The Top Cybersecurity Certifications Employers Look For

TABLE OF CONTENTS

Cybersecurity remains a profession shaped by certification. In fact, according to tech industry job market analytics firm Burning Glass Technologies, about one-third of all cybersecurity jobs demand industry certification, compared to just 23 percent for other IT jobs.

According to Cyberseek, a project sponsored by the National Institute of  Standards and Technology (NIST), there were nearly 780,000 people employed in cybersecurity roles in the U.S. in 2017. But there were also 350,000 unfilled positions in the field. According to research from ISACA, that’s because 84 percent of employers believe that less than half of the candidates for those jobs are actually qualified to fill them. As a result, better than 50 percent of those organizations experience delays of six months or longer finding a qualified candidate.

This is the gap that certifications can help close.

In addition to serving as a benchmark for the skills and knowledge required to perform the specific cybersecurity job functions employers require, certification can also improve your earning potential and help set you up for career progression.

This can make getting the right certification a game changer. As far back as 2014 there were almost 50,000 vacant positions calling for CISSP (Certified Information Security Profession) certification, while data from the Information System Security Certification Consortium showed only around 65,000 CISSPs nationwide… and most of them already had jobs.

This dynamic has fueled rapid and lucrative pay increases throughout the security industry for certified staff. A 2015 ISACA survey found a nearly 6 percent jump in salaries for CISSP holders since the 2013 survey.

Reading the Tea Leaves in Current Certification Trends

It’s clear that cybersecurity certification can be a serious shot in the arm for your career, but which certificate to get, and how much of a boost it will actually give you is harder to quantify.

In a fast moving field like cybersecurity it can be tricky to stay on top of current trends when it comes to industry demand for certain certification and the salaries that come along with it. Hard data is difficult to come by and different salary surveys return different results. Those released even months apart can show dramatic differences in average pay rates and even bigger differences in the popularity of different certifications.

In 2014, none of the top ten highest paying cybersecurity certifications cracked the $100,000 average salary mark. In 2017, all of them do.

Our Pick for the Best Certifications at Different Stages of Your Career

In this environment, it can be very tricky trying to figure out what certifications you should be most interested in. The dollar value attached to a particular certificate isn’t the whole story—demand varies by specialty, and your decision about how to specialize probably won’t revolve around any one single certification.

Even within a particular specialization, the certification path you choose can carry some real weight.

Here, we lay out the best certifications for people interested in entering and advancing in those specialties. There are many more that are applicable in each of these areas, and you could very well find that some of those are more relevant to your particular needs or budget… But what we’re showing you here are the ones that are most lucrative, most popular, and most in-demand within the respective specialty areas, and the ones we feel will best prepare you to rule in the niche role each one covers.

In evaluating these certifications, we consider a number of different factors:

 

  • Popularity – Both in terms of employer demand and among cybersecurity professionals. More popular certifications will have more training resources available and sometimes better options for taking the tests.
  • Cost – Certification bodies don’t offer exams and neatly embossed pieces of paper out of the goodness of their hearts; certification costs money, so we consider the best bang for your buck.
  • Salary – The bottom line decision on getting a certification revolves around cost and benefit, and a higher salary is the most obvious benefit.
  • Career Influence – Good certifications don’t just boost your salary, but will also increase your value to employers over the long term, making higher-paying, more interesting jobs accessible and boosting your chances of promotion.

 

We’ve crunched the numbers and read the tea leaves to figure out which certifications are your best option for particular common cybersecurity specialties.

Start with One of Three General Certifications to Build The Foundation

Security +
Cost: $320

CompTIA’s entry-level credential is the gold standard for early career cybersecurity professionals. Two years of experience are recommended but not required, so you could take the 90 minute, 90 question exam tomorrow if you wanted to. Fulfilling DoD requirements and meeting the ISO 17024 standard, Security + is a safe and popular choice.

GSEC (GIAC Security Essentials Certification)
Cost: $1,239

GSEC is the most expensive entry-level exam, but also the most comprehensive, with 180 questions administered in a proctored on-site exam.

SSCP (Systems Security Certified Practitioner)
Cost: $250

The SSCP is an entry-level option from (ISC)², which also offers the gold standard CISSP certification. The SSCP requires one year of experience, although a bachelor or higher degree can serve in lieu of time on the job. The test has 125 questions.

