New to cybersecurity and considering the CompTIA Security+ certification? We collaborated with an expert security engineer to understand exactly what areas the certification covers and which industries are actively hiring people with this certification.
Author: Aireal McCullough
If you are pursuing a career in cybersecurity, the number of certifications available can seem extremely daunting. It may seem difficult to know which certification will provide you the most benefits when entering the field or looking for a career change.
Additionally, certifications such as the Certified Information Systems Security Professional (CISSP) and the Certified Ethical Hacker (CEH) are likely too advanced for someone who is brand new to the field.
The CompTIA Security+ is an excellent choice to obtain as your first security certification, and in this article, I break down why that is and what to expect from obtaining it.
Relaxed Sitting Requirements
The CompTIA Security+ also doesn’t require the long list of prerequisites that some other security certifications require. In fact, there are no required prerequisites at all. While CompTIA does recommend that certification candidates first obtain their CompTIA Network+ and have at least two years of IT administration experience, anyone is welcome to sit for the exam regardless of whether they meet these recommendations or not.
Immediate Career Opportunities
Immediately after receiving my CompTIA Security+ certification, I noticed new doors opening for me within my career. Previously, I held the title of Support Technician but upon receiving my certification I was promoted to the Systems and Security Administrator for my organization.
With the certification in hand, I found myself receiving numerous security-focused job offers and was able to expand my freelancing services to help clients with their various security needs.
Specific Areas of Knowledge and Expertise
This certification prepares individuals to identify different types of attacks such as viruses, rootkits, worms, and bots. CompTIA Security+ holders must also have an in-depth understanding of social engineering techniques such as phishing, spear phishing, dumpster diving and tailgating.
Recognizing application and service attacks such as denial-of-service, cross-site scripting, ARP poisoning, and man-in-the-middle attacks are critical tasks for security engineers. Organizations are constantly looking for engineers that are well-versed in all these items to help keep them safe.
Industries Actively Looking For Security Experts
Security engineers are needed in every industry, not just within technology companies. Healthcare providers have some of the strictest privacy rules and regulations, so security is an utmost priority for them.
The financial industry also has a myriad of industry-specific regulations they must meet. The CompTIA Security+ certification prepares engineers for working in these fields by covering topics such as regulatory, non-regulatory, and industry-specific frameworks.
Security engineers are also prevalent in the manufacturing industry, which is where I found myself utilizing my CompTIA Security+ certification. Manufacturing has a very strong need for cybersecurity experts as attackers often see them as an easy target.
The information I learned while preparing for this certification gave me the knowledge that I needed to ensure that our networks and systems were secure. It allowed me to revisit our physical security and make recommendations based on best practices.
Individuals developing applications can also benefit from obtaining the CompTIA Security+ certification. The certification requires individuals to understand secure application development and deployment concepts to prevent attacks such as cross-site scripting or injection attacks.
The certification also covers development life-cycle models including waterfall and agile. Anyone working in the software engineering industry must be familiar with both waterfall and agile methodologies. Security+ also discusses secure DevOps concepts such as security automations, continuous integration and baselining.
Professionals pursuing careers within the cloud computing industry will likely want to obtain the Certified Cloud Security Professional (CCSP) certification, but the CompTIA Security+ may also be a good choice.
The CompTIA Security+ covers topics such as the two main types of hypervisors, different types of cloud deployment methods, and how to prevent issues such as VM sprawl and VM escape.
Expert Industry Takeaways
As an engineer myself, I can honestly tell you that this certification is worth every hour of studying and every penny to prepare and sit for the exam.
If you are interested in a career as a security engineer or within any of the fields mentioned above, the CompTIA Security+ is a great place to start.
Aireal is a security engineer, technical writing freelancer, and owner of CozyCybersecurity.com. She has nine years of experience in the IT industry and holds numerous certifications including the CompTIA Security+. She has attended some of the largest cybersecurity conferences in the world including both Def Con and Black Hat in Las Vegas.