Security Awareness Programs & Computer-Based Training

Top 5 IT Security Certifications for 2011

Employers, Recruiters Identify the Most Valued Infosec Certifications
Top 5 IT Security Certifications for 2011
Not having an IT security certification doesn't disqualify you from getting that next job or promotion, but it could be a factor.

"A certification today is like a college degree," says Grady Summers, Americas leader for information security program management services at Ernst & Young. "You may not hire a candidate just because they have one, but it is something that you come to expect in this field."

As you mull whether to get that certification, we've compiled the top five security certifications for 2011. Here's our list, based on review of job boards and interviews with IT security recruiters and employers:

  • Vendor Certifications
  • CISSP: Certified Information Systems Security Professional
  • CEH: Certified Ethical Hacker
  • CISM: Certified Information Security Manager
  • GIAC: Global Information Assurance Certification

Vendor Certifications

A growing need for hands-on network engineers, along with social computing and Web 2.0 technology, has propelled network security even further. Vendor certifications including Cisco's Certified Network Associate Certification (CCNA), Microsoft's Certified Systems Engineer (MCSE) with focus on security and Check Point's Certified Security Expert (CCSE) top the list as organizations within banking, government and healthcare that look to fill open positions including network, system administrators and architects. "We look for completion of these certificates in potential network security candidates," Summers says, "as having those on their resume says a lot about someone's depth of knowledge."


The popularity of the Certified Information Systems Security Professional is high within the IT security community, as it provides the basis of security knowledge. "We feel safe hiring candidates carrying this validation," says Ellis Belvins, division director at Robert Half International, a professional staffing consultancy. The certification demonstrates the security professionals' high proficiency, commitment and deeper understanding of security concepts, principles and methodologies.

CISSP is viewed as the baseline standard for information security professions in government and industry. Companies are beginning to require CISSP certification for their technical, mid-management and senior management IT security positions. This certification is offered through (ISC)2, the not-for-profit consortium that offers IT security certifications and training.


Certified Ethical Hacker is gaining popularity as organizations focus on securing their IT infrastructure and networks from internal and external attacks. CEH is offered by EC-Council, and its goal is to certify security practitioners in the methodology of ethical hacking. This vendor-neutral certification covers the standards and language involved in exploiting system vulnerabilities, weaknesses and countermeasures. CEH basically shows candidates how the attacks are committed. It also attempts to define the legal role of ethical hacking in enterprise organizations.

Some employers aggressively look to hire candidates with CEH validation for hands-on security operations and intelligence activities. "In 2011, we see the need for very specific skill sets, which can be obtained through training and certifications such as the CEH," says Vernon Ross, director of learning and organizational capability at Lockheed Martin Information Systems and Global Solutions.


Certified Information Security Manager is significantly in demand as the profession focuses on the business side of security. CISM, offered by ISACA, addresses the connection between business needs and IT security by focusing on risk management and security organizational issues. "ISACA's CISM are a few that are on our radar for 2011," Summers says.

CISM is ideal for IT security professionals looking to grow and build their career into mid-level and senior management positions. In fact, the CISM earned a place on the list of highest paying IT security certification by the 2010 IT Skills and Certifications Pay Index from independent research firm Foote Partners.


The demand is rising for Global Information Assurance Certification in specific disciplines such as digital forensics, intrusion detection, incident handling, security operations and application software security.

Employers and recruiters increasingly find the GIAC credential as a requirement for hands-on technical positions. "GIAC's focus on open source tools and its aggressive in-depth training is very useful," says Daryl Pfeil, CEO of Digital Forensics Solutions, a computer security and digital forensics firm. She finds GIAC certified candidates highly skilled and proficient to handle the dynamic demands of the real-world job environment.

Other Top Certifications

Other IT security certifications gaining importance include Certified Business Continuity Professional (CBCP), Cloud Security Alliance's new Certificate of Cloud Security Knowledge (CCSK) and CyberSecurity Forensic Analyst (CSFA).

"There is no replacement for real-world experience, Summers says. "However, certifications are important and have become de facto minimum criteria when screening resumes."

About the Author

Upasana Gupta

Upasana Gupta

Contributing Editor, CareersInfoSecurity

Upasana Gupta oversees CareersInfoSecurity and shepherds career and leadership coverage for all Information Security Media Group's media properties. She regularly writes on career topics and speaks to senior executives on a wide-range of subjects, including security leadership, privacy, risk management, application security and fraud. She also helps produce podcasts and is instrumental in the global expansion of ISMG websites by recruiting international information security and risk experts to contribute content, including blogs. Upasana previously served as a resource manager focusing on hiring, recruiting and human resources at Icons Inc., an IT security advisory firm affiliated with ISMG. She holds an MBA in human resources from Maharishi University of Management, Fairfield, Iowa.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.