decorative

Top information security certifications

January 3, 2019

Staying current in your field not only helps you successfully meet your job requirements, it also makes it possible to compete for higher-level positions—and the salaries they bring.

In the field of information security, professional certifications show employers that you’re well versed in your industry, ready to meet a range of challenges, and committed to professional growth.

What are today’s most relevant certifications?

Information security career paths often start with a bachelor’s degree and then branch out into the world of certifications. These credentials, typically offered by professional associations, provide quantifiable evidence that you’ve got what it takes to get a specific job done right. Some are standard in the industry and virtually required to move out of entry-level positions. Others are optional, highlighting a specific focus or area of expertise.

Here’s a brief run-down of the industry’s most popular certifications:

Security+ from CompTIA

  • Foundational level, focusing on technical skills, broad knowledge, and expertise in multiple security-related disciplines.
  • Two years of experience is recommended, but none is required.
  • For those interested in security engineer, security consultant, network administrator, IA technician, IA manager, or similar positions.

Certified Information Systems Security Professional (CISSP) from (ISC)2

  • Widely considered the standard certification in the information security industry, the CISSP tests competency in 10 key areas.
  • Minimum of five years of paid, full-time experience in two key areas required.
  • For those interested in security consultant, IT director, security architect, security auditor, security architect, chief information security officer, director of security, or similar position.

Certified Information Systems Auditor® (CISA®) from ISACA®

  • Management-focused to delve into governance, risk management, compliance, incident management, program development, and ongoing management.
  • Minimum of five years of professional-level information security; three years must be as a security manager. Substitutions and waivers of such experience may be granted.
  • For those interested in information security officer or security consultant, information security manager, and chief information security officer, or similar position.

GIAC Security Essentials (GSEC) from GIAC

  • Covers a broad range of areas to demonstrate hands-on knowledge of an array of security roles.
  • No experience required.
  • For those interested in information security compliance, security analyst, security operations architect, compliance analyst, or similar position.

Certified Ethical Hacker (CEH) from EC-Council

  • Intermediate-level credential, focused on identifying system vulnerabilities, access points for penetration, and prevent unwanted access to network and information systems.
  • Training course is highly recommended. Eligibility can also be given for documented experience and education.
  • For those interested in penetration tester, network security specialist, ethical hacker, security consultant, site administrator, auditor, and similar positions.

CyberSec First Responder (CFR) from Logical Operations

  • Covers the skills needed by security professionals to protect digital assets before, during, and after a cyberattack.
  • Specialized training includes threat analysis, secure network and computing environment design, network defense, rapid response, and incident investigation.
  • Training courses approved for continuing education credits for select certifications from CompTIA or GIAC.
  • For those interested in working as first responders in the event of cyberattack.

GIAC Certified Enterprise Defender (GCED) from GIAC

  • Builds on security skills measured by GSEC without overlap.
  • Advanced certification which covers the technical abilities needed to defend enterprise environment and protect the whole organization.
  • Assesses skills in areas including defense network infrastructure, packet analysis, penetration testing, incident handling, and malware removal.
  • No specific training course required.
  • For those interested in enhancing security skills to manage the security of an entire organization or enterprise.

Cybersecurity Analyst (CSA+) from CompTIA

  • Vendor-neutral credential that applies behavioral analytics to improve information security.
  • Validates knowledge and skills required to configure and use threat detection tools, execute data analysis, and interpret results to find vulnerabilities, risks, and threats.
  • Exam is a performance-based assessment, including hands-on simulations.
  • No experience required, but a minimum of 3-4 years of practical information security experience is recommended. Intended to follow CompTIA Security+ or equivalent certification.
  • For those seeking higher level positions as security analysts, security specialist, threat intelligence analyst, Security Operations Center (SOC) Analyst, and similar roles.

You may also like

4 tips for creating a corporate culture of cybersecurity

November 26, 2019

Programming languages every technology pro should know

October 8, 2019

9 ways IT professionals save the day

September 5, 2019

Start learning today

Get started on your journey now by connecting with an enrollment counselor. See how Capella may be a good fit for you, and start the application process.