Have you ever noticed just how competitive the world is? Whether it is simply getting hired or getting paid what you are worth, even the best-qualified applicants with years of experience know that today’s job market can be a tough one.
So how does someone prepare for a world with heavy competition and fiscally conservative employers? To complement their education and experience and to demonstrate their skills as subject matter experts, today’s information security professionals are seeking cyber security certifications.
Keep in mind that cyber security certifications typically require additional work experience and/or studies beyond a degree in IT security. When pursuing a certification, you do not need to spend countless hours studying. Stick to a time management plan, and if you can spend 20 minutes a day, you could reasonably expect to be prepared to take your chosen certification in about three to four months, given that you have work experience.
What do you do if you do not have work experience? Think about what you do – are you a help desk operator? Is your PC protected? Do you have any authentication logins? Learn about them. Do you work in retail? Learn about scanners and theft deterrent devices. Almost any industry you work in will use technology, so there are ways you can expand your security knowledge.
Which certifications should you pursue? This depends on many factors that include your current level of experience, ability to afford the cost of certification and the amount of time you want to dedicate to the process of studying for the certification exam.
Your personality may also be a factor in the career path you take. Organizations like Myers-Briggs provide a personality profile test that can help you gauge the degree to which you are an introvert or an extrovert. Different career choices will naturally place you into a technical role with less human interaction or one where you interface more with people than systems. You should, above all things, consider what makes you happy and pursue a career that will position you to enjoy going to work every day.
What certifications are the most popular? Keep in mind that cyber security certifications typically require additional work experience and/or studies beyond a degree in an IT security-related field. Three of the most popular that this author would recommend pursuing include the CISSP, SSCP, and CompTIA Security+.
Offered by the International Information Systems Security Certification Consortium organization, known as (ISC)2, the CISSP® certification was created as a standard of achievement to confirm a professional’s knowledge in the field of information security. Per the (ISC)2 website, CISSPs are “information assurance professionals who define the architecture, design, management and/or controls that assure the security of business environments. It was the first certification in the field of information security to meet the stringent requirements of ISO/IEC Standard 17024.” Candidates for the CISSP are required to have five years of experience in two of the 10 domains (access control, software development security, etc.) that the certification addresses.
Also governed by (ISC)2, this certification covers various topics within the information security discipline but is more geared toward those earlier in their careers, as it is open to candidates with as little as one year of experience. According to (ISC)2, the certification could be a fit for those working toward careers as Network Security Engineers, Security Systems Analysts or in Security Administration, although it provides a good understanding of security for individuals who have job descriptions that touch on information security.
CompTIA Security+ is offered by IT-industry trade organization CompTIA. The exam, which requires two years of experience in network administration with a focus on security, covers entry-level domains in the field of information security, with access control, identity management and cryptography among the featured arenas. Individuals who are trying to get a start in the field of cyber security often consider this certification as more accessible than others.
No certification is perfect for everyone; consider your current job and your future plans when determining what certifications are best for you. You should also consider whether you want a vendor-neutral or vendor-specific certification. Finally, consider adding a certification in a growing area, such as mobile forensics, which is becoming a very big field. By considering all of your options, you can make the best choice for your career path.