Skip to main content Skip to site utility navigation Skip to main site navigation Skip to site search Skip to footer
Menu
PGWP program eligibility
International students interested in applying for a post-graduate work permit (PGWP) to work in Canada following graduation must review program eligibility requirements. Only some programs are eligible. 

Cyber Security

Gain the skills to develop and maintain sound security practices to address modern security threats.

A man in a plaid shirt and glasses works in a computer server room.
Start Date(s):
September 2025
Typical Length:
2 Years
Credential:
Diploma

Apply Now

Overview

Building on your existing technology and analytical skills, this program will prepare you for a career in the growing field of cyber security.

You learn how to provide the information and tools necessary to identify and secure potential vulnerabilities. And you explore a variety of information and system security areas and methods, including:

  • Ethical hacking techniques
  • Risk analysis
  • Applications of cryptography
  • Vulnerability testing
  • Auditing
  • Security management
  • Physical security
  • Cyber crime
  • Cyber warfare
  • Incident response

Work experience

  • Field experience is a mandatory credit course, providing you with the opportunity to apply your knowledge and skills outside of the classroom.
    • Opportunities are typically unpaid and last approximately 5 weeks.
  • This program is eligible for an optional cooperative education (co-op) credit course between year one and two.
    • Co-op provides an opportunity for paid, full-time employment in a field related to your program.
    • Co-op takes place in third term and must be a minimum of 12 weeks and 420 hours.
    • Our co-op program follows Co-operative Education and Work-Integrated Learning Canada (CEWIL) guidelines.
  • Transportation, accommodations and other costs related to work experience are your responsibility.
  • For more information, visit work experience opportunities.

Choose NSCC

  • The Cyber Security diploma program was the first credentialed information security program offered in the Atlantic region.
  • This program is responsive to industry's needs and demands. You develop skills and knowledge that give you the best possible chance of securing fulfilling employment in the IT security industry.
  • Small class sizes mean you get lots of one-on-one attention from faculty and benefit greatly from their real-world experience, industry connections and advice.

Other info

  • It is recommended that any student considering the Cyber Security program be able to qualify for a Canadian secret security clearance.
  • Many employers in this industry require a current, official criminal record check as part of the hiring process. A conviction on your criminal record may impact your ability to secure employment.
  • Applicants may qualify for the following educational award: Digital Nova Scotia TechQuity Award – Community Foundation of Nova Scotia (cfns.ca)

September 2025

Campus Full time/part time Delivery Availability
Institute of Technology Campus
Halifax
Full time In person
Delivered in-person. Some courses may have online elements.
Waitlist
This program location has a multi-year waitlist. Contact Admissions for more information.
Sydney Waterfront Campus
Sydney
Full time In person
Delivered in-person. Some courses may have online elements.
Seats available

Admission requirements

Program requirements

  • You'll benefit from having a strong background in self-directed learning, puzzle solving and computer literacy, particularly programming (decision statements, loops, arrays, functions and procedures).
  • Portfolio development – As part of your studies at NSCC, you develop a portfolio of your work; the portfolio captures your achievements and profiles your skills to employers.

Tuition

Tuition amounts are for the 2024-25 academic year. Program costs and fees (textbooks, supplies, etc.) are additional.

Tuition (Domestic):
$3,620
Tuition (International):
$11,690

Tuition, fees and program costs

In addition to annual tuition, there are program costs (books, tools, etc.) and student fees for College services, health and dental plans, your student association and parking.

View detailed program fees page(s). Please note that amounts on these pages are meant for planning purposes only. They don't represent final amounts owing.

Career options

Graduates are prepared to accept positions as:

  • Cyber security analysts
  • Information security analysts
  • Security penetration testers
  • Risk management consultants
  • Security architects
  • Systems security analysts
  • Incident response and investigation
  • Law enforcement (civilian member)
  • Military
  • Intelligence analysts

This program includes courses that can be applied towards a career in the Canadian Armed Forces as a cyber operator. View career options

Future study options

Courses may include

These are some of the courses offered in this program. It is not a complete list and courses are subject to change in advance of the academic year.

Recognizing prior learning / transfer credits
If you have previous learning (course, employment, etc...) that's relevant to your program, you may be able to apply to earn credit. Not all programs are eligible. Learn about our recognizing prior learning (RPL) process.

COMM 1700 - Professional Practices for IT I
This course exposes learners to tools and process that support professional continuous improvement. Focused on communication, collaboration and career development, you will begin to develop the 21st century skills essential for success in the information technology industries. This course will build the foundations for professional habits and methodologies that help graduates remain current and relevant in an ever evolving profession.

