Articles
IT
10 Popular Cybersecurity Certifications [2023 Updated]
10 Popular Cybersecurity Certifications [2023 Updated]
Written by Coursera • Updated on Dec 22, 2022
Share
Elevate your career in information security with these in-demand credentials.
Cybersecurity (sometimes called computer security or information security) is the practice of
protecting computers, networks, and data from theft, damage, loss, or unauthorized access.
As our interconnectivity increases, so do the opportunities for bad actors to steal, damage, or disrupt.
A rise in cybercrime has fueled a demand for cybersecurity professionals. Job outlook is expected to
grow by 35 percent between 2021 and 2031 [1].
10 Cybersecurity certifications companies are hiring for
While most cybersecurity professionals have at least a bachelor’s degree in computer science, many
companies prefer candidates who also have a certification to validate knowledge of best practices.
There are hundreds of certifications available, from general to vendor-specific, entry-level to
advanced.
Before you spend your money and time on a certification, it’s important to find one that will give you
a competitive advantage in your career. Here are the number of US job listings across three job sites
that require these cybersecurity certifications.
Read more: 10 Cybersecurity Jobs: Entry-Level and Beyond
Certification
LinkedIn
Indeed
Simply Hired
Total
CISSP
159,912
14,401
8,780
183,093
CISA
37,606
7,688
4,019
49,313
Security+
7,366
10,161
3,235
20,762
CEH
16,402
2,425
1,468
20,295
CISM
8,436
4,145
2,573
15,154
Number
as of December
GSEC of US job search results
4,335 for each certification
3,062
2,308 2022
9,705
If you're
the world of cybersecurity,
consider2,160
an entry-level credential,
like the IBM
SSCP just starting out in4,046
3,013
11,865
Cybersecurity Analyst Professional Certificate. You can build job-ready skills in less than six months
while
earning a shareable certificate
from an industry
leader.
CASP
3,783
1,128
868
5,778
GCIH
3,166
2,010
1,403
6,569
OSCP
2,095
1,850
946
4,891
IBM Cybersecurity Analyst
Professional Certificate
Beginner level · 8 month(s)
Skills you'll build: information security analyst, IT security analyst, security analyst, Junior cybersecurity
analyst, Information Security (INFOSEC), IBM New Collar, Malware, Cybersecurity, Cyber Attacks, datab…
vulnerabilities,
Network Security, Sql Injection, networking basics, scripting, forensics, Penetration Test,
4.6 (8,492 ratings)
Computer Security Incident Management, Application Security, threat intelligence, network defensive
tactics, cyber attack, Breach (Security Exploit), professional certificate, cybersecurity analyst
All base salary represents average US salaries sourced from Glassdoor in December 2022
1. Certified Information Systems Security Professional (CISSP)
The CISSP certification from the cybersecurity professional organization (ISC)² ranks among the most
sought-after credentials in the industry. Earning your CISSP demonstrates that you’re experienced in
IT security and capable of designing, implementing, and monitoring a cybersecurity program.
This advanced certification is for experienced security professionals looking to advance their careers
in roles like:
Chief information security officer - $181,529
Security administrator - $61,655
IT security engineer - $99,946
Senior security consultant - $108,379
Information assurance analyst - $85,083
Requirements: To qualify to take the CISSP exam, you’ll need five or more years of cumulative work
experience in at least two of eight cybersecurity domains. These include Security and Risk
Management, Asset Security, Security Architecture and Engineering, Communication and Network
Security, Identity and Access Management, Security Assessment and Testing, Security Operations,
and Software Development Security.
A four-year degree in computer science satisfies one year of the work requirement. Part-time work
and paid internships also count.
Cost (US): $749
The path to CISSP
If you’re new to cybersecurity and lack the necessary experience, you can still take
the exam to become an Associate of (ISC)². Once you pass the exam, you’ll then have
six years to build the relevant experience for full CISSP certification.
2. Certified Information Systems Auditor (CISA)
This credential from IT professional association ISACA helps demonstrate your expertise in assessing
security vulnerabilities, designing and implementing controls, and reporting on compliance. It’s
among the most recognized certifications for careers in cybersecurity auditing.
