Let's talk about the best tier 2 or professional level, Cyber security certifications for the year 2022. This is for those who are already working as a security professional and want to improve their skills and move to another level. This can also be for those who are already working in it and want to shift to a more securely focused role. Id security path is broad. That is why I group certifications into multiple paths or concentrations. I base also this list on many different criteria, Such as cost market value, Market demand, Exam content, Potential pay, And there is one more recertification strategy for those who are new to this channel.

I started my career as a programmer then became a linux and web administrator. Then a network engineer, Then a security specialist. Then a solutions manager became a global instructor and traveled the world been a hiring manager multiple times helped thousands of people built their id careers and helped them move from their poor countries to the united states, Australia, Canada, Uk and singapore.

I am your career and certifications. Captain and on this channel we talk about tech, Careers and certifications, Prevent tutorials in cyber security, Triggering tutorials in cloud and data center, And my journey as an it instructor so feel free to check out the rest of the channel and consider subscribing . So we're going to skip cloud and data center security certifications because it's a cross over between cloud and data center and security. I will talk about it in a dedicated article, So first path, Security engineering, Also known as security infrastructure, Which is used for the defense side, And this group of certifications is vendor specific. Now this will solely based on what vendor appliance your organization is using, And you need to know this before even preparing for the certification exams.

Keep in mind that there are lots of solutions such as next generation, Firewall, Endpoint security, Identity management, Vpns, Web application, Firewall dns security, Email security and many others here are my top vendor security, Certifications. First, Under cisco, We have the cisco certified network, Professional or ccnp in security. This requires two exams since 2020: cisco changed their certification program and ccnp security requires only two exam. First is the core exam, Also known as s-core or security core, Plus a single specialization exam. This can be next-generation, Firewall, Identity management, Vpn, Email, Security, Specialization.

The advantage of ccnp security is: it covers lots of technology from over 13 different cisco security appliances. Second, We have f5 for f5, T have f5 cts. Now we have asm or the application security manager and optionally apm access policy manager, Waff or the web application. Firewall is f5 asm solution and it's a very critical appliance in networks.

It's the one sitting in front of hundreds, If not thousands, Of servers. There is only one well-known certification for waff, And that is f5 cts. Asm apm, On the other hand, Is an ssl vpn and identity management solution, Number three palo alto networks.

In most recent years, The company always been the leading next generation firewall vendor. So it's a good idea to get their certifications as well. The good news is, You can jump to pc and se stands for palo alto networks, Certified network security engineer. This certification can be taken directly.

This is the most popular palo alto network certification, And it covers not only next generation firewall, But also secured sd-1 deployments, Not too many valuable certifications from palo alto networks, Though number four checkpoint. This is another leading vendor in next generation. Firewall solution, So t have ccse stands for checkpoint, Certified security expert, It's actually a mid or professional level certification. And to get this certification, You need to be a ccsa checkpoint, Certified security administrator.

First, It's not a debate which one you should pick again. It depends which vendor or vendors your company is using. If your company is using old, Palo alto networks, Next generation firewall, It's a good idea to pick psnsc or if your company is using checkpoint, You may go for ccsa and ccse as well. So that's my top four but if your situation is you just want to move to a security rule, What is the two best certification to take? Well, First, If you already have a ccna and f5 ca, Ccnp security and f5 cts asm is the best option.

This will certify all your tier 1 certifications as well and knowing asm will get you more opportunities because web application, Firewall solution, Is not even available from cisco, Palo, Alto networks and checkpoint. But let's say you are only ccna. I would suggest to go for still. Ccnp security and if you want to take the easier path, Go for pcnse second path, Penetration testing, Certifications mainly used for offensive side of security.

First, We have the offensive security certified professional, Probably the most popular real penetration testing certification before it was only oscp under offensive security. But now there are two new 200 level certifications. One is called offensive security web assessor, Which focuses mainly on web attacks. Other two in our list is another pair generic and web penetration testing certifications, But this time it's from e-learn security.

