engineering Fundamentals and advance your career with targeted course and virtual lab recommendations.
Infrastructure and Operations Security
Test your Infrastructure and Operations Security knowledge and skills to identify strengths, gaps, and weaknesses in areas like Secure Network Architecture, System Hardening, Virtualization Security, and more. Measure your mastery of Infrastructure and Operations Security and advance your career with targeted course and virtual lab recommendations.
Application Security
Test your Application Security knowledge and skills to identify strengths, gaps, and weaknesses in areas like Secure Coding, Static Code Analysis, Dynamic Code Analysis, and more. Measure your mastery of Application Security and advance your career with targeted course and virtual lab recommendations.
Data Security
Test your Data Security knowledge and skills to identify strengths, gaps, and weaknesses in areas like Data Classification, Data Masking, Data Loss Prevention, and more. Measure your mastery of Data Security and advance your career with targeted course and virtual lab recommendations.
Train Your Team
Cybrary’s expert-led cybersecurity courses help your team remediate skill gaps and get up-to-date on certifications. Utilize Cybrary to stay ahead of emerging threats and provide team members with clarity on how to learn, grow, and advance their careers within your organization.
Instructors
Instructors
Get Hands-on Learning
Put your skills to the test in virtual labs, challenges, and simulated environments.
Measure Your Progress
Track your skills development from lesson to lesson using the Cybrary Skills Tracker.
.png)
Connect with the Community
Connect with peers and mentors through our supportive community of cybersecurity professionals.
Success from Our Learners
Frequently Asked Questions
This career path is designed for learners with prior experience in cybersecurity who wish to specialize in building secure IT ecosystems. This includes current mid-career IT and security practitioners looking to transition into a Security Engineer role. Experienced security engineering practitioners will also benefit from reviewing core concepts and testing their skills in this path's Challenge and Assessment modules.
Security Engineers are responsible for designing, implementing, and maintaining an organization’s security infrastructure. Common Security Engineer tasks and responsibilities include:
- Designing and implementing security measures
- Configuring firewalls
- Performing security assessments
- Developing and enforcing security policies
- Managing security tools
- Staying up to date on threats
Security Engineers play a critical role in protecting organizations from cyber threats that could lead to data breaches, financial loss, and reputational damage. Security Engineers design and maintain secure systems that protect organizations’ networks, systems, and sensitive data.
As cyber threats grow more complex, companies rely on Security Engineers to design, implement, and maintain strong security measures to keep attackers out.
While this course is focused on the Security Engineer role and job title, there are other roles with similar responsibilities. Common job titles in this field include:
- Security Architect
- Cloud Security Engineer
- Application Security Engineer
- Network Security Engineer
With additional training and experience, Security Engineers can pursue IT and Cybersecurity leadership roles, such as Security Manager or Chief Information Security Officer (CISO).
