According to Cyberseek, the current number of job openings in cybersecurity is over 769,000. With such an astronomical demand for qualified professionals, it’s no wonder that the number of people enrolling in cybersecurity programs and earning certifications is on the rise.
The most sought-after position in the cybersecurity industry is that of the cyber security analyst (also called information security analyst, computer security analyst, or simply security analyst). And rightfully so – these professionals are responsible for identifying, managing, and mitigating security threats to an organization’s networks and systems.
There are a number of different certs that can help launch your career in cybersecurity, but which one is right for you?
In this article, we’ll compare some of the most popular cyber security certifications, including the Certified Ethical Hacker (CEH), the CompTIA CySA+, and more. They are ordered by increasing levels of difficulty.
Security+
Many cybersecurity employers consider the Security+ to be the bare minimum requirement for any job in the field.
The Security+ was created by CompTIA, which is one of the most respected certifying bodies in the world. It covers a wide range of topics related to risk management, forensics, incident response, cloud security, security controls, and more.
Because it is meant to be an entry-level cert, the CompTIA Security+ is a great starting point for anyone who is just getting started in their cybersecurity career. Recommended career requirements include about two years of work experience as an IT or network administrator and the CompTIA Network+ certification or equivalent level of skill and knowledge.
The exam covers a lot of ground, so it will give you a good overview of the basics of cybersecurity.
Knowledge level: beginner
Focused on: security analysis
Recognized by: United States Department of Defense
Exam details: 90 minutes, maximum of 90 multiple-choice and performance-based questions
Accreditation: ANSI ISO/IEC 17024
SSCP
The Systems Security Certified Practitioner (SSCP) was developed by (ISC)², a nonprofit organization that specializes in cybersecurity education and training.
To be eligible for the SSCP, you must have at least one year of cumulative paid work experience in one or more of the seven domains covered by the exam:
- Security operations and administration
- Access controls
- Incident response and recovery
- Cryptography
- Risk identification, monitoring, and analysis
- Information system and applications security
- Network and communications security
In many roadmaps detailing the steps to becoming a security analyst, you will come across the SSCP as a recommended next step after the Security+.
However, you should know that, in terms of the ground they cover, the SSCP and the Security+ are very similar. The main difference is that the Security+ is more widely known and accepted, so if you’re just starting out, it might be a better option.
Knowledge level: beginner
Focused on: security analysis
Recognized by: United States Department of Defense
Exam details: 3-4 hours, 150 multiple-choice questions
Accreditation: ANSI ISO/IEC 17024
CEH: Certified Ethical Hacker
The Certified Ethical Hacker (CEH) is one of the most popular certs not just for ethical hacking enthusiasts but for all cybersecurity professionals. This is because the CEH exam covers a broad range of topics related to cybersecurity, such as network security, cloud computing, web app security, and even cryptography.
This cybersecurity certification is offered by the International Council of E-Commerce Consultants (EC-Council). It is globally recognized and often cited as one of the top cybersecurity certs by employers.
While it is not meant for IT beginners in general, if you are just starting out on the path of becoming a cybersecurity analyst, a CEH cyber security course can give you a well-rounded foundation on which to build your knowledge. In the industry, the CEH is considered important for security analysts so they can better “know their enemy”, since the exam covers common hacking techniques and tools that are also used for penetration testing.
Knowledge level: beginner to intermediate
Focused on: offensive security
Recognized by: United States Department of Defense, GCHQ in the United Kingdom
Exam details: 4 hours, 125 multiple-choice questions
Accreditation: ANSI ISO/IEC 17024, ACE ID ECCL-0002
CySA+
The CompTIA Cybersecurity Analyst+ (CySA+) certification is a vendor-neutral cert that covers the essentials of intermediate-level cybersecurity analysis and threat intelligence. This makes it a great next step for those who are looking to deepen their knowledge in this field.
The CySA+ focuses on the use of behavioral analytics and data science to detect and defend against cyber threats. It also emphasizes the importance of developing, managing, and maintaining an effective security posture.
This cybersecurity certification is also offered by CompTIA. The recommended requirements for taking the CySA+ exam include having at least 4 years of experience in IT with a focus on security, and holding either the CompTIA Network+ or Security+ cert (or having equivalent knowledge).
