Back to School

So many credentials: 23 certifications in high demand

For many IT jobs, specialized certifications remain the coin of the realm. The 23 that follow are in especially high demand, in both government and the private sector.


1. Certified Ethical Hacker

Audience: Information security specialists
Focus: Ability to use hacking techniques to conduct penetration testing on a network’s defenses with the goal of discovering and securing vulnerabilities
Requirements: At least two years of information security-related experience and an educational background that reflects specialization in information security. The EC-Council offers an optional five-day course exploring ethical hacking techniques and security issues.
Certifying organization: EC-Council (

2. Certified in Risk and Information Systems Control

Audience: Experienced IT and business professionals
Focus: Ability to identify, assess and evaluate risk throughout the life cycle of information systems control. Exams are offered annually in June and December.
Requirements: At least three years of cumulative experience incorporating three of five performance areas: risk identification, assessment and evaluation; risk response; risk monitoring, information systems control design and implementation; and information systems control monitoring and maintenance.
Certifying organization: ISACA (

3. Certified Information Security Manager

Audience: Information security managers
Focus: Ability to develop, build and manage enterprise information security programs
Requirements: At least five years of experience in information security, three of which must have been served as an information security manager. Exams are offered annually in June, September and December.
Certifying organization: ISACA (

4. Certified Information Systems Security Professional

Audience: Security managers, auditors, network architects, chief information security officers and similarly skilled professionals
Focus: Managerial competence and the technical aptitude to design, engineer, implement and oversee information security programs
Requirements: At least five years of cumulative work experience in two of the following eight areas: security and risk management, asset security, security engineering, communications and network security, identity and access management, security assessment and testing, security operations, and software development security
Certifying organization: (ISC)2 (

5. CyberSecurity Forensic Analyst

Audience: highly experienced digital forensic professionals
Focus: Ability to conduct a thorough and sound forensic examination of a computer system and other digital/electronic devices, properly interpret the evidence, and communicate the examination results effectively and understandably
Requirements: Practical experience in the field of digital forensics
Certifying organization: CyberSecurity Institute (

6. EC-Council Certified Security Analyst and Licensed Penetration Tester

Audience: Information security professionals
Focus: Various penetration testing and security auditing methodologies for ECSA, and report-writing skills and the ability to perform penetration tests in real-time scenarios on an active cyber range for LPT. Successful candidates will receive two certifications.
Requirements: Basic ethical hacking skills. Certified Ethical Hacker certification is highly recommended.
Certifying organization: EC Council (

7. GIAC Certified Penetration Tester

Audience: Information security professionals
Focus: Penetration-testing methodologies, the legal issues surrounding penetration testing, how to properly conduct such tests, and technical and non-technical techniques
Requirements: No specific training is required
Certifying organization: Global Information Assurance Certification (

8. GIAC Security Essentials

Audience: Security professionals who want to demonstrate they are qualified for hands-on roles with respect to IT security tasks
Focus: An understanding of information security beyond simple terminology and concepts
Requirements: No specific training is required
Certifying organization: Global Information Assurance Certification (

9. Information Systems Security Engineering Professional

Audience: Senior systems engineers, information assurance officers and senior security analysts
Focus: Ability to incorporate security into information and business processes, systems and projects. The certification was developed in cooperation with the National Security Agency.
Requirements: At least two years of engineering experience
Certifying organization: (ISC)2 (


10. Certified Information Systems Auditor

Audience: Information systems specialists
Focus: Managing vulnerabilities and offering processes and controls that ensure compliance with standards while delivering value to the enterprise. The certification is often a prerequisite for employment as an information systems auditor.
Requirements: At least five years of experience auditing, controlling, monitoring and/or assessing enterprise IT and business systems
Certifying organization: ISACA (

11. Information Technology Infrastructure Library Qualification

Audience: IT professionals
Focus: A modular approach to the ITIL framework comprising a series of qualifications focused on different aspects of ITIL best practices
Requirements: Vary by level of qualification being sought
Certifying organization: Axelos (

