When you’re new to the world of IT, the alphabet soup of certifications can feel a bit overwhelming. Which ones are the most valuable? Which ones should I earn first? Do I really need to earn them at all?
The answer to that last question is simple: Yes, you need to earn IT certifications. While some companies are willing to hire candidates who don’t have certifications but have demonstrable skills and experience, most won’t even consider applicants who don’t have at least entry-level credentials. The question then becomes: Where do I start?
While there are plenty of opinions about which credentials are the best for those who have some experience in IT, but not enough yet to qualify for one of the advanced credentials, one of the best options is the Systems Security Certified Practitioner (SSCP). Offered by the International Information Systems Security Certification Consortium, or (ISC)2, the SCCP is often compared to the CompTIA Security+ credential and viewed as the precursor to the highly sought after Certified Information Systems Security Professional (CISSP).
The SSCP certification indicates an IT professional’s technical skills in implementing, monitoring and administering IT infrastructure, as they relate to the organization’s information security policies. While the CISSP credential indicates a practitioner’s theoretical knowledge, the SCCP indicates that he or she also has the practical, hands-on experience necessary to manage infrastructure security. In fact, it’s the hands-on nature that also sets the SCCP apart from the CompTIA Security+, as the SCCP requires at least one year of work experience in security, while the Security+ only suggests that candidates have that practical experience.
SCCP in DepthAs with most certifications, the SCCP requires qualified candidates to pass an exam. According to (ISC)2, this particular exam covers seven key areas of knowledge:
- Access Controls
- Malicious Code and Activity
- Monitoring and Analysis
- Networks and Communications
- Risk, Response, and Recovery
- Security Operations and Administration
It’s important to note that the experience requirement for the SCCP is strictly enforced. After passing your exam, you will be required to complete the endorsement process, in which two individuals sign statements attesting to your paid, full-time work experience. The paid, full-time designation is important; experience gained from part-time work, volunteer work, or internships in information security do not count toward the SCCP experience requirements.
However, if you are short on experience, (ISC)2 will allow you to take the exam, and grant you the Associate of ISC(2) Certification designation and two more years to complete the endorsement process.
The Benefits of SCCP
The most obvious benefit to the SCCP credential is the increased earning potential. According to Payscale.com, the average SCCP holder has between one to four years of experience in IT, and earns between $40,000 and $88,000 per year. The highest paid employees with the SCCP are those who also hold a master’s degree in a related field.
However, beyond the increase in salary, SCCP holders also have more career opportunities. The SCCP meets the Department of Defense requirements for security credentials for individuals working in information security, whether for the DoD itself or a subcontractor. Many private sector companies are following the DoD’s lead and requiring applicants to have IT certifications before they even apply for a job.
In addition, the continuing education requirements help ensure that you stay abreast of the latest developments within the security industry and remain ahead of the curve in terms of new challenges and solutions.
Above all, though, earning the SCCP allows you to feel more confident in your day-to-day work and secure in the knowledge that you know what needs to be done and how. As you move forward in your career, you’re also already on the path to earning more advanced certifications, like the CISSP, and reaching your career goals.