How many is to many?

Here is a good question is it possible to have to many certifications? I took the ECSS yesterday from EC Council and passed it. Only reason i took it is because it receetifies sec+ for full units and i need an easy CEU credits since im doing OSCP which is demanding for me. Wont put ECSS on resume but kinda got me thinking about how many certs before they lose their impact? Thanks all!

Find more posts tagged with

Comments

TheFORCE

I think as we move forward and the industry evolves so will the certificates. I think some will lose their value, some will evolve and new ones will come out that will replace the old ones. Personally, i'll focus on what gives me knowledge and what benefits my career even i get CPE credits from them then that's a bonus. But im not going to say i have 5 certs and now i'll stop, what i will say tho is, I have 5 certs but if I have CISM maybe it can replace my ITIL on my business card lol

DatabaseHead

I think one or two professional level certifications is more than enough.

Security Engineers / Analyst positions over 60% of the time required a degree and the CISSP or CEH. Very rarely did I see the position ask for more than 3 security certifications.

Mike7

Guess it depends on the job you are looking for. Some companies can be very particular. I do see job postings that require candidates to "either have or is willing to obtain all of GCIH, GCIA, GREM and GCFA"

[Deleted User]

Well for myself for example, I work in Security just not the interesting side of it. My role is more of a Security sys admin at best. I'm trying to get into penetration testing or vulnerability management would be nice! Doing certs like OSCP,GPEN,CISSP etc as I see them on many job postings in my area. Kinda stuck between that and being a network engineer at the moment so I'm doing certifications to cover both in case my pen testing/vuln management dream doesn't pan out. Always have to have a fall back plan!

Some certs i'm doing just for the knowledge like E|CES to learn more about cryptography that may not have been covered in my previous certs. But those are my 2 areas of interest as of now and will most likely stick to those.

OctalDump

I don't think, practically, that you can have too many. However, some hiring people will assume that many, many certifications = dumping. If you do want to put many certifications on your resume, then you might need to address that possible concern. For example, you could put dates to show that they were acquired over period of time. However, the best approach is probably to tailor the resume to the job, include the certifications mentioned in the job listing (that you have), and the highest level of whatever else might be relevant.

What is more important is choosing certifications that a relevant and have value. If you have CISSP, there's not much value in doing Sec+. Or doing multiple different variations on pentester certs (ECSA+GPEN+OSCP+eJPT+mile2 etc). You'd choose the ones that have value, both for your development/interest/pleasure and what works for the market. So if you had OSCP, pursuing CEH is still possibly worthwhile even though it is a 'lesser' certification, simply because the market still values it.

Freeguy

I don't think there's such a thing as too many certifications. I consider certifications to be a good way to prove to myself that I understand a subset of technology, and there's never anything wrong with gaining more knowledge.

HOWEVER, when applying to a job, be sure to tailor your resume for the job itself. If you list too many certifications, they could think that you are compensating for something or that you are dumping. Only list certifications that are relevant or that you are particularly proud of. For example, if you have your CCNA, there's not much point in listing Network+. Or if it's for a network engineer role, they probably don't care about your Nutanix knowledge.

E Double U

No such thing as too many to obtain, but I limit the CV to listing only the relevant few. I can only imagine that someone that has moved around in IT for 20 years and got certs in each role would have amassed more than a handful of certifications. I no longer list my CompTIA and Microsoft certs because they aren't relevant to the roles that I apply for now. I wouldn't worry about someone thinking I'm a dumper because the number of certs on my resume because I wouldn't list anything that my skills couldn't back up. Not to mention the job duties on my resume align with the certs. My current and former employer both listed vendors such as (ISC)², GIAC, ISACA, and EC-Council as required/recommended certs so I listed the relevant certs on my application.

DatabaseHead

Mike7 wrote: »

Guess it depends on the job you are looking for. Some companies can be very particular. I do see job postings that require candidates to "either have or is willing to obtain all of GCIH, GCIA, GREM and GCFA"

My research shows those type of jobs are black swans. All? I can't recall seeing one position asking for 5 or more certifications with an AND statement. Maybe an OR but most certainly not an AND.

Node Man

Like college degrees, I only mention certificates if it is relevant to the work being done.

UnixGuy

Have the knowledge and expertise to back it up.

Spend more time LABing.,..the more practical knowledge you have the more solid your theoretical knowledge is