NEWS + ADVICE
The IT Certifications You Need to Have in 2018
Certifications are big business and generate debate throughout the technical community. Like them or loathe them, they are a vital part of a successful career. They validate a body of knowledge, set a baseline of expected expertise to align with scope of work, and reflect a level of passion to remain relevant in a fluid technical landscape.
Federal procurements, including those in the Department of Defense (DoD) and Intelligence Community (IC) arenas, call out specific Information Technology (IT) certifications as requirements for personnel. What once seemed like a trend is now ingrained in the fabric of federal business. The type and diversity of the certifications reflects efforts on the part of the United States Government (USG) to modernize infrastructure and increase both the utility of its services and the security level of its enterprise systems.
Savvy professionals will help themselves both in terms of professional growth and earning potential by staying current on their technical certifications. There are too many skill stove pipes to offer a comprehensive list, but the following aligns with a number of core areas and trending requirements.
The complex world of IT makes it difficult and costly to certify in a wide range of disciplines. While a broad background of experience will always be noticed, specialized expertise is a necessity. For early-career candidates, A+, Network+, and Security+ certifications are solid foundations, but should be followed by higher-level certifications designed to develop as a Subject Matter Expert (SME).
Microsoft (MS) remains prevalent throughout the USG, so becoming a Microsoft Certified Solutions Expert (MCSE) is valuable; in the fluid IT realm, some of the most popular specializations are Cloud Platform and Infrastructure, Data Management and Analytics, Mobility, and Productivity Solutions Expert. From a programming perspective, the Microsoft Certified Solution Developer (MCSD): App Builder is a rising star. Bear in mind that these high-level MS certs require a current Microsoft Certified Solutions Associate (MCSA) to obtain, typically in a defined discipline.
Software Engineering certifications are not as commonly referenced in procurements, but as Oracle remains a USG mainstay it can pay dividends to be certified in recent versions. Similarly, Oracle Certified Java certifications can be strong differentiators in software development; offered at multiple levels – Associate, Professional (OCP), Master (OCM), and Expert (OCE) – these certifications show no sign of waning in popularity. Big Data is a function of some USG procurements; with this area, the Cloudera Certified Developer for Apache Hadoop (CCDH) is arguably the greatest value. With the ever-increasing need for secure application development, the Certified Secure Software Lifecycle Professional (CSSLP) offered by ISC2, adds a powerful layer to any development career.
In the network engineering realm, the mainstays are Juniper and Cisco. The Juniper Networks Certification Program (JNCP) offers a number of specialized tracks, but the most notable and lucrative is likely the Juniper Networks Certified Enterprise Routing and Switching-Expert (JNCIE-ENT). By a narrow margin, Cisco certifications are called out in more procurements than Juniper, so the baseline Cisco certifications will continue to hold value: Cisco Certified Network Administrator (CCNA), Cisco Certified Design Associate (CCDA), and Cisco Certified Network Professional (CCNP). The pinnacle in the Cisco line is the Cisco Certified Internetwork Expert (CCIE). It’s difficult to achieve, but the depth of experience and knowledge it requires guarantees that those who possess it are truly experts in the field and will always be highly sought-after.
Cyber security is a broad arena, encompassing engineering and compliance efforts that impact every corner of the USG. Some will typify engineering work as Information Security (InfoSec) and compliance work as Information Assurance (IA); by any name, this work is impacted by the daily bombardment of data breaches and zero-day exploits across enterprise systems, so budgets in these disciplines continue to grow. The much-documented “talent gap” in Cyber Security offers excellent opportunities for professional growth. From a certification perspective, the DoD was at the forefront of codifying requirements for InfoSec and IA efforts with DoD 8570 (procedurally being migrated to DoD 8140, still valid); it’s easy to find information on the specifics online and it’s mandatory information for anyone hoping to plan a thriving career in the space.
There are a broad range of GIAC certifications that hold value, but the Certified Ethical Hacker (CEH) designation is a solid start; it does not hold much sway among high-level practitioners, but it satisfies 8570 requirements on some programs and is relatively easy to achieve. CompTIA is offering a newer certification geared to validate a mid-level experience level, the Cybersecurity Analyst (CSA+). EC Council’s Certified Network Defender (CND) is also relatively new, bolstered by its instructor-led, lab-oriented coursework, and rising in popularity because it cuts across multiple disciplines: policy design and implementation, risk assessment, software security, and incident response. Agencies across the DoD and IC are requiring higher percentages of staff to have either Certified Information Systems Security Professional (CISSP) – arguably the best overall InfoSec/IA certification – or Certified Information Security Manager (CISM) certifications, so anyone interested in the best roles in the InfoSec stovepipe will need one or the other.
