Certifications having to do with application security are also very popular. ISC2’s Certified Secure Software Lifecycle Professional (CSSLP) certification can help. Other popular certifications are GIAC Secure Software Programmer – Java (GSSP-JAVA) and GIAC Secure Software Programmer – .NET (GSSP-NET). “Both are developed by the GIAC and show the software developer how to think like an attacker. Specifically, looking at common exploits, like validating incoming data types and guarding session cookies,” explained Evan Lesser, Co-Founder and Director of ClearanceJobs.com.
Certified Information Systems Auditor (CISA) has emerged as another hot button security certification of late, according to Foote Partners. Candidates for a CISA certification must pass a test, adhere to the Information Systems Audit and Control Association’s Code of Professional Ethics, provide proof of a minimum of five years of professional IS auditing, control, or security work and follow a program of continuing professional education. GIAC Security Audit Essentials is also popular, according to Foote Partners.
Increasingly, the Certified Information Systems Security Professional (CISSP) certification has become important, as has Certified Information Security Manager (CISM). CISSP is governed by the International Information Systems Security Certification Consortium (ISC2). ISC2 claims it received about 700 responses from U.S.-based info-security professionals in a demonstration of an increased demand for specific certification CISSP concentrations, especially in architecture.
The Certified Ethical Hacker (CEH) provided by the International Council of E-Commerce Consultants (EC-Council) is a good start for pen testers, as is GIAC’s Certified Intrusion Analyst certification, according to ClearanceJobs.com’s Lesser. Others include Certified Penetration Tester (CPT) and Certified Expert Penetration Tester (CEPT), which are sponsored by the Information Assurance Review Board.
7Wireless Security in Demand
9CheckPoint Check List
Forensics has been a growth area as well. CyberSecurity Forensic Analyst and the EC-Council/Certified Hacking Forensic Investigator (CHFI) certifications have seen market value increases in the past year, though the market value of CHFI did not grow in the first three months of the year, according to Foote Partners. The CyberSecurity Forensic Analyst certification however increased in value by more than nine percent during that period.
By Brian Prince