Information technology security can be a promising career path. Everyone needs to not only feel secure online, but to know that their data is protected. With cloud-based services and virtual office options more popular than ever, governments, corporations and individuals all require rigorous security standards and protocols maintained and managed by the best of the best: you!
As with any career, first getting a foot in the door in the IT world is the all-important initial task, and it can take years of study to reach that goal. And if you’re happy where you land, that’s great! If not, don’t forget to keep setting milestones to move ahead in your career. Whether you just want a new position or a brand-new employer, don’t expect your career to get a boost by happenstance: get your skills certified in order to make yourself more marketable.
There are numerous IT security certifications to choose from, but here is a list of 7 top choices to help you explore your options and size up the credentials of your competition.
1. EC-Council Certified Ethical Hacker (CEH). The EC-Council offers a number of professional certificates, but the CEH and ECSA (see below) are two of the most advantageous to those in the IT security sector. CEH is also the most common of all of their certificates, and demonstrates practical skills in current hacking methods.
2. (ISACA) Certified Information Systems Auditor (CISA). Although ISACA offers additional certifications, CISA and CISM (see below) are the most common. If you have spent at least 5 years working within the fields of information systems assurance, auditing, control or security, and want to focus more attention on auditing, the CISA is a great way to show your chops. You’ll have 4 hours to answer 200 questions. A minimum score of 450 is required to pass.
3. (ISACA) Certified Information Security Manager (CISM). For this certificate, you must have spent at least 3 years already working as an information security manager, plus an additional 2 years in any information security role. As with the CISA, there are 200 questions that must be answered in 4 hours, and a score of at least 450 is required to pass.
4. (ISC)² Certified Information Systems Security Professional (CISSP). To be eligible for this certification test, you must have at least 5 years of experience working in at least two qualifying domains of information security. You’ll have a full 6 hours to complete 250 questions, aiming for a passing score of 70 percent.
5. EC-Council Certified Security Analyst (ECSA). This certificate shows potential employers that you are able to analyze ethical hacking procedures and outcomes, lowering the risks of informational security breaches. It is a 4-hour, 150 question exam with a minimum passing score of 70 percent. System, Firewall or Network Server Administrators can all benefit from adding ECSA credentials to their resumes.
6. GIAC Security Essentials (GSEC). Although it comes with a hefty price tag (it can cost over $5,000 to simply prepare for the test with self-study materials), a GSEC might pay for itself if it gives you the career boost you’re looking for. This certification shows proficiency in security administration, audits, forensics, legalities, management and software security. You’ll have 5 hours to answer 180 questions, and you must score above 73 percent to pass.
7. (ISC)² Systems Security Certified Practitioner (SSCP). Not quite ready for your CISSP? Try your hand at the SSCP first. It is only half as long (3 hours for 125 questions) and requires participants to have only at least a year of full-time work in a qualifying domain.
Don’t let the cost of some of these certificates deter you. In some cases, your employer may agree to pay for all or part of the expense in the name of “continuing education.”
This list is only the tip of the iceberg. Which certificates do you think define the future of IT security? Share them in the comments below.
Cathy Habas is a a professional writer and guest contributor.