Certification Whoring

[ichy]

Now that I've gotten my CISSP I'm trying to figure out what security related certifications out there would make me more "marketable." The first thing that comes to mind is CEH. Unlike the CISSP it actually seems interesting and useful, but I'm a little uncertain how much value it has in the minds of potential employers. OSCP also seems very useful, but again, I don't know how much it means on a resume. Any thoughts?

 

[seepy83]

I would recommend reviewing the certs offered by http://www.giac.org/

 

[Fox5]

Security certificates are the new IT certificates. It's an overpaid field that soon you're going to need an assload of certificates that require continual renewal just to get considered for a job, despite certificates having no real relation to how good you are.

 

[alkemyst]

there were recently some discovered security issues going back 5+ years now. Security is going to blow up big. CISSP is a good start, but not really what's going to make you an expert.

The best will have some routing and switching background, wireless and voice. Physical security will also be a big plus to know.

 

[ichy]

Security certificates are the new IT certificates. It's an overpaid field that soon you're going to need an assload of certificates that require continual renewal just to get considered for a job, despite certificates having no real relation to how good you are.

Yeah, I know that. If that's how the game is played though then that's how I'll do it.

IMO a big part of it is lazy recruiters and HR departments. It's easy to filter resume by searching for things like CISSPs.