Knowledge level: intermediate
Focused on: defensive security
Recognized by: United States Department of Defense
Exam details: 165 minutes, 85 multiple-choice, drag-and-drop, and performance-based questions
Accreditation: ANSI ISO/IEC 17024
GSEC
Compared to the CySA+, the GIAC Security Essentials certification does not emphasize behavioral analytics as much. It focuses more on the technical aspects of cybersecurity, such as developing secure systems, assessing and managing risk, and investigating incidents.
The GSEC security certification is offered by GIAC, a well-respected certification provider. Compared to all other certs on this list that are above entry-level, the GSEC does not have any specific experience requirements. However, it should be noted that it is not meant for beginners in cybersecurity.
While the GSEC is a great choice for a cybersecurity professional who wants to deepen their technical knowledge, it may not be as useful for those who want to move into management positions (for becoming a security analyst manager, see the CISSP and CRISC below).
One last interesting thing about the GSEC is that it is an open-book exam, meaning you are allowed to use reference materials during the exam. This does not, by any means, make the exam easier, but it is a unique feature that may appeal to some.
Knowledge level: intermediate
Focused on: security analysis
Recognized by: United States Department of Defense
Exam details: 4-5 hours, 106-180 questions
Accreditation: ANSI ISO/IEC 17024
CRISC
CRISC stands for Certified in Risk and Information Systems Control. This certification is offered by the Information Systems Audit and Control Association (ISACA) and is meant for cybersecurity professionals who want to move into management positions in the cybersecurity field.
The CRISC certification focuses on four main domains:
- Organizational and risk governance
- IT risk identification, analysis, and evaluation
- Risk response, monitoring, and reporting
- Information technology and security principles
To be eligible for the CRISC exam, you must have at least three years of experience in 2 or more of the four domains listed above, and one of those domains must be either domain one or domain two. Unlike for some other exams on this list, there is no substitution or exemption for work experience if you have other certifications.
ISACA highlights that there are over 30,000 CRISC-certified professionals in the world, with the average salary for those with this certification being $151,000.
Knowledge level: advanced
Focused on: security analysis
Recognized by: /
Exam details: 4 hours, 150 questions
Accreditation: ANSI ISO/IEC 17024
CISSP
In terms of difficulty and the level of knowledge required, the Certified Information Systems Security Professional (CISSP) is one of the most challenging certs on this list. It is also one of the most well-known and highly respected cybersecurity certifications worldwide.
The CISSP is developed by the (ISC)² and, much like the CRISC, is intended for experienced IT professionals (including cybersecurity analysts) who want to move into a management or leadership role in cybersecurity.
To be eligible for the CISSP exam, you must have at least 5 years of full-time professional work experience in 2 or more of the 8 CISSP domains. These domains cover a wide range of topics related to cybersecurity, such as asset security, software development security, and communication and network security.
Interestingly, the (ISC)² keeps records of the average salary of CISSP holders, which is currently $120,552 USD in North America.
Knowledge level: advanced
Focused on: security analysis
Recognized by: United States Department of Defense, U. S. National Security Agency (ISSEP program), Hong Kong Monetary Authority, Australian Government Information Security Registered Assessors (IRAP) program,
Exam details: 4 hours, 125-175 multiple-choice questions and advanced innovative items
Accreditation: ANSI ISO/IEC 17024, ACE (American Council on Education), APU (American Public University System), Tokyo Denki University, UK ENIC, University of Zagreb, and more
Conclusion
The truth is, there is no one “best” certification for security analysts. The best certifications are the ones that fit your individual experience and career goals.
For entry-level or early-career analysts, the SSCP or Security+ might be a good place to start. Those with more experience might want to consider the GSEC, CySA+, or the CEH. And for those looking to move into management, the CRISC or CISSP could be the right choice.
Other popular certs that may be suitable for security analysts include the CompTIA Advanced Security Practitioner (CASP+), the ISACA Certified Information Systems Auditor (CISA), the ISACA Certified Information Security Manager (CISM), and maybe even the Offensive Security Certified Professional (OSCP). In this article, we outlined only the ones we thought most relevant for the role of an IT security analyst.
Whichever way you go, remember that continuing education and keeping up with the latest trends and technologies is just as important (if not more so) than any certification. Cybersecurity is a field that is constantly changing, and the best way to stay ahead of the curve is to never stop learning.
To learn more about how you can further your career in cybersecurity, contact us at the CyberAgility Academy. We offer a variety of cybersecurity courses and certificate program options for you to choose from, regardless of whether you are interested in self-study or hands-on learning.