Ok, I am looking at all the great exams out and am looking for my next challenge. I am prepping for SSCP and CEH. What does everyone recommend? CEH, SSCP, CASP, CISSP, Sans GIAC certs, etc also what else would you say to add to the portfolio of education/certifications.
Certifications are valuable to show employers your competencies. You need to match your certifications to the job you want to get. You also have to match the certifications with your experience. Many certifications require specialized experience that has to be validated by a responsible person. You should make sure you either have the experience or will get it in a reasonable amount of time. Finally, you have to recognize that most certifications expire and require some form of continued learning or retesting to obtain an updated certificate.
I would also add to check the cost to obtain/maintain and determine who will be responsible for paying these fees. Having multiple certifications can be time consuming and costly but can be worth it. I wish there was a guide that showed if you want to do this work have these certifications. There are so many out there and it can be confusing to determine which would be the most valuable to the individual.
What would you like to do as a security professional? CEH is a great cert if you're looking to get started on a red team, and SSCP is an awesome beginner security cert. I've never had the money to take a SANs course, but from those I've spoken to, they've all enjoyed and benefited from the courses.
If you're looking to go Red Team, CEH then to Offensive Security Certified Prof.