The CISA is designed for mid-level IT professionals looking to advance into jobs like:
IT audit manager - $109,050
Cybersecurity auditor - $77,583
Information security analyst - $83,109
IT security engineer - $99,946
IT project manager - $94,137
Compliance program manager - $91,915
Requirements: You need at least five years of experience in IT or IS audit, control, security, or
assurance. A two or four-year degree can be substituted for one or two years of experience,
respectively.
Cost: $575 for members, $760 for non-members
Free Course
Information Systems Auditing, Controls and Assurance
Beginner level · 1 month(s)
Skills you'll build: Information Security (INFOSEC), Information Technology (IT) Management, Audit, Risk
Management, Change Management
4.7 (2,568 ratings)
3. Certified Information Security Manager (CISM)
With the CISM certification, also from ISACA, you can validate your expertise in the management side
of information security, including topics like governance, program development, and program,
incident, and risk management.
If you’re looking to pivot from the technical to the managerial side of cybersecurity, earning your CISM
could be a good choice. Jobs that use the CISM include:
IT manager - $105,134
Information systems security officer - $80,751
Information risk consultant - $79,429
Director of information security - $153,898
Data governance manager - $107,126
Requirements: To take the CISM exam, you need at least five years of experience in information
security management. Satisfy up to two years of this requirement with general information security
experience. You can also waive one or two years with another certification in good standing or a
graduate degree in an information security-related field.
Cost: $575 for members, $760 for non-members
Managing Cybersecurity
Specialization
Beginner level · 9 month(s)
Skills you'll build: Security Management, Network Security, Risk Management, Security Governance,
Computer Security Incident Management, Security vulnerabilities and treatments, Threats to…
cybersecurity,
Cybersecurity terminology, cybersecurity program elements, Cybersecurity planning,
4.8 (418 ratings)
Cybersecurity performance measurement, Risk identification, Risk treatment, Wireless Security, Intrusion
Detection System, Firewall (Computing), Computer Network, Business Continuity, Disaster Recovery,
Read more: Guide to CISM Certification
Incident response planning, Cyber-Security Regulation, Cybersecurity Staffing, Contingency Plan,
Cybersecurity Governance
4. CompTIA Security+
CompTIA Security+ is an entry-level security certification that validates the core skills needed in any
cybersecurity role. With this certification, demonstrate your ability to assess the security of an
organization, monitor and secure cloud, mobile, and internet of things (IoT) environments,
understand laws and regulations related to risk and compliance, and identify and respond to security
incidents.
Earning your Security+ certification can help you in roles such as:
Systems administrator - $75,676
Help desk manager - $80,298
Security engineer - $92,117
Cloud engineer - $102,622
Security administrator - $61,655
IT auditor - $74,108
Software developer - $88,568
Requirements: While there are no strict requirements for taking the Security+ exam, you’re
encouraged to earn your Network+ certification first and gain at least two years of IT experience with a
security focus.
Cost: $370
If you’re just getting started in information technology (IT), CompTIA recommends that you get your
Google IT Support Professional Certificate first. You’ll build foundational skills in IT while preparing to
pass the CompTIA A+ exams—the first step in the CompTIA certification path.
Google IT Support
Professional Certificate
Beginner level · 6 month(s)
Skills you'll build: Debugging, Encryption Algorithms and Techniques, Customer Service, Network
Protocols, Cloud Computing, Binary Code, Customer Support, Linux, Troubleshooting, Domain Name…
System
(DNS), Ipv4,
Network Model, Powershell, Linux File Systems, Command-Line Interface, Directory
4.8 (150,270
ratings)
Service, Lightweight Directory Access Protocol (LDAP), Backup, Cybersecurity, Wireless Security,
Cryptography, Network Security
Read more: 10 Essential IT Certifications
5. Certified Ethical Hacker (CEH)
Ethical hacking, also known as white hat hacking, penetration testing, or red team, involves lawfully
hacking organizations to try and uncover vulnerabilities before malicious players do. The EC-Council
offers the CEH Certified Ethical Hacker certification. Earn it to demonstrate your skills in penetration
testing, attack detection, vectors, and prevention.
