The job market for those who are or want to pursue computer security is promising. The lack of professionals with sufficient knowledge in this field is not a new problem and it seems that it will continue to increase in the coming years. In fact, 65% of the heads of the security or IT area agree that the lack of professionals with sufficient skills is negatively impacting the effectiveness of their teams, according to a report from the educational platform Cybrary.
Therefore, considering the high demand that exists, those who manage to develop their knowledge and skills have great possibilities of entering the labor market and / or growing professionally. As we saw recently, there are different professional profiles in this industry and to perform in this field there are several possible paths. Regarding the value of the certifications, it is worth mentioning that according to an ISSA report, 52% of security professionals consider that experience is more important than certifications, while 44% consider that they are of equal importance. On the other hand, many companies when recruiting professionals include certifications as part of the requirements in the job offer descriptions.
Beyond this, many of those in this industry decide to take a certification to validate their knowledge and in this way to open the doors to the experience that is needed to access better projects or positions according to individual interests.
Perhaps some profiles are more in demand than others, but the important thing is that, knowing this and taking into account the interests that each one may have, knowing the different roles and certifications that exist in this sector allows planning the development of a career. That is why, as part of a series of articles that we are publishing as part of the Antimalware Day celebration, we review some of the most popular certifications.
While there are a wide variety of certifications available and organizations that offer them, taking as reference the data from the report on the cybersecurity workforce prepared by (ISC) ² in 2019 and the ISSA report from 2020, the security certifications that most professionals currently have and the organizations that offer them are:
CISSP - (ISC) ²
CISSP with concentration - (ISC) ²
CCNA Security - Cisco
CCSP- (ISC) ²
CCIE Security - Cisco
CIW - Certifications Partners
GSAE - SANS / GIAC - GIAC Security Audit Essentials
CCSK - CSA
CISA - ISACA
CISM - ISACA
CASP + - CompTIA
Security + - CompTIA
CEH - EC Council
From the perspective of the organizations that offer certifications, according to the (ISC) ² report, those with the most professionals have been those offered by the following entities:
It is worth noting that in some cases certifications have a direct impact on salaries. According to the (ISC) ² study, there is a salary difference between those professionals in the industry who have certifications, although this difference is more evident in the United States and Asia-Pacific. In the case of Europe or Latin America, it exists, but the gap is not as great as in other regions.
Below we share more information about some of these and other certifications.
Note: the following is not intended to be exhaustive research and is not a list of certifications that we recommend. The purpose of this article is to provide an orientation that allows those interested to search for more information taking as a reference some of the most popular certifications.
We try to divide some according to the level of experience and specialization, although in certain cases the same certification can fall into more than one category and be useful for more profiles than those mentioned below. Therefore, it is recommended to read the specifications of each certification body.
For those people who are not specialized in any particular profile and who seek to carry out a certification that allows them to validate their theoretical knowledge, but without delving into the technical, some of the best known are:
CompTIA Security + - A certification in high demand by those just starting out. In addition to being one of the best known, it sets the basic concepts about cybersecurity in general and adapts to practically any role in the industry.
GSEC (GIAC Security Essentials): may have some similarities to CompTIA Security+ exam although it is more demanding.
CEH (Certified Ethical Hacker) - A very popular entry-level certification that is often seen as part of the requirements in job postings.
Certifications aimed at more specialized professionals
Once started on the professional path there are several specializations. We can say that for each area in particular there is a set of certifications that are, for the most part, aimed at those who have a more solid conceptual and technical base and who seek to validate advanced technical knowledge:
For an analyst (semi-senior or senior):
In this case, it is assumed that the person is already clear about the conceptual foundations and the technical part and that they are looking more than anything for certifications that validate a rather high technical level. Beyond the particular area of action that the analyst can perform, we start from the basis that he is a versatile professional or that he performs different types of tasks.
CAP (Certified Authorization Professional): to carry out this certification offered (ISC) ² it is required to be able to demonstrate two years of paid experience in the field of security. CAP allows to validate that the professional has advanced technical knowledge and knowledge for the maintenance of information systems within a risk management framework, since it teaches how to implement controls and is linked to the ISO 2700x standards.
For a semi-senior or senior pentester:
For those who do pentesting tasks or want to develop in this field, some of the most popular certifications are:
GPEN: The certifications offered by SANS (through GIAC) are some of the most valued from a technical point of view. Whoever has one of these certifications shows great knowledge, something that many companies seek to fill semi-senior or senior positions. However, it is important to bear in mind two aspects: they are usually demanding (even for those with experience) and also expensive.
OSCP: offered by Offensive Security, it is an option similar to the previous one and also well known in the industry.
OSCE - Also offered by Offensive Security, this is a very popular certification that requires you to pass a demanding 48-hour practical exam. Recently Offensive Security announced a program update. Students are advised to have the OSCP before attempting to obtain the OSCE.
GWAPT: Another certification offered by SANS through GIAC, but in this case oriented to web applications, also in high demand. Those who complete and pass this certification will have demonstrated their knowledge to deal with some of the security problems in web applications and their abilities to perform penetration testing.
For Incident Responder, Forensic Analyst and / or Threat Intelligence semi-senior or senior
In our post on professional profiles we mention the role of the Incident Respond, while the role of Threat Intelligence is that of the one who is permanently informed and investigates and collects information about threats, vulnerabilities, and incidents that occur to later analyze this information and then perform threat intelligence actions for the reality of the organization. Although, as in other areas, there are many certifications, some of the best known are:
GCFE (GIAC Certified Forensic Examiner): This is a highly technical and highly demanded certification for profiles engaged in Incident Response or forensic tasks.
SEC487: Another certification offered by SANS that in this case is oriented to the collection and management of public information sources, that is, more oriented to Threat Intelligence.
SEC541: Cloud Security Monitoring and Threat Hunting, also from SANS.
Other known certifications for these profiles can be EnCE, CCE.
For a Cloud / Network security Engineer:
Certifications for infrastructure, whether physical or in the cloud, are usually more related to a specific brand (the one used by the company you hire). In any case, one of the best known among those offered by certification bodies is CCSP (Certified Cloud Security Professional) granted by (ISC) ².
For managers or team leaders:
Although the certifications that are requested for professionals who occupy leadership roles in a company do not prioritize the technical part so much, what companies do seek is that those who assume these positions can verify deep knowledge about methodological aspects of applied security throughout and width of the company:
CISSP: as we mentioned above when we refer to this certification offered by (ISC) ², it is highly demanded and is usually a "guarantee of confidence", since to obtain it it is necessary to demonstrate that the person has at least 5 years of experience working in this field. It is a very theoretical certification.
Other certifications for leadership officers that we could mention are CISM and CISA, both offered by ISACA.
The reality is that there are many more certifications. Considering that there are several different titles to describe the different positions that a professional can occupy in the security industry, we hope that this list will serve as a guide so that those interested in expanding or validating their knowledge have a reference where to start looking.
And you, what certification would you recommend and why? Tell us in the comments so that other readers can read your opinion.