COMM 2700 - Professional Practices for IT II
This course develops tools and process that support professional continuous improvement. Focused on communication, collaboration and career development, you will begin to develop the 21st century skills essential for success in the information technology industries. This course will establish professional habits, methodologies and strategies to help graduates remain current and relevant in an ever evolving profession. Learners will also begin to cultivate critical thinking skills and apply processes that support and validate professional decision making.

COMM 3700 - Professional Practices for IT III
This course develops the skills, attitudes, processes and habits required to successfully prepare for a variety of interview scenarios and the associated presentation techniques. Emphasis is on the development of a professional portfolio and the part that personal marketing plays in gaining successful, relevant employment. The course will also continue to build professional habits, methodologies and strategies to help graduates remain current and relevant in an ever evolving profession.

COMM 4700 - Professional Practices for IT IV
This course is the final in a suite of four, and as such provides learners with the skills and knowledge to curate a personal, professional portfolio in readiness for employment in the IT industry. Learners will also regularly practice and prepare for numerous interview situations and scenarios by honing the skills and techniques previously acquired. New, essential competencies are introduced focused on diversity and inclusiveness in the workplace and the challenges surrounding ethical decision making processes.

DBAS 1020 - Data Security
This course introduces the learner to the concept of databases. Emphasis will be placed on designing a database from requirements to logical design (i.e. ERD’s) and initial table (or equivalent) construction. Learners will learn how to build, modify and maintain a database using basic SQL syntax. Security topics discussed will include an introduction to data vulnerabilities and mitigation strategies such as SQL injection, input validation, creating data security through the proper definition of user privileges, roles and responsibilities as well as physical security issues in a data centre environment.

INFT 3000 - Capstone
Learners acquire hands-on experience on a group project applying much of the material learned throughout their program. Throughout this course, learners will apply their skills to prepare and deliver technical documentation and presentations using various media platforms.

INFT 4100 - Work Experience
This course is a summative experience in the context of a real-world organization. Students will apply learning in an authentic professional IT working environment and gain hands-on industry related skills and knowledge.

ISEC 1005 - Cyber Crime Survey
This course introduces learners to issues related to the current state of cybercrime. Learners will explore the origins of cybercrime and its role in cyber terrorism, cyber warfare, hacktivism and traditional criminal activities. The course will describe the evolution of threats, and the motivations, methods and resources of the various threat actors. The overall objective will be to give the learners an overview of the current threat landscape created by these threat actors as well as an understanding of the effectiveness and evolution of defensive strategies.

ISEC 2022 - Firewalls, VPN’s, IPS, Endpoints
This course will investigate key concepts in the analysis of network traffic through deep packet inspection. Traditional perimeter defence systems such as firewalls, VPN's and Intrusion Prevention systems will be examined as well as the implementation of endpoint security systems.

ISEC 2025 - Vulnerabilities and Exploits
Students will learn about the security threats, software vulnerabilities, and hacker attacks that are commonly implemented against commercial applications, including SQL injection, Cross-Site Scripting, and session hijacking. This course focuses on the numerous methods by which poorly developed web applications can be compromised. It also addresses the numerous techniques that can be applied to mitigate these vulnerabilities.

ISEC 2076 - Security Mechanisms
The course will examine security authentication methods and how they are used to help secure environments. Subjects to be reviewed include physical security, access methods such as biometric and smart card technologies, two factor authentication and identity and access management.

ISEC 2077 - Security Auditing and Control Systems
This course will concentrate on components of a log collection system as well as log file management and optimization of the log review process through the correlation of events and real time alerts. Students will explore how to introduce and manage change in a controlled and coordinated manner.

ISEC 2078 - Wireless and Mobile Device Security
This course will examine the risks and vulnerabilities in the use of wireless and mobile networks. Students will implement and actively manage the security configuration of wireless and mobile devices in order to prevent attackers from exploiting vulnerable services and settings.

ISEC 2079 - Evolving Technologies and Threats
This course will study how newly emerging technologies such as virtualization, Cloud computing, the Internet of Things, and SDN technologies impact the security and integrity of data and also examine systems that are increasingly at risk, e.g. mission critical systems such as SCADA. Students will experiment with new technologies and threats and develop adaptive mitigation strategies and a structured approach to life-long learning and continuous professional development.