The CEH certification helps you to think like a hacker and take a more proactive approach to
cybersecurity. Consider this certification for jobs like:
Penetration tester - $90,673
Cyber incident analyst - $62,445
Threat intelligence analyst - $101,393
Cloud security architect - $125,252
Cybersecurity engineer - $91,933
Requirements: You can take the CEH exam if you have two years of work experience in information
security or if you complete an official EC-Council training.
Cost: $950 to $1,199, depending on testing location
Read more: How to Become a Penetration Tester
Exploiting and Securing Vulnerabilities in Java Applications
Course
Intermediate level · 1 month(s)
Skills you'll build: Java, secure programming, Java Programming, security
4.4 (57 ratings)
6. GIAC Security Essentials Certification (GSEC)
This certification from the Global Information Assurance Certification (GIAC) is an entry-level security
credential for those with some background in information systems and networking. Earning this
credential validates your skills in security tasks like active defense, network security, cryptography,
incident response, and cloud security.
Consider taking the GSEC exam if you have some background in IT and wish to move into
cybersecurity. Job roles that use the skills demonstrated by the GSEC include:
IT security manager - $119,246
Computer forensic analyst - $76,419
Penetration tester - $90,673
Security administrator - $61,655
IT auditor - $74,108
Software development engineer - $128,410
Requirements: There are no specific requirements to take the GSEC exam. Set yourself up for success
by gaining some information systems or computer networking experience first.
Cost: $2,499 (includes two practice tests)
The path to GSEC
GIAC also offers the Information Security Fundamentals (GISF) as its entry-level
certification for those new to IT. If you’re still gaining experience with networking and
information systems, this could be a good place to start.
7. Systems Security Certified Practitioner (SSCP)
With this intermediate security credential from (ISC)², you can show employers that you have the
skills to design, implement, and monitor a secure IT infrastructure. The exam tests expertise in access
controls, risk identification and analysis, security administration, incident response, cryptography,
and network, communications, systems, and application security.
The SSCP is designed for IT professionals working hands-on with an organization’s security systems
or assets. This credential is appropriate for positions like:
Network security engineer - $107,889
System administrator -$78,885
Systems engineer - $111,721
Security analyst - $83,167
Database administrator - $84,034
Security consultant - $106,486
Requirements: Candidates for the SSCP need at least one year of paid work experience in one or
more of the testing areas. This can also be satisfied with a bachelor’s or master’s degree in a
cybersecurity-related program.
Cost: $249
(ISC)² Systems Security Certified Practitioner (SSCP)
Specialization
Beginner level · 6 month(s)
Skills you'll build: Asset, Risk Management, Access Control, Security Software, Cloud Computing Security,
Wireless Security, Incident Detection and Response
4.7 (590 ratings)
8. CompTIA Advanced Security Practitioner (CASP+)
The CASP+ is designed for cybersecurity professionals who demonstrate advanced skills but want to
continue working in technology (as opposed to management). The exam covers advanced topics like
enterprise security domain, risk analysis, software vulnerability, securing cloud and virtualization
technologies, and cryptographic techniques.
The CASP+ can open up opportunities for advanced roles in architecture, risk management, and
enterprise security integration. Possible job titles include:
Security architect - $126,281
Security engineer - $92,117
Application security engineer - $119,261
Technical lead analyst - $101,493
Vulnerability analyst - $94,391
Requirements: There’s not a formal prerequisite for taking the CASP+ exam. CompTIA recommends it
only for experienced cybersecurity professionals with at least ten years of IT administration
experience (including five years of broad hands-on experience with security).
Cost: $466
The path to CASP+
Learn more about CompTIA’s cybersecurity certification path with our IT Certification
Roadmap.
9. GIAC Certified Incident Handler (GCIH)
Earning the GCIH validates your understanding of offensive operations, including common attack
techniques and vectors and your ability to detect, respond, and defend against attacks. The
certification exam covers incident handling, computer crime investigation, hacker exploits, and
hacker tools.
