GCIH
GCIH
GIAC Certified Incident Handler
GIAC / SANS
Incident handling credential focused on detecting intrusions, collecting evidence, and coordinating effective response workflows.
● Career
Cybersecurity careers by domain
Explore job families and certification issuers — two ways to map credentials to your path.
Threat Hunter
Proactively searches for adversaries that evade automated detection.
Roles in this job family
Threat Hunter
Mid-levelHypothesis-driven hunts across EDR, logs, and network telemetry.
Hunt Team Lead
SeniorPrioritizes hunt missions and converts findings into detection rules.
Related certifications
GCIA
GCIA
GIAC Certified Intrusion Analyst
GIAC / SANS
Advanced SOC and intrusion analysis certification for network traffic, IDS/IPS, and attacker technique detection.
CySA+
CySA+
CompTIA Cybersecurity Analyst
CompTIA
Analyst-level credential covering threat detection, vulnerability management, and security monitoring operations.
GMON
GMON
GIAC Continuous Monitoring
GIAC
GIAC Continuous Monitoring — professional certification mapped from the Paul Jerimy security certification roadmap.
SC-200
SC-200
Microsoft Security Operations Analyst
Microsoft
SOC analyst path using Microsoft Sentinel and Defender for threat detection and incident response.
GSEC
GSEC
GIAC Security Essentials
GIAC / SANS
Broad technical security baseline covering networking, IAM, crypto, and defense fundamentals.
CCNP Sec
CCNP Sec
Cisco Certified Network Professional Security
Cisco
Network security professional track covering firewalls, VPNs, identity, automation, and secure network architecture on Cisco stacks.
SecurityX
SecurityX
CompTIA SecurityX
CompTIA
Advanced practitioner certification (CAS-004) for senior security architects — technical depth beyond CASP+ in enterprise environments.
CCFA
CCFA
CrowdStrike Certified Falcon Administrator
CrowdStrike
Validates deployment and administration of the CrowdStrike Falcon platform: sensors, prevention policies, detection tuning, and operational response workflows. Common for SOC and endpoint security teams standardizing on Falcon.
BTL1
BTL1
Blue Team Level 1
Security Blue Team
Practical blue-team certification focused on log analysis, SIEM workflows, and incident triage for SOC analysts.
CSLS
CSLS
Certified Stormshield Log Supervisor
Stormshield
Certification sur Stormshield Log Supervisor (SLS) : collecte de logs SNS, tableaux de bord, rapports, règles d'alarme et investigation SOC. Prérequis CSNA. Complète le parcours défensif Stormshield aux côtés de CSNE.
SSCP
SSCP
Systems Security Certified Practitioner
(ISC)²
Hands-on security operations certification spanning access controls, incident response, and network monitoring.
C)IHE
C)IHE
Mile2 Certified Incident Handling Engineer
Mile2
Mile2 Certified Incident Handling Engineer — professional certification on the Paul Jerimy security certification roadmap.
eCIR
eCIR
eLearnSecurity Certified Incident Responder
Ine
eLearnSecurity Certified Incident Responder — professional certification on the Paul Jerimy security certification roadmap.
GEIR
GEIR
GIAC Enterprise Incident Response
GIAC
GIAC Enterprise Incident Response — professional certification on the Paul Jerimy security certification roadmap.
ACE
ACE
AccessData Certified Examiner
Accessdata
AccessData Certified Examiner — professional certification on the Paul Jerimy security certification roadmap.
BTL2
BTL2
Security Blue Team Level 2
Securityblue
Security Blue Team Level 2 — professional certification on the Paul Jerimy security certification roadmap.
C)DRE
C)DRE
Mile2 Certified Disaster Recovery Engineer
Mile2
Mile2 Certified Disaster Recovery Engineer — professional certification on the Paul Jerimy security certification roadmap.
CCD
CCD
Certified CyberDefender
Cyberdefenders
Certified CyberDefender — professional certification on the Paul Jerimy security certification roadmap.
CCE
CCE
ISFCE Certified Computer Examiner
Isfce
ISFCE Certified Computer Examiner — professional certification on the Paul Jerimy security certification roadmap.