When it comes to the information security field, there's no denying job opportunities abound. But landing a top-notch cyber security position often requires more than experience and a college degree.

According to a 2014 Burning Glass report, 51 percent of all cyber security job postings request at least one security-related certification. That's a steep jump compared with IT positions, where only 14 percent of postings request a certification of any kind.

"Certifications take knowledge and experience to the next level," says Saint Leo University's Dr. Sreekanth Malladi, associate professor of computer science in the university's new master's cyber security degree program. "They indicate a level of mastery, which assures prospective employers that a job applicant is prepared to take on the challenges of the position."

In the Burning Glass report, the most requested certification is Certified Information Systems Security Professional (CISSP), followed by Certified Information Systems Auditor (CISA), CompTIA Security+, and Certified Information Security Manager (CISM).

Certification % of Cyber Security Postings # of Cyber Security Postings, 2013
CISSP 24% 49,522
CISA 16% 33,290
Security+ 8% 17,019
CISM 7% 15,083
GIAC Security Essentials 3% 5,639
CIPP 2% 4,168
SSCP 2% 4,039
GIAC GCIH 2% 3,163

Burning Glass Technologies, 2014

Here's a quick look at the eight most commonly requested certifications for cyber security professionals.

CISSP – Certified Information System Security Professional - Considered the gold standard among security certifications, CISSP is the oldest security certification and is recognized worldwide. Holders of this designation possess the knowledge and skills necessary to develop, guide and manage an organization's security standards, policies and procedures. A minimum of five years' experience in specified domains, such as application development security, is required for this certification, which requires 120 hours of continuing professional education every three years to maintain.

Administered by the International Information Systems Security Certification Consortium, or (ISC)
https://www.isc2.org.

CISA – Certified Information Systems Auditor – A globally recognized certification for information systems audit control, assurance and security professionals. Holders of this designation have advanced audit experience, skills and knowledge and are capable of managing vulnerabilities, ensuring compliance and instituting controls within an organization. A minimum of five years' experience in professional information systems auditing, control or security work experience is required for certification, which requires 120 hours of continuing professional education every three years to maintain.

Administered by the Information Systems Audit and Control Association (ISACA) www.isaca.org.

Security+ – An entry-level certification that demonstrates basic security knowledge across a range of domains. This certification, which is a mandated certification for the U.S. Department of Defense, does not have any prerequisites or experience requirements, although two years of networking experience with emphasis on security is recommended.

Administered by the Computer Technology Industry Association, or CompTIA www.comptia.org.

CISM – Certified Information Security Manager – A management-focused IT certification for individuals who design, build and manage enterprise information security programs. This certification, which is recognized globally, is considered the leading credential for information security managers. To maintain certification, holders must complete 120 hours of continuing professional education every three years.

Administered by the Information Systems Audit and Control Association (ISACA) www.isaca.org.

GIAC Security Essentials – A basic certification that demonstrates competence in IT systems hands-on roles with respect to security tasks. No specific training or experience is required for this certification; however candidates are required to demonstrate an understanding of information security beyond simple terminology and concepts. Certification must be renewed every four years.

Administered by Global Information Assurance Certification (GIAC) www.giac.org.

CIPP – Certified Information Privacy Professional – A widely recognized certification that represents a foundational understanding of global concepts of privacy and data protection law and practice within one of four concentration areas: U.S. Private Sector, Canada, Europe or the U.S. Government. To remain certified, holders of this designation must complete a minimum of 10 continuing privacy education hours each year.

Administered by the International Association of Privacy Professionals (IAPP) https://privacyassociation.org.

SSCP – Systems Security Certified Practitioner – An entry-level IT certification that demonstrates proficiency in IT security. Certification is open to all candidates with one year's experience and is ideal for individuals working in or toward positions such as network or security administrator, network security engineer, database administrator, security architect or systems analyst. To remain certified, holders of this designation must complete 40 hours of continuing professional education every three years.

Administered by the International Information Systems Security Certification Consortium, or (ISC) https://www.isc2.org.

GIAC GCIH – Certified Incident Handler – A certification designating proficiency in detecting, responding to and resolving computer security incidents. Holders of this credential understand common attack techniques, vectors and tools and are trained to defend against and/or respond to such attacks when they occur. This certification carries no specific training or experience requirements, but must be renewed every four years.

Administered by Global Information Assurance Certification (GIAC) www.giac.org.

"As the incidence of cybercrime continues to grow by the hour, continuing professional education and getting certified are more important than ever," says Malladi. "Bolstering your degree with one or more of these certifications could be one of the most important career decisions you will ever make."

Saint Leo's new master's program in cyber security is currently being offered on-ground at University Campus. It will be available totally online in March 2015.

National Cyber Security Awareness Month
This post is one in a series in recognition of National Cyber Security Awareness Month. Since 2004, the Department of Homeland Defense and the National Cyber Security Alliance have designated October as National Cyber Security Awareness Month. For more information, visit StaySafeOnline.org.

 

Other posts you may be interested in reading:

Your Career In Cyber Security

Why Cyber Security And A Cyber Security Degree Matter [Video]

What Sets Saint Leo's Cyber Security Program Apart?

5 Reasons SLU's Cyber Security Program Is Right For You

Image Credit: Bruce Rolff on Shutterstock