So first we have the e-learning security, Certified professional penetration, Tester or ecppt and another. We have e-learning security, Web penetration, Tester or ewpt. So some people - what t do is this: t will go for e-learning, Security. First, For example, T will take ecppt first before oscp, Because it's considered easier and the exam is seven days long, But less pressure, Unlike oscp, It's a 24 hours lab exam and another 24 hours for documentation. Guys like me, Who specialize in web technologies - or let's say you are already f5 cts, Asm, Ewpt and oswa - would be the best complement among all mid-level cyber security certifications, But both would do the same.

Both are easier compared to oswe. I know a lot of people failing oswe and the best step is to take oswa or ewpt. First, That's my list, So you're, Probably thinking what is my top two best certification to take. I would go for oscp because it's more widely recognized than the other three for web penetration testing.

I would go for oswa, Even if it's still new but popularity wise. It would be oscp and ecppt next path, Operations and analysis, Certifications. First, We have the cisco cyber ops professional. This is a more advanced certification of cisco certified cyber ops associate. So it consists of two exams.

One is the core exam which is cbr core, Plus a concentration exam like forensic analyst and incident response. Another new offensive security certification is osda stands for offensive security, Defense analyst same with oscp and oswa, It's a 200 level core certification and this certification focuses on the ability to detect and assess security incident. I know I know this are new certifications, But I'm betting, Both osw, A and osda, Will be big in the future.

E-Learn security has also a dedicated certification for digital forensic ecdfp or e-learn security. Certified digital forensic professional. It is designed for those who want to specialize in incident response, So you will be doing disk network unlock analysis, Plus system and network forensics as well, So ecdfp, Osda and cisco cyberops professionals. This are all designed for individuals who are working or who wants to work in a security operations center as analyst incidence response, Specialists or threat hunters, And we have casp plus comptia advanced security practitioner, Though comptia recommends 10 years of experience and claim this as an advanced Level certification, To be honest with you, I can't put this to an expert level same level with ccie f5 cse o-s-e-e.

but the good news is the casp plus is designed for security operations. This certification also qualifies for security policy and management path, So that is my list, But my top two best certification to take under this path would be. I will go for cisco cyber ops, Professional.

CCNP 300-715 Dumps

This will recertify all cisco, Associate and other professional level, Certifications and osda, Because it's more hands-on now cisplus is also good. Once you pass the asp plus exam, You will not only recertify, Lower level certifications such as security plus pentax plus, But you will also get a stackable certifications, Such as csae and csie last path: security policy management, Certifications. This is the list path that I am familiar with. I just don't have much experience at all.

I remember I attended cisv training and I also attended security management events. I got bored all talk, No labs and no demos anyway, Based on certification holders. I know personally and my security team and years of experience in this industry here are the top security management certifications. So the top vendors for security management certifications are isc2 and isaka for mid level. I would include system security, Certified practitioner or sscp and certified information system.

Auditor cisa in the list we also have iso iec 27001 - is getting more and more in demand, Especially for those companies who are already iso certified and needs qualified people who can develop and maintain their management system and, Lastly, Casp plus. We know that this is designed for security operations and analysis, And this is also a bit technical, But it also qualifies for security policy and management certifications. So that's my list, But the top two best certification I would take. I will go for casb plus because of its dual purpose, And I will also go for isaka cisa, I think, Being a security auditor will get you more money so for sscp .

It doesn't have much value if you compare it to the more advanced certification cissp, Which is also under iese too. It's not even a prerequisite. You can just take cissp directly.

So that's my best. Cyber security, Certifications for tier 2 or professional slash mid level hit like button. If you find this article useful and interesting, Some of you may not agree with me. That's all right! So leave your comment and I'm open for discussions and debate, And maybe some of you are wondering why some vendors and organizations are not included, Such as fortinet and juniper and under offensive. Why sans chiak and ec council are also not in the list, And do you know why do you know why I will tell you in another article

Now that you have known about the fact, you must be attracted to achieving it. If you wish to have it, you must have to do lots and lots of studies, unless you have a good and reliable CCNP 300-715 Dumps provider like that of the EveDumps.

Comments

Leave a comment