CSXP candidates should hold at least one of the following certifications: CISA, CRISC, CISM, CGEIT, ECSA, CEH, LPT, GCIH, OSCP, GPEN, CySA+, CISSP, CSX Penetration Testing Overview (CPTO), or CSX Cybersecurity Fundamentals
Or,
If the candidate does not hold at least one of the above certifications, it is recommended that they have 3 years of experience in 3 or more of the 5 CSX-P cybersecurity domains which align with those of the globally accepted NIST Cybersecurity Framework: Identify, Protect, Detect, Respond and Recover.