Security + beats out the other options with an average starting salary of $94,000 compared to only $70,000 for the SSCP and $77,000 for the GSEC, although this probably also reflects the sheer range of positions that specifically look for the Security + credential. But that range of options is nothing but good news when you’re new to the cybersecurity job market, since you likely won’t settle on a final career path without bouncing around through a few different positions first.

All three are on the approved pathway to the next credential, the one credential to rule them all…

After a Few Years in the Field… One Certification To Rule Them All: The CISSP

The CISSP (Certified Information Systems Security Professional) is hardly an entry-level certification, requiring five years of on the job experience and in-depth knowledge in at least two out of eight common information security knowledge domains. It is the one certification you can get that you can be sure is most widely accepted, most in-demand, most broadly applicable, and the most generally lucrative in almost any cybersecurity specialization.

CISSP holders earn an average salary of $121,729. The exam has 250 questions and costs $599. You may satisfy one year of the five year experience requirement with either a bachelor’s degree or higher or an approved credential from the CISSP pathway.

A CISSP is not a must-have, and for your individual progression it may be less useful than some other certifications. But if you had to pick a certification to go for that isn’t specific to a particular niche, the CISSP is the clear choice today.

Our Pick for the Best Certifications By Specialty

We’ve used the five archetypical roles selected and tracked by Robert Half, a job market research and staffing firm, to provide their 2018 IT salary predictions for each job title. Although no two jobs, or careers, in cybersecurity are identical, these five provide a good baseline of the types of roles you will be gunning for, whether you’re just getting into the field or looking to advance. According to Robert Half, certifications can provide a five to ten percent bump in your base salary, pushing you toward the upper end of the ranges shown here.

Data Security Analyst – $102,000 to $171,500

This role should be seen as a proxy for all types of consulting, analysis, and cyberintelligence gathering, including penetration testers and auditors. Analysts may assist in analyzing security postures and formulating security policies for an organization.

Our pick for the best certifications in the area of data security analysis:

  • Certified Information Systems Auditor (CISA)
  • EC-Certified Security Analyst (ECSA)
  • GIAC Penetration Tester (GPEN)
  • Certified Cyber Forensics Professional (CCFP)
  • EC-Certified Ethical Hacker (CEH)

Systems Security Administrator – $92,750 to $156,000

Systems security administration roles are the most front-line, customer or staff-facing security positions. Systems administrators handle securing and overseeing individual servers or desktop systems and may be responsible for daily monitoring and incident response.

Our pick for the best certifications in the area of systems security administration:

  • Certified Authorized Professionals (CAP)
  • GIAC Certified Incident Handler (GCIH)
  • Specialized platform certifications: various certifications are available for operating systems or applications that could be important to your employer. These hyper-specialized certifications can be more valuable in certain roles than more well-known, but generic certifications.

Network Security Administrator – $92,000 to $155,000

This role covers all types of network-related security administration, from monitoring to response to authentication system management. This differs from systems security administration positions primarily in the breadth of scope, since network security administrators deal with network infrastructure as well as connected devices.

Our pick for the best certifications in the area of network security administration:

  • GIAC Certified Incident Handler (GCIH)
  • Check Point Certified Security Administrator
  • Certified Authorized Professionals (CAP)

Network Security Engineer – $97,000 to $163,000

This role includes most systems and cloud security engineering positions and could be considered a precursor to even more specialized architecture positions. It does not, however, cover software engineering or other programming positions. Almost uniquely, these positions will tend to value vendor-specific certifications more highly than industry-standard certifications, depending on the underlying hardware and software in use on the network.

Our pick for the best certifications in the area of network security engineering:

  • Cisco Cybersecurity Specialist
  • Cisco Certified Network Administrator – Security (CCNA – Security)
  • Juniper Networks Certified Professional Security (JNCIP-SEC)
  • CISSP Concentration in Architecture (ISSAP): a concentration available in the CISSP track

Information Systems Security Manager – $145,000 to $248,000

This role includes most management track cybersecurity positions, including CISO and network security managers.

