That being said, I think there are two situations in which certifications are helpful. The first is when a person
has no direct experience in the security industry and no credibility to convince an employer that he or she can do the job. In this case, getting a certification can show initiative, focus and a willingness to make an investment in one's future. It's one of the ways to get from Point A (not having a job in information security) to Point B (having a job in the security industry).
The other situation is when there is a real economic dollar value to getting the certification. There are some companies that highly value capital letters behind an employee's name, and they are willing to pay for it because it makes the security organization as a whole seem more knowledgeable. That doesn't make much sense to me, but if a company will pay more for a certified employee, then by all means get certified.
In terms of what else to do to get a job in the security business, I would recommend informally increasing personal skills, which means breaking and fixing stuff. Build a home network and break into it. Fix it and try it again. Offer to secure the networks of neighborhood businesses. These things will provide a person with real experiences that can be relayed during the interview process.
- Learn about vendor-specific information security certifications.
- The vendor-neutral information security certification landscape is changing. Learn which are worth pursuing.
Dig deeper on Information Security Jobs and Training
Related Q&A from Mike Rothman, Contributor
In the world of security certifications, what is the GISP and how alike is it to the CISSP? In this security management expert response, learn about ...continue reading
Depending on your enterprise, it may or may not be necessary to utilize a QSA. In this security management expert response, learn how to determine ...continue reading
When developing software securely, what role does gap analysis play? In this security management expert response, learn how to implement gap analysis...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.