Most IT professionals already have a casual knowledge of security topics, absorbed through osmosis and brute experience. Most IT professionals can learn enough to do them some good in three-to-six months. Entry-level security certs typically require one-to-two years of "relevant experience" (which is arguably conferred by installing and updating antivirus software). Mid- to senior-level credentials tend to be more stringent, requiring three-to-seven years of demonstrable, relevant experience (if not more, in some cases).
For more information on this topic, visit these other SearchSecurity.com resources:
Ask the Expert: Experience vs. certification in today's job market
Ask the Expert: The advantages of work-related security experience
Ask the Expert: Qualification assessment for the CISSP
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.