Our pick for the best certifications in the area of information systems security management:

  • Certified Information Security Manager (CISM)
  • Certified in Risk and Information Systems Control (CRISC)
  • Certified Information Privacy Manager (CIPM)
  • Certified Chief Information Security Officer (CCISO)

Our Take on the Top Cybsecurity Certification Based on Salary and Demand

Certifications are worth money to employers, and some certs will boost your pay more than others. For example, professionals holding a Security+ designation, one of the most common entry-level certifications for cybersecurity professionals, earned an average salary of $89,147 in 2017 according to a survey by training firm Global Knowledge.

But you don’t want to stop at entry level—you want to know what certifications are going to command top dollar. A Security+ gets your foot in the door, but you’ll have to dig in for more advanced training to maximize your earning potential.

We have good news for you—with the right certifications, you’re looking at six-figure salaries all across the board. None of the top ten come in with an average salary below $120,000.

Cybersecurity professionals are needed in every niche, but there are some specialties that are more in demand than others. A CISSP, for instance, can find a position almost anywhere in the country, choosing from tens of thousands of openings. A CSSLP, on the other hand, may command a higher salary, but have only a couple hundred openings to choose from.

Pulling data from the multiple surveys cited here and doing our own review of industry demand based on which certifications are most often showing up in job postings, we put together our own list of the certs we feel are worth your time and money.

The top cybersecurity certification available in terms of demand and salary potential are:

Title Demand Salary
Certified Secure Software Lifecycle Professional (CSSLP) Low $143,2108*
Certified Chief Information Security Officer (CCISO) Low $143,050*
Check Point Certified Security Administrator Medium $136,270**
Certified in Risk and Information Systems Control (CRISC) Medium $131,298***
GIAC Certified Incident Handler (GCIH) Medium $130,410**
Certified Information Systems Manager (CISM) High $128,540***
Certified Information Privacy Professional (CIPP) Low $125,000***
Certified Information Systems Auditor (CISA) High $122,480*
Certified Information Systems Security Professional (CISSP) High $121,729***
Certified Authorization Professional (CAP) Low $120,480*

***2017 information
**2016 information
*2015 information

Each of these credentials are valuable in their own right, but they aren’t the end of the line. Although impossible to quantify across the industry generally, it’s clear that holding multiple certifications is an even bigger salary booster.

A 2017 analysis by IAPP (International Association of Privacy Professionals), the leading authority in privacy certifications, found that the median salary for people who held more than one certificate was $137,200. Moreover, those people were 24 percent more likely to receive a bonus than people with no credentials.

Other Analyses on the Best Cybersecurity Certifications to Hold

We looked at surveys performed by certification venders and findings from industry analyses performed by third party firms with no conflicting interests. The idea is to give you the full picture, including outside analyses on which certifications might be the most valuable for career progression and which ones are most popular among both cybersecuity professionals new to the game and industry vets looking to keep their edge.

Most Valuable for Career Opportunities and Advancement

The majority of respondents (58 percent) in a SANS Institute 2014 survey cited network and IT security certification as the biggest contributor to their career success, with many reporting these certifications as being “critical” to their success in cybersecurity.

Certification in the cybersecurity sphere is often the first filter employers use to separate real candidates from mere applicants. For the professionals themselves, certification is a way to build skillsets, demonstrate advanced competency in a specialty area, and show their commitment to pursuing new knowledge and skills.

Respondents in the SANS Institute survey reported on their own appraisal of the value of the top certifications when it comes to breaking into the field and advancing in it:

  • GIAC Security Expert (GSE)
  • Certified Information Systems Security Professionals (CISSP)
  • GIAC Certified Forensics Analyst (GCFA)
  • GIAC Penetration Tester (GPEN)
  • GIAC Industrial Cyber Security Professionals (GICSP)
  • GIAC Certified Incident Handler (GCIH)
  • ISACA Certified Information Systems Auditor (CISA)
  • GIAC Security Essentials Certification (GSEC)
  • GIAC Certified Intrusion Analyst (GCIA)
  • GIAC Security Leadership Certification (GSLC)
  • CompTIA Security+
  • ISC (2) Certified Cyber Forensics Professional (CCFP)
  • EC-Council Certified Ethical Hacker (CEH)
  • Cisco Certified Network Professional (CCNP)
  • Cisco Certified Security Professional (CCSP)

