According to a survey by InfoSecurity magazine that stated IT professionals’ average salaries overall decreased by 5.5%, while those in IT security increased by 3.1% show that experience in security is a valuable skill.
Furthermore, The US Department of Defense (DoD) Directive 8570.1-M requires every part-time or full-time military member or defense contractor that has access to a privileged DoD system to be held by trained and CERTIFIED personnel in a commercial certification to enhance Information Assurance (IA) of the US Department of Defense’s (DoD) information, information systems, and networks.
So how important is it to be certified if you want to work in the IT Security field? I would say important.
Being certified displays competency in IT security related terms and concepts. As a hiring manager, who has to interview over 100 candidates, having someone who speaks the IT Security language is helpful.
When looking into certification, you have vendor neutral and vendor specific IT security certifications. Below are a list of some of the more popular certifications:
Requires: 1 Exam
Approximate Cost = $199 ($149 for CompTIA members)
ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
GIAC Secure Software Programmer – Java (GSSP – JAVA)
GIAC Secure Software Programmer – .NET
The Show the software developer to think like an attacker
GIAC Security Audit Essentials
GIAC’s Certified Intrusion Analyst
Certified Penetration Tester (CPT)
Certified Expert Penetration Tester (CEPT)
Certified Wireless Security Professional (CWSP)
GIAC Certified Windows Security Administrator (GCWN)
Foote Partners’ “IT Skills and Certification Pay Index – Q3 2011 edition” indicates that the following security certifications translate into the highest pay premiums:
Certified Information Systems Security Professional (CISSP)
Information Systems Security Engineering Professional (CISSP/ISSEP)
GIAC Secure Software Programmer –.NET
CyberSecurity Forensic Analyst
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)
Cisco Security Solutions and Design Specialist
GIAC Reverse Engineering Malware (GREM)
GIAC Secure Software Programmer –Java
GIAC Systems and Network Auditor (GSNA)
Information Systems Security Architecture Professional (CISSP/ISSAP)
Security Certified Network Architect
Check Point Certified Master Architect (CCMA)