About the Cybersecurity Vocational School – FAQ

What are Cybersecurity Vocational Schools?

Cybersecurity Vocational Schools are vocational higher education institutions that provide associate degree–level education and training in the field of cybersecurity. They were established in the Fall Semester of 2023 within the scope of the cooperation protocol signed on October 5, 2022, between the Presidency of the Republic of Türkiye Digital Transformation Office and the Council of Higher Education (YÖK).

These schools offer programs and courses designed to equip students with both theoretical knowledge and practical skills in cybersecurity.

What is the purpose of establishing Cybersecurity Vocational Schools?

Cybersecurity Vocational Schools were established with the primary objectives of developing a competent and qualified cybersecurity workforce, making cybersecurity an attractive career path for young people, and enhancing the professional qualifications associated with cybersecurity expertise.

At which universities are Cybersecurity Vocational Schools available?

Cybersecurity Vocational Schools have been established within the following universities:

• Ankara University

• Ege University

• Gebze Technical University

• Istanbul Technical University

These schools implement a sector-integrated, industry-driven education model. The aim is to enhance students’ practical skills through real-world field experience. The continuously updated curriculum focuses on the cybersecurity specialties most in demand by the industry, and selected field-specific courses are delivered by industry professionals.

What is the name of the program offered at Cybersecurity Vocational Schools?

The associate degree program offered is called Cybersecurity Analysis and Operations.

The program is designed to train qualified and well-equipped professionals in the following roles:

• Cybersecurity Incident Analyst

• SOC/CSIRT (SGOM/SOME) Level 1 Support Specialist

• Cyber Threat Intelligence Analyst

• Cybersecurity Systems Operator

What does a Cybersecurity Analyst do?

A Cybersecurity Analyst is responsible for ensuring the security of an organization’s information systems and developing protective measures against cyber attacks. A Cybersecurity Analyst typically performs the following duties:

• Conducts analyses to identify security vulnerabilities in information systems and evaluates potential threats and risks. Reviews and contributes to the improvement of an organization’s existing security policies and procedures.

• Detects and prevents cyber attacks by monitoring abnormal activities on networks and systems, identifying intrusion attempts, and developing protection measures. Uses cybersecurity tools and analyzes security incidents.

• Evaluates cybersecurity incidents and determines their priority levels. Carries out the necessary analysis and response actions in accordance with the organization’s incident management processes.

• Performs penetration tests to identify weaknesses in the organization’s information systems.

• Responds quickly and effectively to security breaches in line with the organization’s incident response procedures. Investigates the root cause of the breach, blocks attackers based on response scenarios, and works to restore affected systems.

What does a Cybersecurity Operator do?

A Cybersecurity Operator ensures that the organization’s information security and cybersecurity infrastructure remains up to date, effective, and functional. A Cybersecurity Operator typically performs the following duties:

• Continuously monitors information security and cybersecurity systems (such as firewalls, IDS/IPS, antivirus solutions, etc.). Analyzes logs and system alerts to detect abnormal activities and identify potential security threats.

• Manages and configures information security and cybersecurity systems (firewalls, IDS/IPS, antivirus software, etc.). Also manages logging and monitoring systems used to collect data on security incidents and threats.

• Identifies system vulnerabilities and plans and applies security improvements and patches. Regularly updates systems to prevent exploitation of potential weaknesses.

• Monitors network traffic and detects cyber attack attempts. Implements necessary measures to block malicious activities and enforces security policies.

• When issues such as security incidents or system failures occur, identifies and analyzes the problems and takes the necessary steps to resolve them.

• Prepares and presents regular reports on security incidents and attack detections to management and relevant stakeholders.

• May participate in the execution of penetration tests and guide teams in addressing vulnerabilities based on test results.

What is the content of the Cybersecurity Analysis and Operations associate degree program?

