Certification or Degree?

Is it better to get certifications or a degree? What does the industry look for?  Which one will get me hired?

I have researched and debated these questions with lots of professionals within the IT security Industry. While each has their own answer I have been able to generalize their responses into a general feel for the industry.  I hope that this compilation will provide some direction in your search to better your career.

I hope that this will help you plan for your future and knowing how to prioritize your career path.  This is not the be all end all in career planning, as each persons perspective is different.  I have outlined three key things an employeer will look at that can be leveraged by you.

1.) Experience in the industry:

I think this is the biggest thing that employer will look at when making an assessment of your skill level and knowledge. It is also the most obvious thing people think about when they consider getting a new job. This shows direct correlation to skill sets that your past employers hired you for.  The key to properly showing off your experience is properly formatting and wording your resume to industry standard terminologies.

When looking to gain experience within an industry, you will need to be prepared to take a job because the organization holds a lot of weight within the industry.  If you are looking to move into a large enterprise from a smaller organization (where you did everything) you will need to take a step into an organization that might not be your first pick.  The reason for this is to show the organization you want to show them you have the specific experience they are looking for.

2.) Certifications:

This can be used to determine depth of skills and technical knowledge you posses.  It is hard for an employer to gauge correctly your levels of skills from the limited number of times you are in contact with them. Think about it, they are working with lots of other qualified candidates.  Certifications help you stand out from the piles of candidates.  You make have the skills to pass your (CISSP, CEH, CFHI,Net+, etc..), but if you haven’t communicated it in your experience a certification the employer might not get it.

Additional thoughts to consider when thinking about getting a certification. This list is a list that I use to validate the validity of getting a particular certification.

  • How many people have this cert?
  • How does it hold up in the industry?
  • Is it in demand? (try searching online for people hiring professionals with that certification)
  • What is the cost?
  • What is the level of kowledge requiered to get the certification?

3.) Degrees:

Degrees are last on my list, but they will still play a pivotal role within your career. I do think that they will be considered last bby an employeer, but for a young person in their career it can be the deciding factor for a hire. Or for a professional who is taking on more of a mangement role.

This can be a touchy subject, so I will try to approach it with a level of awareness that will hopefully address all concerns and make my position clear.  I think that getting a general degree is a necessity within any industry. So get your Associates or Bachelors degree.  I do think that you need to be specific to the degree you commit your self to.  Making sure that it will accomplish your end career goals.  That being said, within the Information Security field, unless the degree is specific to Info Sec, I would not recommend it unless one of the following is ture:

  • Are you getting a degree to teach?
  • Do you want to get higher education?
  • Are you looking at a management postion?

I will say again that I am 100% behind higher education.  What I’m saying here is that you should weight the advantage of a degree with the advantage of getting a group of certifications.  Know that employeers will look at the certification first.


The things I have said here are in fact my opionon and not facts.  I say that to say “the choice is yours to make. So make the right choice for you”.