Most Popular Entry-Level and Advanced Certifications

What other people are doing isn’t by itself the best basis for a decision on which credentials are the best choice, but it’s something worth knowing. A 2017 survey conducted by industry analyst firm ESG and ISSA, together with a survey from staffing firm Robert Half, revealed that the most popular entry-level certifications (those that require less than 3 years of experience) for cybersecurity professionals were:

  • Systems Security Certified Practitioner (Security+)
  • Certified Ethical Hacker (CEH)
  • Check Point Certified Security Administrator

Also noted in a broader, but older 2014 SANS survey were:

  • GIAC Security Essentials (GSEC)
  • Certified Information Privacy Professionals (CIPP)
  • Systems Security Certified Practitioner (SSCP)

Advanced certifications (those that require about 3 to 5 years of experience) that cybersecurity analysts, architects, engineers, administrators and auditors most often held were:

  • Certified Information Systems Security Professionals (CISSP)
  • Certified Information Security Manager (CISM)

These advanced certifications were noted in the 2014 survey:

  • Certified Information Systems Auditor (CISA)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Intrusion Analyst (GCIA)

The Most Recognized Cybersecurity Certification Vendors and Training Providers

The number of cybersecurity certifications has exploded over the past decade—we list 143 certifications and multi-certification training courses on this page alone, and that number almost certainly went up even since this page went live.

In the interest of objectivity, we’ve listed all the top venders here. Some training courses shown here award multiple certifications. Consult the training providers’ website for details on the certifications each course awards.

CERT: Carnegie Mellon University Software Engineering Institute

  • Insider Threat Program Manager (ITPM) Certificate
  • Insider Threat Vulnerability Assessment (ITVA) Certificate
  • Insider Threat Program Evaluator (ITPE) Certificate
  • SEI Certificate in Incident Response Process
  • SEI Certificate in Information Security
  • CISO-Executive Certificate
  • CERT Certificate in Digital Forensics
  • CRO Certificate Program
  • Secure Coding Professional Certificate: C and C++
  • Secure Coding Professional Certificate: Java

Certified Wireless Network Professional

  • Certified Wireless Security Professional (CWSP): Professional-level

CompTIA

  • Security+
  • Comptia Advanced Security Practitioner (CASP)

The CompTIA Security+ certification serves as a benchmark for best practices in IT security by covering the essential principles for network security and risk management. It is recommended that candidates for the Security+ exam possess at least two years of experience in IT administration with a security focus.

Exam topics cover:

  • Network security
  • Compliance and operation security
  • Threats and vulnerabilities
  • Application, data, and host security
  • Access control
  • Identity management
  • Cryptography

EC-Council

  • Certified Ethical Hacker (CEH)
  • Certified Network Defender (CND)
  • Certified Network Defense Architect (CNDA)
  • Certified Incident Handler (CIH)
  • Certified Encryption Specialist (ECES)
  • Computer Hacking Forensic Investigator (CHFI)
  • Licensed Penetration Tester (LPT)
  • Certified Secure Programmer (ECSP)
  • Disaster Recovery Professionals (EDRP)
  • Certified Chief Information Security Officer (CCISO)
  • Certified Secure Computer User (CSCU)
  • Certified Security Analyst (ECSA)
  • Certified Security Specialist (ECSS)

Global Information Assurance Certification (GIAC)

  • GIAC Security Essentials (GSEC): security administration

The GSEC certification is an entry-level certification that requires no specific training.  The GSEC exam consists of 180 questions on topics such as:

  • Critical security controls
  • Authentication and password management
  • Attacks and countermeasures
  • Firewalls
  • Information warfare

Candidates for the GSEC exam may achieve the required knowledge through practical training, books on computer information security, a course provided by SANS or another training provider.

  • GIAC Certified Incident Handler (GCIH): security administration

The GCIH designation is designed for incident handlers who manage security incidents by understanding common attack techniques, vectors, and tools and who can defend against and/or respond to such attacks when they occur. No specific training is required for the GCIH designation.

