Information security is a topic of frequent discussion within the larger community of information systems (IS) and information technology (IT). The high cost of information security breaches heightens the importance of information security within all levels of an organization. However, despite this reality a need exists for qualified information security professionals to fill these important roles within organizations. This paper presents a competency based approach to information security education. Competency based education provides a mechanism to allow individuals to obtain an education within a particular field not by completing a certain number of seat hours, but instead by demonstrating competency in the required subject matter.