This certification is meant for anyone working in incident response. Job titles might include:
Security incident handler - $48,757
Security architect - $126,281
System administrator - $78,885
Requirements: There are no formal prerequisites for taking the GCIH exam, though it’s a good idea to
have an understanding of security principles, networking protocols, and the Windows Command
Line.
Cost: $2,499 (includes two practice tests)
Cyber Incident Response
Specialization
Beginner level · 4 month(s)
Skills you'll build: analysis, incident response handling, CSIH, Network Forensics, Computer Security
Incident Management, Malware Analysis, Memory Forensics, Traffic Analysis, Continuous Function,…
Verification
And Validation (V&V), Ordered Pair, Representational State Transfer (REST), Domain Name
4.7 (97 ratings)
System (DNS), Image Resolution, Breach (Security Exploit), Packet Analyzer
10. Offensive Security Certified Professional (OSCP)
The OSCP from Offensive Security has become one of the most sought-after certifications for
penetration testers. The exam tests your ability to compromise a series of target machines using
multiple exploitation steps and produce detailed penetration test reports for each attack.
The OSCP is a good option for jobs like:
Penetration tester - $97,465
Ethical hacker -$105,548
Threat researcher - $57,612
Application security analyst - $96,140
Requirements: There are no formal requirements to take the exam. Offensive Security recommends
familiarity with networking, Linux, Bash scripting, Perl or Python, as well as completion of the
Penetration Testing with Kali course.
Cost: From $999 (Basic package includes Penetration Testing with Kali Linux (PWK/PEN-200) course,
30 days of lab access, and one exam attempt)
Is a cybersecurity certification worth it?
A survey by (ISC)² found that 70 percent of cybersecurity professionals surveyed in the US were
required to have a certification by their employers. Security certification can also come with a salary
boost of $18,000, according to the same study. The right credential can also make you more attractive
to both recruiters and hiring managers [2].
How to choose a cybersecurity certification
Earning a certification in cybersecurity can validate your hard-earned skills and help you advance
your career. Here are some things to consider when choosing which certification is right for you.
Your level of experience: Start with a certification that matches your current skill set. Invest in a
certification you know you can achieve, and use it to advance toward more challenging
certifications later in your career. If you're new to IT, take a look at these beginner IT
certifications and certificates.
Cost: Getting certified typically costs several hundred dollars (or more), plus the additional fees
to maintain it. The right certification can open up better job prospects or higher salaries, but it’s
important to invest wisely.
Tip: Some employers will help pay for your certification, so it’s always a good idea to
ask first. According to the (ISC)² survey, 40 percent of respondents said that their
organization covered the cost of their courses, exam, and fees [2].
Area of focus: If you’re just getting started in cybersecurity or want to move into a managerial
role, a more general certification might be a good choice. As you advance in your career, you
might decide to specialize. A certification in your concentration area can validate your skills to
potential employers.
Potential employers: Check some job listings of employers you may want to work for (or job
titles you plan to apply for) to see what certifications are commonly required.
Just getting started in IT?
Consider one of these beginner IT certifications or certificates to build entry-level
skills and advance your career.
How to get into cybersecurity: First steps
Many of the most coveted certifications require (or at least recommend) some previous experience in
cybersecurity or IT. If your career goals include a job in this in-demand industry, there are some steps
you can take now to start gaining the experience you need.
Get a degree in computer science.
While you don’t need a degree to enjoy a successful career in cybersecurity—eight percent of
surveyed professionals only reported a high school diploma—it can help you build a strong
foundation [2]. Many of the most prestigious certifications will waive some of the work experience
requirements if you’ve earned a bachelor’s or master’s degree in computer science or a related field.
The University of Pennsylvania offers an Ivy League Master of Computer and Information Technology
degree designed especially for students without a computer science background. Try a course before
you apply to see if this program is a good fit.
Earn Your Degree
Bachelor of Science in Computer
Science
from the University of London
100% ONLINE
●1 ○2
Start with an entry-level job in IT.
