Showing results for 
Show  only  | Search instead for 
Did you mean: 
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Newcomer I

What IT Security Certifications Are Growing As Desired By Employers

According to the Cyber Edge group's 2022 Cyber Threat Defense Report, employers interviewed indicated that certifications in cloud security and software security as shown below are in top demand.  These certifications would include the Certified Cloud Security Professional (CCSP) and Certified Software Security Lifecycle Professionals (CSSLP).    According to the trends I've been tracking on Indeed from employer job postings it appears however, the certification trends posted in employer job openings have the CISSP followed by ISACAs Certified Information Systems Auditor (CISA) as the top certifications. CCSP and CSSLP are among the lower ranked advertised certifications for employer job openings.  Maybe the new trend hasn't caught on yet with employer job advertisements?


Screenshot 2022-09-30 165112.png

Screenshot 2022-09-30 165910.png

13 Replies
Advocate I

The CEH has never been taken seriously since its inception. The only reason the cert took off at all was due to the US DoD listing it as a requirement to satisfy the failed InfoSec regulation they created.


As far as usefulness today most pentesting has been automated save a few client facing applications and network testing done for audit purposes only. Generally, we see as good if not better results from a proper scanning and testing regimen on a dollar per dollar basis then we see boring the daylights out of rows of pentesters every day. 


I have four great case studies on the subject based on past and present clients where we show the cost differential between programs, costs per exploit found and risks involved. 


Please don't embarrass yourself into believing pentesting or the "CEH" has a future.


Contributor II

We do automated pentests, using industry standard tools, before the humans have a go. The meat scanners frequently find things that the automation didn't pick up on.

You do automatic scans - as part of your CI if possible - to find the low-hanging fruit, and human testers to catch the rest.
Newcomer I

I do not believe the second chart.


There are NOT 20,000 CISSP job postings on Indeed.


Look for yourself.


I have been.


For years...

Community Champion

Every time I search, the "locations" menu only lists "remote" and cities in my own country, which I had presumed to explain why my count was less than 20,000.


How do you search Indeed for jobs "globally" or in a different country?