Seven security certifications to set your sights on

Posted on
Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone

The IT job market is starting to heat up and security professionals are one of the career fields in high demand. The recent rash of high profile security breaches is causing executives and company boards to demand an increased focus on cybersecurity practices and IT shops are struggling to keep up. Earning a security credential can help you land a great job in an exciting field, but it’s important to know which security certifications will really set you apart and make your resume jump to the top of the hiring manager’s pile.

The right infosec cert can jump your resume to the top of the pile.The Certified Information Systems Security Professional (CISSP) certification remains the premier certification for security practitioners. If you’re looking for a position as a mid-level security professional, particularly as a generalist, this certification is a must have. It’s often used by Human Resources departments as a screening test to weed out job candidates who lack a strong background in information security. Earning a CISSP is no easy task. You must pass a multiple-choice examination covering 10 broad domains of information security. Perhaps the most significant hurdle, however, is that you must have five years of information security work experience.

The SANS Institute’s Global Information Assurance Certification (GIAC) program offers a number of credentials that are well-respected by information security practitioners and hiring managers. The exams for GIAC certifications in incident handling, intrusion detection, forensics, penetration testing and other fields require candidates to demonstrate a mastery of niche topics in security. If the CISSP is the broad “bachelor’s degree” of security certifications, the GIAC credentials are the “master’s degrees.” Holding both a CISSP and GIAC certification is a one-two punch demonstrating broad knowledge of the profession and mastery of one or two specific technical disciplines.

Cisco’s Cisco Certified Network Professional Security (CCNP Security) credential allows candidates to demonstrate their mastery of using Cisco’s line of networking and security products to secure a network. The CCNP Security credential sits in the middle tier of Cisco’s program, between the Cisco Certified Network Associate (CCNA) and Cisco Certified Internetworking Expert (CCIE) credentials. Earning the credential requires that candidates pass five exams covering the use of various Cisco products. CCNP certification will be of particular interest to individuals seeking a network security position in a Cisco shop.

The EC-Council’s Certified Ethical Hacker (CEH) program validates that candidates have acquired the skills of a hacker, but also the wisdom to know how to apply those powers wisely. CEH includes coverage of penetration testing, ethical hacking and security auditing topics, preparing individuals to serve as security testing professionals. If you’re looking for a career in security consulting, consider pairing up the CISSP with the CEH credential for a powerful resume.

With the rise in data breaches, forensic investigators are in high demand. Earning a vendor-specific credential, such as EnCase’s EnCase Certified Examiner (EnCe) certification can help you stand out from the crowd. The process for earning this credential is rigorous. Before registering for the exam, you must either complete 64 hours of training or demonstrate that you have 12 months of computer forensics experience. After passing a written examination, you must then successfully complete a practical examination demonstrating hands-on EnCase experience. If you’re able to make it through that process and earn your EnCe, you’ll be a prime candidate for positions in computer forensics and security incident response.

The world is moving to the cloud and Amazon Web Services is the 1,000-pound gorilla in the Infrastructure-as-a-Service marketplace. While AWS doesn’t offer a certification program that only tests security knowledge, the AWS Certified Solutions Architect credential covers security topics along with a broad array of other knowledge needed to design secure, scalable implementations on AWS. With a large portion of the Internet now running on AWS servers, this certification will certainly appeal to hiring managers for security positions in AWS shops.

All of the technologists involved in information security programs need top caliber leadership and management. That’s where the Certified Information Security Manager (CISM) credential from the Information Security Audit and Control Association (ISACA) comes into play. The CISM program requires that candidates pass an exam covering governance, risk management, security program management and incident management topics. You’ll also need five years of experience in security combined with three years of security management experience. Earning the CISM credential can be a great way to pave the path from security technologist to security manager.

Information security professionals are in high demand and are very well compensated. Because of this, when positions are posted, they attract quite a bit of interest, with many hiring managers receiving hundreds of resumes from interested candidates. Earning any one of these security certifications can be a great way to supplement your education and work experience and help your resume survive screening and rise to the top of the stack. Each of these security certifications demonstrates both a level of technical competence and a commitment to the profession that are highly desirable in today’s competitive marketplace.

Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone
Mike Chapple


Mike Chapple is Senior Director for IT Service Delivery at the University of Notre Dame. Mike is CISSP certified and holds bachelor’s and doctoral degrees in computer science and engineering from Notre Dame, with a master’s degree in computer science from the University of Idaho and an MBA from Auburn University.

Posted in Certification|


8 thoughts on “Seven security certifications to set your sights on”

  1. Very Good Post!!!

    I am interested in pursuing a career in the field of biometrics. Can you kindly suggest valuable certifications in this field.

    Thanks in advance.

  2. This is a great post, expertly written and very easy to digest, thank you!

    For starters like myself in the IT security field with no experience and currently studying an Info Systems Security degree, which might you suggest is the best certificate exam to sit for to apply for entry level jobs?

    I currently have COBIT 5 Foundation and Implementation certificates, and I’m currently considering applying for CISM, but as you rightly said, it helps pave the path from security technologist to security manager. Any suggestions for how to start the path to security technologist in the first instance?

    Thanks for any response!

    • CompTIA is always a good place to start for entry level certs. The Security+ cert is a great entry level security cert. If you’re looking for something more advanced, they also have the CASP.

      • Awesome! Thanks for the response, I read about CompTIA Security+ and CASP while researching in this yesterday. Interesting that you echoed the same recommendations. I will look more into it, thanks again!

  3. Pingback: The Best of CertMag 2014 and a note about holiday publishing - CertMag

  4. Pingback: Standing Out with a Security Certification | Mike Chapple, CISSP, Ph.D.

Comments are closed.