Security certification or catch 22?

I've always wanted to pursue a certification in IT security, but it appears the most popular ones such as CISP require you to have experience prior getting certified; on other hand jobs posted for IT security need you to be certified. That's catch 22.

Of course there are less-known IT security certification such as Security+, but maybe you can tell me otherwise.

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

Ahriakin

The Sec+ is still an excellent foundation for pretty much any infosec course. I'd definitely do it. It should also make breaking into the field enough to gain the experience for the later certs easier.
Also the vendor specific security certs usually don't require experience, e.g. the CCSP or MCSE Sec.

Lamini

you cannot pass a paper test alone to obtain a respectable IT certification. While a Security+ might get you in an entry level position, its a bit more difficult when pursuing CISSP fortunately; you dont want the people at the forefront of IT security to hold those positions because they passed a test. unfortunately there are those who have CISSP and, well, thats it, put them on a computer and they will be calling the junior techs how to do basic functions, you cannot expect them to secure a router or server.

CISSP should be the icing on top of the cake, not an icing cake, but thats just me, my path is ground up, not the other way around.

dynamik

Lamini wrote: »

CISSP should be the icing on top of the cake, not an icing cake, but thats just me, my path is ground up, not the other way around.

Well said

mrblackmamba343

if you want a security cert that is purelly hands on unlike the CISSP go for CCSP. I'm working on mine right now. A lot of commands that you have to memorized/ study especially for VPN configs but they will pay off someday