Global spending on cybersecurity products and services is expected to increase by 12 to 15 percent each year until 2021, with IoT (internet of things) products leading the way. Since any product connected to the internet is a potential target for hacking, it’s no surprise that the information security market is expected to grow by 7 percent this year.

Spearheading the effort to protect our devices and networks are cybersecurity experts, each with specialized training that makes them formidable against any hacker. This guide explores five of the most popular certifications to help you learn cybersecurity, with details on the necessary requirements and the types of jobs you can land once you’re certified (view our list of cybersecurity interview questions here).

Let’s get into it!


You have to learn to walk before you can run. And in the world of cybersecurity, Network+ will help you take your first steps. The Network+ certification is earned through CompTIA, and while it is not necessary for most jobs in cybersecurity, it does provide a great foundation on how computers and networks communicate with each other as well as some cybersecurity best practices.

What will you learn?

The goal of the Network+ certification is to measure participants’ foundational knowledge of how systems and networks communicate and interact. In order to receive this certificate, you must understand the following:

  • Networking concepts
  • Infrastructure
  • Networking operations
  • Network security
  • Network troubleshooting and tools

What are your job options?

The beauty of the Network+ certification is that it opens the doors to most entry-level IT jobs and sets the stage to move deeper into cybersecurity specialties.

If you’re considering pursuing this cybersecurity certificate, here are some jobs that will be open to you:

Systems Administrator

A systems administrator is responsible for all hardware and software for a company’s computers. They are required to stay up to date with installing the latest patches and programs. The systems administrator also provides technical support to employees, troubleshooting any computer-related issues.

IT Manager

IT managers develop methods to solve the company’s computer problems and oversee other IT employees. They are in charge of minimizing network downtime and keeping costs under control. The IT manager will advise upper management on the latest technology and how new hardware or software could benefit the company.

Network Administrator

A network administrator maintains the company network, troubleshooting issues as well as fixing connectivity problems. The network administrator installs new networking systems with the aim of improving speed and security. They are also responsible for maintaining the security of the entire network.

The salary you can earn depends on the position and your level of experience. However, you can generally expect to make at least $40,000 a year with little or no experience. Network+ is an optional prerequisite for Security+.

network+ salaries



Like Network+, Security+ is earned through CompTIA and is arguably the most important cybersecurity certification, as it provides a foundational understanding of cryptography, risk management, and vulnerabilities.

What will you learn?

This certification will prove you understand the proper way to install and configure systems as well as secure devices, application, and networks. In addition, you will be able to conduct threat analysis on these systems and employ mitigation techniques.

To pass the Security+ exam, you will need to have a thorough understanding of the following:

  • Threats, attacks, and vulnerabilities
  • Identity and access management
  • Risk management
  • Network architecture and design
  • Cryptography and KPI

What are your job options?

For anyone looking for a job in cybersecurity, the Security+ certification should be viewed as the bare minimum qualification; having it will open the door to some awesome jobs:

Cybersecurity Analyst

The cybersecurity analyst is responsible for protecting both company networks and data. In addition to managing all ongoing security measures, the analyst is also responsible for responding to security breaches and protecting company hardware, such as employee computers.

Security Engineer

Security engineers are tasked with planning and executing a company’s information security strategy and maintaining all security solutions. They can also be responsible for documenting the security posture of their company and any issues or measures taken under their watch.

Security Consultant

The security consultant is responsible for evaluating a company’s security posture on a contract basis, while also serving as an advisor to other IT employees. The goal of the consultant is threat management and they will often plan, test, and manage the initial iterations of a company’s security protocols.

security+ salaries

Certified Ethical Hacker (CEH)

Also known as Certified Network Defense Architect (CNDA) for government employees, this is obtained through the EC-Council and requires participants to have two years of experience in the information technology industry before taking the exam. Having your Security+ is a huge plus here as the goal of this certificate is to get you thinking like a hacker so you can thwart attacks against your employer.

What will you learn?

The crux of the CEH certification is training on how to identify weaknesses in your network so they can be patched. Participants will have a front-row seat (using their own systems) to the five phases of hacking: reconnaissance, gaining access, enumeration, maintaining access, and covering your tracks.

Where can you work?

The CEH certification is a great tool to help you boost your skill set for your current role.  If you’re looking to improve your career prospects, here are some positions you will be qualified for:

Advanced Threat Analyst

The advanced threat analyst will monitor computer networks with the goal of preventing unauthorized access to files and systems. They also provide reports to senior leadership involving technical defense capabilities of the company.

