12 hottest IT security certs for higher pay today

Average pay premium:10%

Market value increase: 43%

 

Certified Information Systems Auditor

The Certified Information Systems Auditor (CISA) certification from ISACA focuses on providing IT auditors with the tools they need to monitor and assess IT and business systems. This program covers the latest technologies such as blockchain and artificial intelligence across five modules, which include the information systems auditing process, information asset protection, governance, and more. To qualify, candidates must have at least five years of relevant experience, including at least two in audit, control, assurance, or security, which a third party must verify. Candidates can waive this requirement with other work experience or education in select cases. The exam spans 150 questions across all five domains, and successful candidates must renew with 120 CPEs over three years and no less than 20 in any given year.

Training fees: ISACA has identically priced and structured preparatory materials for CISA as it does CDPSE: an online review course (US$895 for ISACA members, US$795 for non-members), a digital or print manual (US$109 for ISACA members, US$139 for non-members), and a 12-month subscription to a database of test questions (US$299 for ISACA members, US$399 for non-members).

Exam fees: Candidates must pay a US$50 application fee and an exam fee of US$575 (ISACA members) or US$760 (non-members) for a remotely proctored exam or one held at an authorized testing center.

Average pay premium:10%

Market value increase: 11%

Cisco Certified Network Professional Security

Cisco offers a Cisco Certified Network Professional (CCNP) Security certification that focuses on security concepts and architecture, user and device security, network security, assurance, and cloud application management. While there are no prerequisites for the CCNP, in Cisco’s leveling professional-level certifications like this one are meant to build on associate-level certifications. Cisco advises that most candidates in the certification have between three to five years of experience in network security. By demonstrating expertise with this credential, graduates can succeed in numerous roles, including security engineer, security analyst, and network security engineer. This certification is valid for three years and can be renewed by retaking the exam before its expiration or by taking continuing education credits.

Training fees: Professionals can avail of instructor-led training from Cisco and accredited partners (prices vary), or a US$6,000 annual subscription to Cisco U All Access, which provides learning pathways for professional-level certifications.

Exam fees: Professionals must take a core exam for US$400, plus one of seven exams for a concentration area for US$300.

Average pay premium (per Foote):10%

Market value increase (per Foote):11%

EC-Council Certified Ethical Hacker (CEH)

In Certified Ethical Hacker, stylized by administrator EC-Council as C|EH, professionals learn the foundations of ethical hacking across 20 modules, beginning with footprinting all the way up to cloud computing and cryptography. The EC-Council recommends that professionals have at least two years of experience in IT security; those without it can prepare with its free Cyber Security Essentials series. In C|EH, professionals will learn how to conduct the stages of ethical hacking: reconnaissance, scanning, gaining and maintaining access, and covering tracks. The certification is ideal for cyber professionals that can benefit from ethical hacking, including cybersecurity auditor, warning analyst, solution architect, and more. The C|EH exam consists of 125 multiple-choice questions, along with a practical exam based on different scenarios.

Training and exam fees: CEH bundles their on-demand video course with a certification exam for US$799, and there are also live and hybrid options that also come with exam vouchers.

Average pay premium:10%

Market value increase: 11%

EC-Council Certified Chief Information Security Officer

EC-Council has a Certified Chief Information Security Officer certification (C|CISO). The title of the certification may be misleading: It is not designed only for CISOs or those who aspire to that position. The C|CISO materials state that the program is ideal for over two dozen professionals, ranging from CEOs and managing directors to delivery managers and security auditors. Despite this breadth, candidates must still have five years of experience in each of the C|CISO domains, which include governance and risk management, information security core competencies, and more. This experience can overlap, and candidates can substitute some requisite experience with other credentials or advanced degrees. The two-and-a-half-hour exam comprises 150 questions across three levels: knowledge, application, and analysis. The certificate is valid for three years, and candidates must maintain it through continuing education requirements and a US$100 annual fee.

Training fees: EC-Council offers a variety of training modalities, including on-demand, live in-person or online, and group options. The caveat is that interested candidates are invited first to inquire to obtain the price or a quote.

Exam fees: There is a US$100 application fee.

Average pay premium:10%

Market value increase: 11%

Google Professional Cloud Security Engineer

Like other certifications from cloud vendors, the Google Professional Cloud Security Engineer certification focuses on Google Cloud Technologies. Candidates will be taught how to secure workloads and infrastructure on Google Cloud through modules focused on access management, data protection, secure communications, operations, and compliance. While there are no formal prerequisites, Google recommends candidates have three years of relevant experience, with at least one involving designing and managing Google Cloud solutions. Offered in both English and Japanese, the exam consists of 50 to 60 multiple-choice and multiple-select questions. Unlike other certifications, recertification for the Google Professional Cloud Security Engineer does not involve CPE. Certificate holders must retake and pass the exam 60 days before its two-year validity ends.  

Training fees: Google provides a 20-activity learning path for security engineers that is free, and candidates need only a Google account to sign up.

Exam fees: Candidates must pay US$200 plus applicable taxes.

Average pay premium:10%

Market value increase: 11%