  • GIAC Certified Intrusion Analyst (GCIA): security administration

The GCIA is designed for individuals responsible for network and host monitoring, traffic analysis, and instruction detection. No specific training in required for the GIAC designation; however, candidates should have the ability knowledge, skills, and abilities to configure and monitor intrusion detection systems and to read, interpret, and analyze network traffic and related log files.

  • GIAC Certified Forensic Analyst (GCFA): forensics
  • GIAC Penetration Tester (GPEN): security administration
  • GIAC Security Leadership (GSLC): management
  • GIAC Web Application Penetration Tester (GWAPT): security administration
  • GIAC Certified Forensic Examiner (GCFE): forensics
  • GIAC Reverse Engineering Malware (GREM): forensics
  • GIAC Systems and Network Auditor (GSNA): audit
  • GIAC Certified Perimeter Protection Analyst (GPPA): security administration
  • GIAC Certified Windows Security Administrator (GCWN): security administration
  • GIAC Information Security Fundamentals (GSIF): security administration
  • GIAC Certified Enterprise Defender (GCED): security administration
  • GIAC Information Security Professional (GISP): management
  • GIAC Assessing and Auditing Wireless Networks (GAWN): security administration
  • Global Industrial Cyber Security Professional (GICSP): security administration
  • GIAC Exploit Researcher and Advanced Penetration Tester (GXPN): security administration
  • GIAC Certified UNIX Security Administrator (GCUX): security administration
  • GIAC Certified Windows Security Administrator (GCWN): security administration
  • GIAC Secure Software Programmer – Java (GSSP-JAVA): software security
  • GIAC Mobile Device Security Analyst (GMOB): security administration
  • GIAC Network Forensic Analyst (GNFA): forensics
  • GIAC Critical Controls Certification (GCCC): security administration
  • GIAC Certified Web Application Defender (GWEB): software security
  • GIAC Law of Data Security and Investigations (GLEG): legal
  • GIAC Continuous Monitoring Certification (GMON): security administration
  • GIAC Secure Software Programmer – .NET (GSSP-.NET): software security
  • GIAC Certified Project Manager (GCPM): management
  • GIAC Python Coder (GPYC): security administration
  • GIAC Advanced Smartphone Forensics (GASF): forensics
  • GIAC Response and Industrial Defense (GRID): security administration
  • GIAC Cyber Threat Intelligence (GCTI): threat monitoring
  • GIAC Critical Infrastructure Protection (GCIP): security administration

International Association of Privacy Professionals

  • Certified Information Privacy Professional (CIPP) – law and regulations

The CIPP designation is an entry-level certification that details a cybersecurity professional’s knowledge about privacy laws and regulations. The CIPP designation provides five concentrations:

  • Asia
  • Canada
  • Europe
  • S. Government
  • S. Private Sector
  • Certified Information Privacy Manager (CIPM) – operations
  • Certified Information Privacy Technologist (CIPT) – technology

Information Assurance Certification Review Board (IACRB)

  • Certified Expert Penetration Tester (CEPT)
  • Certified Application Security Specialist (CASS)
  • Certified SCADA Security Architect (CSSA)
  • Certified Reverse Engineering Analyst (CREA)
  • Certified Penetration Tester (CPT)
  • Certified Data Recovery Professionals (CDRP)
  • Certified Computer Forensics Examiner (CCFE)

International Information Systems Security Certification Consortium, Inc. (ISC²)

  • Certified Information Systems Security Professionals (CISSP)
  • Certified Cloud Security Professional (CCSP)
  • Systems Security Certified Practitioner (SSCP)

The SSCP credential is an entry-level certification that requires candidates to possess at least one year of related experience to qualify to take the exam. SSCP holders have proven their ability to implement, monitor, and administer IT infrastructure according to information security policies and procedures that ensure data integrity, availability, and confidentiality. Candidates can prepare by studying the related textbooks provided by ISC².

  • Certified Authorized Professionals (CAP)
  • Certified Secure Software Lifecycle Professional (CSSLP)
  • Healthcare Information Security and Privacy Practitioner (HCISPP)
  • CISSP Concentration in Architecture (ISSAP)
  • CISSP Concentration in Engineering (ISSEP)
  • CISSP Concentration in Management (ISSMP)

ISACA

  • Certified Information Systems Auditor (CISA)

The CISA designation is a globally recognized certification for IS audit control, assurance, and security professionals. To qualify to take the CISA exam, candidates must possess at least 5 years of professional information systems auditing, control, or security work experience. Candidates can prepare to take the CISA exam by obtaining CISA Exam preparation resources through ISACA and the chapters that host CISA Exam review courses.

