Get the RIGHT Security Certification For Your Career

Certifications.  We’ll all know about them right?  I hope so…I wrote a previous article about them.

Maybe you’ve thought about getting one.  Maybe you’re researching one right now.  Or maybe you need one for that job you really want?

It’s hard isn’t it? It’s hard deciding which certification to get.

So which certification is right for you?  Which one will give you that boost you need in your career?

I’ll answer that question here in a minute. But first, I want to destroy a huge myth about certifications.

The Certification Myth

Most people I talk to seem to have a BIG misconception about certifications.  And it makes sense why they do.

It seems most people believe certifications are similar to college degrees.

College degrees…you go to class, you pass the class, you get your diploma.  Then you’re done.  There is nothing more to do.

With a certification…you study, you take the test, and you get certified.  With some practice tests, and maybe retaking the test (if you’re like me!).

And once you’re certified, you’re a security rockstar!  Right?

Does that sound familiar at all?

That is the myth of certifications…you get a certification, and somehow you’re qualified to whatever you got certified to do.

Certifications are not diplomas

It’s actually not supposed to be like that.  And in my opinion, this is why some people do not see the success they expect from a certification.

Certifications are much more than you probably know.  Much more than just “letters” like CISSP, CCNA, or CEH.

Certification are designed to be a verification of your knowledge and skill level.  Not a diploma.

Today, most certifications require you to keep up on current technologies through continuing education.

A college degree…you get one, you have one forever.  A certification should not be thought of like that, at all.

You should also only get certified for the skills and knowledge you have.  Now, you can certainly study and learn the skills you need to pass the exam.

And you need to study so you can understand the vendor’s “way” of doing things.

But it’s important to know how to apply the skills and knowledge you are certified for.  Having the certificate is nothing without skills or knowledge.

The Truth About Certifications

The truth is: A certification means very little if you don’t have the skills or knowledge to back it up.

So, if you study for a few weeks, take the test and pass…congratulations!  You’re now certified.  But, if you can’t do any of the things you’re certified in…what did you accomplish?

I know, I know…that pesky certification is needed to get that job you want or need.  Or it can mean the difference between your career success or failure.  I get it! 😉

I know it, because I’ve been there too.

But the certification is only valuable if you can back it up with skills and knowledge.

Soooooo…which certification is right for me?  I can hear you asking that right now!

Choosing the Right Certification For Your Career

There are many types of certifications.  Technical.  Non-technical.  Specialty.  Management.  Offensive.  Defensive.  Compliance.  Audit.  Vendor product focused…OH MY GOSH!  Enough already!

With all of those choices, which type should you get?  You should get are the ones that will help you reach your goals!  The “popular” certifications are not always the ones that will benefit you the most.

Finding the Certification You Need

Let me explain how to find the certification you REALLY need!

First, you need to do your research.  Find out what employers in your area are looking for.  Search on job boards like,,, etc.

Employers will tell you what type of certified workers they are looking for.

Second, you have to know your background.  Be honest and rule out any certifications you’re not qualified to hold.  You may pass the test, but if you can’t do what is expected of you on the job, you may end up looking for another job!

Then start from the beginning.  If you don’t have a technical background, start with the CompTIA A+ material.  Learn about the hardware and software side of things.

Now, go get the Security+ if you’re a beginner.  This is one of the most popular certifications on the planet! It’s also a perfect starting point for security principals and fundamentals.

The ISC2 SSCP and GIAC GSEC are good choices too.

After you get the Security+, move on to mid-level certifications.  Use your research, and get a certification that is in demand and supports your skill level. CISSP, CEH, GIAC, and ISACA certifications are all good choices.

After you get those 2 certifications, you’re pretty much good to go!  If you want, you can get an advanced certification.  Any of the GIAC or CISSP concentrations are good choices. Specialty certifications like penetration testing (OSCP, CPTE, LPT), management (CISM), or even auditing (CISA) are good options as well.

But compliment your skills, knowledge, and do your research.

The order I would get certifications is: Security+, CISSP, and advanced certification that complements your skills.  That’s all based on my own experience and research.

There is no biased opinion or hate and discontent for any certifications.

Pick only the certifications that will help you reach your goals!  (Hint:  Research how many jobs there are for the CISSP.  More than ANY OTHER CERTIFICATION out there!

Save the certification bias and go get that one already!  10,000+ jobs are waiting for you to apply!)

Forget the Hype

Don’t get caught up in the marketing hype of certifications.  Employers will tell you what they are looking for in their job postings.  There should be no argument about what certification is good, bad, or not worth your time.

Forget all of that!

Your only argument should be what certification will help your career.  The certification that helps you get a better job, helps you get a raise or a promotion you’re after…that’s what’s important

Just make sure you’re knowledge and skills can support the certification. 😉

All the best in your search and your studies!


Leave a Comment