Welcome to the Cybersecurity Academy
Secure the digital future with cutting-edge cybersecurity skills.
Enter the world of digital protection with the Cybersecurity Academy, where expertise meets action. Designed in alignment with Luxembourg’s National Cybersecurity Strategy and the National Resilience Plan, this programme equips learners with the skills and insight to secure information systems and protect the foundations of a trusted digital society. Through hands-on training, real-world projects, and expert guidance, the Cybersecurity Academy helps participants build the technical knowledge and confidence to safeguard data, mitigate risks, and strengthen digital infrastructures. Whether you are beginning your career or aiming to specialise, you will gain the capabilities to respond to evolving cyber threats and promote digital trust across sectors.
With career pathways leading to roles such as ethical hacker, cybersecurity analyst, or ICT security architect, the Cybersecurity Academy develops the specialised talent essential to Luxembourg’s digital resilience and technological excellence, empowering professionals to contribute actively to national and international efforts in building a secure digital future.
Getting started
To join the Cybersecurity Academy, candidates should demonstrate a solid foundation in IT and networking fundamentals, including:
- Computer Basics: operating system concepts, file systems, and command-line interface usage.
- Networking Fundamentals: TCP/IP, network protocols, and architectures.
- Operating Systems: Windows and Linux administration and navigation.
- Command-Line Tools: Proficiency with terminal or command prompt environments.
- Basic Scripting: Python, Bash, and/or PowerShell fundamentals.
These prerequisites ensure learners are well-prepared to begin advanced cybersecurity training with confidence.
If candidates lack some of these skills, they will have the opportunity to complete refresher courses to maximise their chances of successfully completing the programme.
Joining the Cybersecurity Academy begins with a simple but essential evaluation process designed to ensure candidates are ready for advanced cybersecurity training. The first step is a 30-minute online test featuring 30 multiple-choice questions that assess your understanding of core IT concepts. This is followed by a 2-hour online project to demonstrate problem-solving and technical skills. You can find a preview of the assessment here. Once both steps are completed, selected candidates will be invited to an interview to discuss their background, motivation, and specialisation preferences: Offensive or Defensive Security.
Curriculum
Indicated time frames are based on a weekly time commitment of 40 hours. If you choose to pursue the programme with a weekly time commitment of 20 hours, the overall duration will double accordingly.
Common Core Programme (2 months)
- Introduction to cybersecurity principles and careers
- Ethical frameworks and best practices
- Version control and collaboration tools (Git, GitHub)
- Linux and Windows fundamentals
- Command-line proficiency
- System file structures and permissions
- Networking basics (TCP/IP, firewalls, routing)
- Threat types and attack vectors
- Risk management and basic security controls
- Bash, PowerShell and Python scripting essentials
- Network and system scanning
- Automation of reconnaissance tasks
Specialisation: Offensive Cybersecurity (4 months)
- Passive and active information gathering
- OSINT tools and frameworks
- Target profiling and vulnerability mappings
- Web application architecture
- Common vulnerabilities (OWASP Top 10)
- Exploitation and post-exploitation
- Buffer overflows and privilege escalation
- Exploit development fundamentals
- Using Metasploit and manual methods
- App testing fundamentals
- Cloud environment vulnerabilities
- Container and API security
- Professional documentation and reporting
- Legal and ethical considerations
- Communication with clients and stakeholders
Specialisation: Defensive Cybersecurity (4 months)
- SOC operations and monitoring
- SIEM tools
- Threat detection and analysis
- IR lifecycle and playbook creation
- Forensic investigation basics
- Malware analysis fundamentals
- Hardening systems
- Endpoint protection and EDR tools
- Patch and vulnerability management
- IAM concepts
- Cloud security
- Cloud compliance and shared responsibility
- Risk assessment and compliance frameworks (NIST, ISO 27001)
- Business continuity and disaster recovery
- Security policies and governance models
Capstone Project (1 month)
A capstone project is the final applied assignment of the program, allowing learners to demonstrate the full range of their technical and analytical skills in a real-world context. In cybersecurity, capstone projects often involve solving realistic challenges such as:
- Building a Threat Intelligence Platform to collect and analyze Indicators of Compromise (IoCs).
- Designing a Blue Team SOC Simulation to detect and respond to simulated attacks.
- Developing a Malware Analysis Sandbox for behavioral study of malicious software.
- Conducting a Red Team Operation to assess vulnerabilities through ethical hacking exercises.
- Automating Detection Rules with YARA and Sigma to identify threats across environments.
Certification
The CompTIA Security+ (SY0-701) certification validates the fundamental cybersecurity skills required to identify, analyze, and respond to security threats across enterprise systems and networks. It covers key areas such as risk management, cryptography, cloud and network protection, and incident response, and aligns with the ENISA European Cybersecurity Skills Framework (ECSF) and ESCO occupational profiles. This certification corresponds mainly to roles such as:
- Cybersecurity Technician / Security Operations Technician
- Network or Systems Security Administrator
- Information Security Analyst
It provides a solid foundation for progressing toward more advanced cybersecurity roles within the European job market.
The CompTIA PenTest+ (PT0-003) certification demonstrates hands-on expertise in planning and executing penetration tests, identifying vulnerabilities, and developing mitigation strategies. It covers advanced topics such as vulnerability assessment, exploitation techniques, reporting, and remediation, and aligns with ENISA ECSF and ESCO profiles related to offensive security and threat analysis. This certification corresponds mainly to roles such as:
- Penetration Tester / Ethical Hacker
- Vulnerability Analyst
- Cybersecurity Consultant
- Red Team or Security Assessment Specialist
It is internationally recognized and supports career mobility across Europe in the cybersecurity and risk-management domains.