  • Certified Information Security Manager (CISM)

The CISM designation allows cybersecurity professionals to demonstrate their information security management expertise. Candidates must possess at least 5 years of information security work experience, with at least 3 of those years in information security management to quality to take the CISM exam.

  • Certified in the Governance of Enterprise IT (CGEIT)
  • Certified in Risk and Information Systems Control (CRISC)
  • Cybersecurity Nexus (CSX, CSX-P)

Learning Tree International

  • Network Infrastructure Defender
  • Incident Responder
  • Security and Vulnerability Assessor
  • Digital Forensics Investigator
  • Systems Security Analyst
  • Activity Based Intelligence Analyst
  • Exploitation Analyst
  • Information Systems Security Officer (ISSO)
  • Chief Information Security Officer (CISO)

McAfee Institute

  • Certified Cyber Investigative Expert (CCIE)
  • Certified Forensic HiTech Investigator (CFHI)
  • Certified Cyber Threat Forensic Investigator (CTFI)
  • Certified Cyber Intelligence Investigator (CCII)
  • Certified E-Commerce Fraud Investigator (CEFI)
  • Certified Counter Intelligence Threat Analyst (CCTA)
  • Certified Cyber Intelligence Professional (CCIP)
  • Certified Expert in Cyber Investigations (CECI)
  • Certified Social Media Intelligence Analyst (SMIA)
  • Certified Social Media Intelligence Expert (CSMIE)

Mile2

  • C)ISSO Certified Information Systems Security Officer
  • C)PTE Certified Penetration Testing Engineer
  • C)PTC Certified Penetration Testing Consultant
  • C)DRE Certified Disaster Recovery Engineer
  • C)DFE Certified Digital Forensics Examiner
  • C)NFE Certified Network Forensics Examiner
  • C)SWAE Certified Secure Web Applications Engineer
  • C)SWAC Certified Secure Web Applications Consultant
  • C)IHE Certified Incident Handling Engineer
  • C)WSE Certified Wireless Security Engineer
  • C)VA Certified Vulnerability Assessor
  • C)SLO Certified Security Leadership Officer
  • C)PEH Certified Professional Ethical Hacker
  • C)ISSM Certified Information Systems Security Manager
  • C)ISSA Certified Information Systems Security Auditor
  • C)ISRM Certified Information Systems Risk Manager
  • ISCAP Information Systems Certification and Accreditation Professional
  • C)SP Certified Security Principles
  • C)SAP Certified Security Awareness Principles
  • C)VE Certified Virtualization Engineer
  • C)VSE Certified Virtualization Security Engineer
  • C)CSC Certified Cloud Security Consultant
  • C)VDE Certified Virtual Desktop Engineer
  • C)ISS Certified IPv6 Security Specialist
  • C)VFE Certified Virtualization Forensics Examiner
  • C)PCE Certified PowerCLI Engineer
  • C)CSO Certified Cloud Security Officer
  • C)VCP Certified Virtualization and Cloud Principles
  • C)ISMS-LA Certified Information Security Management Systems Lead Auditor
  • C)ISMS-LI Certified Information Security Management Systems Lead Implementer

Security University
(Each CoM includes multiple industry certifications)

  • Q/ISP CoM Qualified/Information Security Professional Certificate of Mastery
  • Q/IAP CoM Qualified/Information Assurance Professional Certificate of Mastery
  • Q/WP CoM Qualified Wireless Professional Certificate of Mastery
  • Q/SSE CoM Qualified/Software Security Expert Certification Certificate of Mastery
  • Q/CDA CoM Qualified/Cyber Defense Analyst Certificate of Mastery

Logical Operations

  • CyberSec First Responder

Offensive Security

  • Offensive Security Certified Professional (OSCP)
  • Offensive Security Wireless Professional (OSWP)
  • Offensive Security Certified Expert (OSCE)
  • Offensive Security Exploitation Expert (OSEE)
  • Offensive Security Web Expert (OSWE)

Back to Top