Are security certifications worth the money? Which ones are really needed to enter and advance in the field? If we had a dime for every time we’ve heard those questions …
As to the first question, yes, says Candy Alexander, CISO and security practice lead at NeuEon who also is on the board of the Information Systems Security Association (ISSA).
“Certifications work,” she says. “I know people who are hiring managers and they will first hire people with certifications.”
Tom Eston, practice director for application security at Bishop Fox, and a hiring manager, agrees. If 100 resumes for an entry-level job come in and 25 of them have CompTIA’s Security+ certification, those 25 go into a group of people he will consider.
“For someone more junior, I like to know how passionate they are about learning,” he says. “I’ll ask them what they do in their off-time? Do they have a lab at home? What kind of drive and passion do they have for the field?”
What follows are short writeups of the leading certifications to give readers a sense of how best to allocate their time and money, especially since many companies tend not to pay for certifications as much today. And if you’re still feeling overwhelmed at the end, Alexander suggests seeking out a mentor who can help you sort out a path.
Steve Zurier has more than 30 years of journalism and publishing experience and has covered networking, security, and IT as a writer and editor since 1992. Steve is based in Columbia, Md. View Full Bio