Information Security Assessor

The information security assessor reviews and makes recommendations about the security posture of a company. They do this by interviewing IT employees, reviewing the security of the network, and testing for vulnerabilities. The assessor also reviews the security policies and procedures of the company.

Penetration Tester

The penetration tester is hired to legally hack the company’s computer networks. Testers may also use social engineering tactics and attempt to verbally gain information by pretending to be someone of trust. If vulnerabilities are found, the penetration tester will make recommendations to heighten security.

ceh salaries

Certified Information Systems Security Professional (CISSP)

CISSP certification is obtained through the International Information System Security Certification Consortium, or (ISC)². In order to take the exam you must meet the following criteria:

  • At least five years of relevant industry experience
  • Be knowledgeable in at least two of the eight Common Body of Knowledge domains

Current professionals also have the option to earn the CISSP with a focus on their current role; concentrations include architecture, engineering, and management.

What will you learn?

As one of the top professional-level cybersecurity certificates, the CISSP covers vulnerability mitigation in web-based systems, cryptography concepts, investigations, as well as professional ethics.

What are your job options?

The CISSP certification is ideal for anyone looking to obtain a more advanced cybersecurity position:

Information Security Analyst

The information security analyst is responsible for protecting the company network and maintaining all defences against an attack. The analyst may also implement the company’s disaster recovery plan in the event of network outages.

Information Security Manager

The information security manager develops policies and procedures aimed at securing the company network. They oversee information security analysts while ensuring that the company complies with information security standards and norms. As a manager, they are responsible for hiring and training new information security analysts.

Chief Information Security Officer (CISO)

The CISO is an executive-level position and is responsible for overseeing the company’s overall security plan. They are ultimately responsible for network security breaches and work with other executives to ensure departments comply with security standards.

cissp salaries

Licensed Penetration Tester (LPT)

The LPT is an expert-level designation overseen by the EC-Council and given only to those who have mastered cybersecurity techniques; it is arguably the pinnacle of cybersecurity certifications.

Applicants must fulfill one of the following requirements in order to be eligible for the exam:

  • Have a minimum of two years of experience as a penetration tester
  • Hold the EC-Council Security Analyst (ECSA) certification
  • Hold another industry-equivalent certification, such as GIAC Penetration Tester (GPEN) or Offensive Security Certified Professional (OSCP).

What will you learn?

Because companies hire LPTs to legally hack into their networks, the certification covers mastery-level cybersecurity concepts, including multi-level pivoting, OS exploits, SSH tunneling, and privilege escalation.

Anyone who receives this cybersecurity certification is expected to make decisions under pressure that can impact the network security of an entire company.

What are your job options?

The LPT certification will solidify your cybersecurity credentials. Here are the type of jobs you can expect to get:

Cybersecurity Engineer

A cybersecurity engineer is the architect of a company’s network security. They build, install, and maintain web content filters, firewalls, network sniffers, router access control lists, and more. As an engineer, you will be responsible for creating roadblocks and honeypots for any would-be hackers while monitoring all activity in order to improve defenses.

Senior Security Consultant

A senior security consultant has extensive experience testing a company’s security posture. In addition to analyzing a company’s network, they are also responsible for researching new security technologies and threats, and may oversee junior consultants.

Licensed Penetration Tester

The LPT certification was created exactly for this position. These cybersecurity masters test an organization’s network for vulnerabilities using a predetermined set of tools.  As an LPT, you are responsible for identifying weaknesses and making suggestions on how to fix them.

lpt salaries

Which cybersecurity certification is for you?

Picking the right certification for you comes down to two factors:

  • Where are you in your career?
  • What are you looking to achieve?

For those with little cybersecurity experience, it’s best to start with Network+ or Security+, as they are designed to help participants expand their knowledge and skills so they can ace a cybersecurity interview, land a quality job and increase their experience.

Once you have the experience, move onto the CISSP or hacker certifications to fine-tune your skills or improve your eligibility for a promotion or new role.

This post was written by Jason C. Jason, a Navy veteran, black belt, and writer who holds multiple cybersecurity certifications. Follow him at @writingbyjason.

Springboard’s new Cybersecurity Career Track is a mentor-guided online bootcamp designed to get you certified and hired. Find out more!