12. Microsoft Certified Solutions Expert

Audience: IT professionals
Focus: Ability to build innovative solutions across multiple technologies, both on-premises and in the cloud. Certifications are offered in the areas of server infrastructure, desktop infrastructure, private cloud, enterprise devices and applications, data platform, business intelligence, messaging, communication and SharePoint.
Requirements: Hands-on experience with Microsoft technology. Optional online or classroom training is available.
Certifying organization: Microsoft (

13. Project Management Professional

Audience: Project managers
Focus: Complete life cycle of project oversight, including initiating, planning, executing, monitoring and controlling projects
Requirements: 35 hours of project management education and a bachelor’s degree with 4,500 hours of project direction or a secondary degree with 7,500 hours of administration
Certifying organization: Project Management Institute (


14. Certified Novell Engineer

Audience: Network engineers
Focus: Planning, installation, configuration, troubleshooting and upgrade services for networks and the ability to solve advanced support and high-level network problems
Requirements: Novell-authorized courses are available but not required.
Certifying organization: Novell (

15. Cisco Certified Design Associate

Audience: Network design engineers, technicians and support engineers
Focus: The skills necessary to build basic campus, data center, security, voice and wireless networks
Requirements: A valid Cisco Certified Entry Networking Technician or a Cisco Certified Network Associate Routing and Switching certification
Certifying organization: Cisco Systems (

16. Cisco Certified Network Professional Routing and Switching

Audience: Network engineers, support engineers, systems engineers and network technicians
Focus: Ability to plan, implement, verify and troubleshoot local- and wide-area enterprise networks
Requirements: At least one year of networking experience. Applicants must also pass three additional examinations in routing, switching and troubleshooting.
Certifying organization: Cisco Systems (

17. Juniper Networks Certified Internet Associate — Junos

Audience: Networking professionals
Focus: Knowledge of Juniper Networks’ Junos OS, networking fundamentals, and basic routing and switching
Requirements: Beginner/intermediate knowledge of networking
Certifying organization: Juniper Networks (


18. Certified ScrumMaster

Audience: Project managers
Focus: Managing complex projects within an open, interactive environment and gaining an understanding of the Scrum framework, including team roles, activities and artifacts
Requirements: Attending an in-person, two-day course taught by a certified Scrum trainer and then passing a CSM test
Certifying organization: Scrum Alliance (

19. Certified Secure Software Lifecycle Professional

Audience:Security professionals and software developers
Focus: Ability to develop an application security program, reduce production costs and vulnerabilities for applications, and diminish loss of revenue and reputation from an organizational software breach
Requirements: At least four years of cumulative full-time work experience in one or more of the eight CSSLP domains
Certifying organization: (ISC)2 (

20. Check Point Certified Security Expert

Audience: IT administrators
Focus: Ability to build, test and troubleshoot various Check Point Security Systems’ deployments; configure and maintain security acceleration solutions; and manage, test and optimize corporate virtual private network tunnels
Requirements: Security administration course or Check Point Certified Security Administrator certification (R70 or later); Windows Server, Unix and networking skills and TCP/IP experience; and certificate management and systems administration experience
Certifying organization: Check Point Software Technologies (

21. EC-Council Certified Secure Programmer

Audience: Software developers and programmers
Focus: Ability to identify security flaws and implement countermeasures throughout the software development life cycle to improve the overall quality of products and applications
Requirements: Experience designing and building secure Windows and Web-based applications using the Microsoft .NET framework
Certifying organization: EC-Council (


22. Citrix Certified Professional — Virtualization

Audience: IT solution engineers and consultants
Focus: Ability to install, configure and launch common Citrix XenDesktop solutions
Requirements: Complete the recommended coursework online or in person and pass an exam
Certifying organization: Citrix (

23. VMware Certified Professional — Data Center Virtualization

Audience: IT administrators
Focus: Ability to install, deploy, optimize, scale and manage VMware vSphere environments
Requirements: Completion of a VMware-authorized training course and a minimum of six months of hands-on experience with VMware technologies
Certifying organization: VMware (


  • Federal 100 Awards
    Federal 100 logo

    Nominations for the 2021 Fed 100 are now being accepted

    The deadline for submissions is Dec. 31.

  • Government Innovation Awards
    Government Innovation Awards -

    Congratulations to the 2020 Rising Stars

    These early-career leaders already are having an outsized impact on government IT.

Stay Connected