Differentiators come along multiple tracks. The increased scope of recent data breaches has only increased the importance of robust penetration testing as a proactive security measure. Ethical hackers with either the GIAC (Global Information Assurance Certification) Penetration Tester (GPEN) or Offensive Security Certified Professional (OSCP) will continue to see their value increase and the difficult-to-obtain Offensive Security Exploitation Expert (OSEE) will reflect true SME status. From a more engineering-oriented perspective, The Cisco CCNA Cyber Ops is a rising star, stemming from its Security Operations Center (SOC) focus. From an IA perspective, being Certified in Risk and Information Systems Control (CRISC) and/or a Certified Information Systems Auditor (CISA) are notable value-adds. Tying Cloud and Cybersecurity together in peak form is the Certified Cloud Security Professional (CCSP), brought to you by the same folks behind the CISSP.
There are also some vendors making significant inroads in the government space, so certifications reflecting expertise with their product line are of increasing value. A Palo Alto Networks Certified Network Security Engineer (PCNSE) is able to leverage expert knowledge in deploying, configuring, and troubleshooting complex security implementations. Splunk has become a tool of choice across many USG customers, so certifications in their product are also strong value-adds. In ascending order, The Power User, Administrator, and Architect certifications all add value to a professional profile. The top of the line in the Splunk arena is the Splunk Certified Consultant.
On the management track, the Project Management Professional (PMP) remains the gold standard. Customers in the Federal space call it out often in procurements. The requirements for ongoing education and experience make it labor-intensive to maintain, but the value is undeniable. CompTIA offers a Project+ certification; it’s a useful body of information, but doesn’t hold a candle to the PMP in terms of industry recognition. In a similar vein, the Certified Associate in Project Management (CAPM) is a step on the PMP ladder. To a lesser degree, Information Technical Infrastructure Library (ITIL) v3 Foundation certifications and Six Sigma Green and Black Belts hold some value with federal customers. With the ever-increasing number of development projects based on Agile methodologies, the Certified Scrum Master (CSM) certification is also valuable on the management track, along with the PMI entry, the PMP Agile Certified Practitioner (PMI-ACP).
The USG is not immune to the inexorable growth of Cloud Computing. While Amazon Web Services (AWS) remains the leader in the space, the Cloud wars are definitely on! IBM and Microsoft have made inroads, but the one to watch is Google. To that end, Google offers two valuable Google Certified Professional certifications under the Cloud heading: Cloud Architect and Data Engineer. The AWS certifications cover a core of disciplines within the platform: Certified Developer-Associate, Certified SysOps Administrator-Associate, and Certified DevOps Engineer-Professional. These are all strong options, depending on background and experience. The real money-maker for AWS is the Certified Solutions Architect-Professional. Achieving the Associate level is a prerequisite for obtaining the Professional designation, but this certification is career gold for the holder.
On The Rise
Data Science is a rapidly-growing field; while the USG has not been quick to develop roles in the arena, that is likely to change. Dell EMC offers a Proven Professional certification at both the Associate and Specialist levels, covering a thorough range of related skills. The Certified Analytics Professional (CAP) is a vendor-neutral certification that validates both understanding data and being able to draw logical conclusions. The SAS Academy for Data Science offers three tracks: big data, data analytics, and a combined program. It’s a very impressive program, but can be cost-prohibitive, particularly if you choose the classroom option.
Education and experience will always remain key foundations of a successful career, but certifications provide Federal customers with specific, codified validation of knowledge and expertise. It is imperative for the career-oriented professional to obtain and maintain pertinent certifications to achieve their loftiest professional goals.
Doug Munro is Director of Talent Acquisition at Coalfire, an industry-leading cybersecurity firm, trusted by Fortune 500 companies and Federal agencies to achieve immediate results and provide solutions to complex and ever-changing cyber challenges. Follow Doug on Twitter @RecruitCyberDC.This entry was posted on Sunday, March 11, 2018 7:18 pm