The program is designed to equip students with the knowledge and skills required to work as:

• Cybersecurity Incident Analyst

• SOC/CSIRT (SGOM/SOME) Level 1 Support Specialist

• Cyber Threat Intelligence Analyst

• Cybersecurity Systems Operator

In addition to core general education courses (such as Turkish, Mathematics, History, and English), students take foundational cybersecurity courses, field-specific professional courses, and social skills development courses.

The program is offered over a total of 3 years (6 semesters), including 1 year of English preparatory education. The final semester is dedicated to professional development in the field.

Courses are delivered both theoretically and practically. Internship and on-site vocational training opportunities are planned at companies located in technoparks and firms that are members of the Türkiye Cybersecurity Cluster.

The language of instruction is 30% English.

What courses are offered in the program?

The curriculum has been developed under the coordination of the Presidency of the Republic of Türkiye Digital Transformation Office, with contributions from cybersecurity industry experts and academic staff from the participating universities. The final version of the curriculum is available on the official websites of the respective universities.

What is the student quota for the program?

The student quota for the program is 25 students per university. Each participating university admits 25 students.

How are students admitted?

Students are admitted to the associate degree program through the Higher Education Institutions Examination (YKS)administered by the Measurement, Selection and Placement Center (ÖSYM) of Türkiye.

Which score type is used for admission?

Admission is based on the TYT (Basic Proficiency Test) score type.

Are students admitted directly from vocational high schools?

No direct admission is available. Students are admitted only through the YKS.

Can graduates of vocational and technical secondary education institutions receive additional placement points?

Graduates of the Information Technologies field of vocational high schools may be admitted to the Cybersecurity Analysis and Operations program with additional placement points.

Is direct, exam-free admission possible for graduates of Cybersecurity Vocational High Schools?

No. Admission is only possible through the YKS examination.

Is a special aptitude test applied for program admission?

No special aptitude test is applied. Admission is solely based on the YKS results.

What are the minimum admission scores and ranking?

In centrally placed programs, candidates are admitted based on their scores in descending order until the quota is filled. Therefore, maximum and minimum scores vary depending on the applicant pool. There is no ranking requirement for associate degree programs.

Base scores can be accessed at: https://yokatlas.yok.gov.tr

Are internship opportunities provided?

Internship and on-site vocational training opportunities are planned primarily at companies that are members of the Türkiye Cybersecurity Cluster and firms located within the technoparks of the host universities.

Can students apply for the Erasmus Program?

The Erasmus Program is coordinated by the National Agency. Universities may send students for exchange programs by completing the necessary institutional procedures, as with other academic programs.

Which bachelor’s degree programs can graduates transfer to?

Graduates may transfer to the following bachelor’s degree programs through the Vertical Transfer Examination (DGS):

• Computer Science

• Computer Engineering

• Computer Education and Instructional Technology

• Information Systems Engineering

• Information Systems and Technologies

• Statistics

• Statistics and Computer Science

• Mathematics and Computer Science

• Software Engineering

• Management Information Systems

What title do graduates receive?

Graduates of the Cybersecurity Analysis and Operations program are awarded the professional title of “Technician”, in accordance with the decisions of the Higher Education Executive Board dated 12.09.2012.

Efforts are planned in cooperation with the Vocational Qualifications Authority to define additional professional titles that graduates may use in the industry.

Where can graduates work?

Graduates can find employment opportunities in a wide range of public and private sector organizations that require cybersecurity professionals, including:

• Public institutions and government agencies

• Critical infrastructure organizations

• Information and communication technology providers

• Financial institutions

• National security agencies

• Educational institutions

• Healthcare organizations

• Companies designing and manufacturing cybersecurity software and hardware

• Cybersecurity service providers

• E-commerce companies

Additionally, graduates may further advance their careers by participating in certification programs and gaining professional experience.

Is employment support provided for graduates?

Priority employment opportunities are planned at companies that are members of the Türkiye Cybersecurity Cluster and firms located within the technoparks of the host universities.

Source: https://cbddo.gov.tr/sss/siber-myo/