Education has become increasingly democratized in recent years. There are a lot of paths available for your cybersecurity self-education: college/graduate school, bootcamps, online courses, YouTube videos, books, etc. This variety of learning pathways make the Credentialization phase of your Roadmap to a Cybersecurity Career all the more important.
The goal of these entry-level certifications is to credentialize yourself as a qualified cybersecurity candidate.
Credentialization demonstrates to recruiters and hiring managers that you learned a given cybersecurity topic to an industry-recognized standard. Hiring managers don’t need to worry about how good your cybersecurity bootcamp was, when completion is complemented with the appropriate certifications.
CompTIA Security+ is the industry’s go-to, entry-level cybersecurity certification. Attaining at least a Security+ let’s people know that you’re serious about a career in cybersecurity. It’s achievable and shows that you have a basic understanding of cybersecurity. For university (undergraduate or graduate) students completing the Security+ along with your coursework shows initiative and will help you stand out from your peers.
The CompTIA Cybersecurity Analyst (CySA+) is a more advanced CompTIA cybersecurity certification. Security+ has more brand recognition as a result of being the older certification. I would recommend taking the CompTIA CySA+ after the Security+. The pair of certifications on your resume would really highlight your preparedness for an analyst role. Completing both would really highlight that you’ve put the work in to learn a new skill set.
The (ISC)2 Systems Security Certified Practitioner (SSCP) is the CISSP’s younger sibling. There is a requirement for one year of work experience in one of the seven domains (as opposed to five years required for the CISSP). That one-year requirement can be waived though, if you have a bachelor’s degree. Seeing applicants with (ISC)2 SSCP on their resume is less common than CompTIA Security+. It would certainly make you stand out.
GIAC Security Essentials (GSEC)
The GIAC Security Essentials (GSEC) certification accompanies the SANS Institute’s Security Essentials Bootcamp Style course (SEC401). The SANS Institute is an industry leader in technical cybersecurity training. Their courses are not inexpensive, but they have excellent instructors and hands-on training.
Cybersecurity has a wide, diverse set of roles. There is an equally wide, diverse set of certifications out there. The above certifications can be helpful as entry-points into cybersecurity. However, there will be plenty more to learn after achieving an entry-level certification. Do your homework to get a feel for the types of cybersecurity roles, which excite you. That will inform, which follow-on cybersecurity certifications you should pursue. The goal of these entry-level certifications is to credentialize yourself as a qualified cybersecurity candidate. There is plenty more out there to credentialize yourself as an advanced or specialized cybersecurity professional.