ISEC 3077 - Attack Vectors and Techniques
Students will investigate and analyze the various techniques hackers use to bypass security measures and gain access to corporate data. This course will examine a variety of real-life case studies that include study attack data and analysis of threats.

ISEC 3078 - Incidence Handling and Response
Students will learn to design and manage key business information security functions including incident response, disaster recovery, and business continuity plans. Planning, reporting and budgeting are all addressed. Students will use business case studies to analyze and develop effective plans and solutions for various business scenarios.

ISEC 3079 - Penetration Testing
This course will explore critical phases of an attack. Scanning, enumeration, foot- printing and social engineering will all be covered. Students will also be introduced to the latest ethical hacking tools and techniques to test corporate security systems and examine the legal issues involving ethical hacking to test corporate defence systems.

ISEC 3080 - Enterprise Security
Students will build on concepts and techniques introduced in the Web Security and Operating Systems courses in order to enhance security on servers that handle email and web applications.

NETW 1015 - Network Security
This course provides learners with a comprehensive overview of the concepts to build the foundations to implement secure practices on networks. The OSI and TCP/IP network communication models will be examined for network communication with special emphasis on Layers 2, 3 and 4. Learners will examine the operation of networking devices and networking protocols and discuss the security issues of those protocols such as port/protocol scanning, IP spoofing and vulnerability discovery.

OSYS 1020 - Operating Systems Security
This course covers the fundamentals common to operating systems. The system architecture of privilege ring levels to provide security protection of kernel level programs from user level operations will be discussed. How the OS handles hardware and software resources including program execution, interrupts and memory management for standard input and standard output operation will be examined. The basic implementation of both Windows and Linux operating systems will be presented with hands on activities.

OSYS 2020 - Windows Security
This course covers the understanding and implementation of security as it applies to the Microsoft Windows operating system. Through hands-on activities, students will be able to recognize and understand the common vulnerabilities of Windows systems using various tools and techniques to decrease and control these threats. The course also introduces defence strategies and techniques through a better understanding of system file permissions, group policies, Windows registry, PowerShell, active directory and malware prevention.

OSYS 2022 - Linux Scripting
This course builds on the basics of the Unix operating system. Learners will learn the core utilities to work productively in a Linux environment and develop command line skills. Topics will include shell scripts, managing permissions, process management and network applications & services with an emphasis on the system-related security issues.

PROG 1015 - Programming for Security
This course introduces the fundamental principles of programming and secure coding concepts. The course will introduce a variety of programming concepts and best practices for designing and implementing programs. Topics covered will include the following: an introduction to programming languages data types and expressions, control flow, memory structure and management and the use of, data types and structures. Application vulnerabilities and mitigation strategies such as buffer overflows and input validation will be discussed.

PROG 2022 - Server Exploits
This course is an overview of the main concepts, methodologies and best practices of coding professional client-server applications from the server perspective. Learners will gain an understanding of essential elements of client-side and server-side interaction with databases. Tools may include PHP, HTTP, and open source databases or equivalents.

SAFE 1000 - Introduction to WHMIS (Workplace Hazardous Materials Information Systems)
This course offers learners basic overview of WHMIS principles and establishes a solid foundation to support workplace-specific training on the safe storage and handling of controlled/hazardous products. Upon successful completion of the course, students receive basic WHMIS certification.

SAFE 1001 - Introduction to NS OH&S Act
This course offers students an introduction to the Occupational Health & Safety (OH&S) Act of Nova Scotia, which is required by any person employed in a Nova Scotia workplace. This is a generic, introductory course that provides basic knowledge of the Act for students and is considered to be the basis from which more specific training can be given.

WEBD 2075 - Web Security
Students will learn about the security threats, software vulnerabilities, and hacker attacks that are commonly implemented against commercial applications, including SQL injection, Cross-Site Scripting, and session hijacking.

Cyber Security Elective Course Requirement . Students must take four credits from a prescribed list of courses.

Apply Now

What others have to say

Image of Curtis Leblanc, a smiling man wearing glasses looking directly at the camera.
Curtis Leblanc
Class of 2023
This program served as a great introduction to the field of cyber security. A challenging but enlightening experience awaits anyone who chooses this program.

Learn more about this program

Share your details with us and we'll send you a program overview.

Required fields are marked with a red symbol (*)

Thank you for contacting us.

Your program overview is on the way. While you wait, feel free to browse our list of Programs & Courses or visit our Admissions information section.

Explore similar programs

To find other programs and career options that might be a good fit for you check out these areas of interest:

Top