Hands-on experience is often the most effective way to prepare for certification exams. Start
accumulating work experience with an entry-level role as a cybersecurity analyst. Many cybersecurity
professionals start off in more general IT roles.
Learn more: How to Get a Job in IT: 7 Steps
Get an entry-level IT certification.
Enhance your resume and make yourself more attractive to hiring managers with a certification that
doesn’t require previous experience.
Entry-level IT certification options include lower-level credentials from some of the companies listed
above. You can also build job-ready skills with no previous experience with the Google IT Support
Professional Certificate and IBM Cybersecurity Analyst Professional Certificate through Coursera.
Google IT Support
Professional Certificate
Beginner level · 6 month(s)
Skills you'll build: Debugging, Encryption Algorithms and Techniques, Customer Service, Network
Protocols, Cloud Computing, Binary Code, Customer Support, Linux, Troubleshooting, Domain Name…
System
(DNS), Ipv4,
Network Model, Powershell, Linux File Systems, Command-Line Interface, Directory
4.8 (150,270
ratings)
Service, Lightweight Directory Access Protocol (LDAP), Backup, Cybersecurity, Wireless Security,
Cryptography, Network Security
IBM Cybersecurity Analyst
Professional Certificate
Beginner level · 8 month(s)
Skills you'll build: information security analyst, IT security analyst, security analyst, Junior cybersecurity
analyst, Information Security (INFOSEC), IBM New Collar, Malware, Cybersecurity, Cyber Attacks, datab…
vulnerabilities,
Network Security, Sql Injection, networking basics, scripting, forensics, Penetration Test,
4.6 (8,492 ratings)
Computer Security Incident Management, Application Security, threat intelligence, network defensive
tactics, cyber attack, Breach (Security Exploit), professional certificate, cybersecurity analyst
Frequently asked questions (FAQ)
How do you get certified in cybersecurity?‎
How long does it take to get certified in cybersecurity?‎
What cybersecurity certification should I get first?‎
Does cybersecurity require coding?‎
You probably won’t need to know how to code for most entry-level cybersecurity jobs. The ability to
read and understand code becomes increasingly helpful as you advance in the field. Some
programming languages you might consider learning include JavaScript, HTML, Python, C, and C++.‎
Is cybersecurity a good career?‎
If you’re interested in computers, networks, and how they work, a career in cybersecurity could be a
good fit for you. Jobs in the field tend to be in-demand and high-paying. The median salary for an
information security analyst, for example, is $102,600 per year [3]. ‎
What skills do I need for cybersecurity?‎
The skills, practices, and technologies you’ll use as a cybersecurity professional will continue to
evolve along with computer and network technology. The desire to learn, ability to problem solve,
and attention to detail will serve you well in this field. Other, more technical skills and technologies to
learn include:
SIEM tools (security information and event management)
Firewalls, Intrusion Detection Systems (IDS), and Intrusion Prevention Systems (IPS)
Digital forensics
Mobile device management
Data management
Application security development
Audit and compliance knowledge‎
Article sources
View all sources
Keep reading
What Is a Security Engineer? 2023 Career Guide
7 min read · November 22, 2022
Cybersecurity Degrees and Alternatives: Your 2022 Guide
6 min read · October 14, 2022
7 Popular Cloud Security Certifications for 2023
9 min read · December 22, 2022
Written by Coursera • Updated on Dec 22, 2022
Share
This content has been made available for informational purposes only. Learners are advised to conduct additional research to
ensure that courses and other credentials pursued meet their personal, professional, and financial goals.
Coursera
Community
About
What We Offer
Leadership
Learners
Partners
Developers
Careers
Catalog
Coursera Plus
Professional Certificates
MasterTrack® Certificates
Degrees
For Enterprise
For Government
For Campus
Become a Partner
Coronavirus Response
Beta Testers
Translators
Blog
Tech Blog
Teaching Center
More
Press
Investors
Terms
Privacy
Help
Accessibility
Contact
Articles
Directory
Affiliates
Modern Slavery Statement
Learn Anywhere
Follow Us
© 2023 Coursera Inc. All rights reserved.