In today’s tough IT market having a security certification that recruiters want can mean the difference between getting that next job or not. “A certification today is like a college degree,” says Grad Summers, Americas leader for information security program management services at Ernst & Young. “You may not hire a candidate just because they have one, but it is something that you come to expect in this field.”
Here are the top five security certifications for 2011, compiled by scanning job boards and interviewing IT security recruiters and employers:

Vendor Certifications

A growing need for hands-on network engineers, along with social computing and Web 2.0 technology, has propelled network security even further. Vendor certifications including Cisco’s Certified Network Associate Certification (CCNA), Microsoft’s Certified Systems Engineer (MCSE) with focus on security and Check Point’s Certified Security Expert (CCSE) top the list as organizations within banking, government and healthcare that look to fill open positions including network, system administrators and architects.

CISSP
The popularity of the Certified Information Systems Security Professional is high within the IT security community as it provides the basis of security knowledge. “We feel safe hiring candidates carrying this validation,” says Ellis Belvins, division director at Robert Half International, a professional staffing consultancy, adding that the certification demonstrates the security professionals’ high proficiency, commitment and deeper understanding of security concepts, principles and methodologies.
CISSP is viewed as the baseline standard for information security professions in government and industry. Companies are beginning to require CISSP certification for their technical, mid-management and senior management IT security positions. This certification is offered through (ISC) 2, the not-for-profit consortium that offers IT security certifications and training.

CEH

Certified Ethical Hacker is gaining popularity as organizations focus in securing their IT infrastructure and networks from internal and external attacks. CEH is offered by EC-Council and its goal is to certify security practitioners in the methodology of ethical hacking. This vendor-neutral certification covers the standards and language involved in exploiting system vulnerabilities, weaknesses and countermeasures. CEH basically shows candidates how the attacks are actually done. It also attempts to define the legal role of ethical hacking in enterprise organizations.
Some employers aggressively look to hire candidates with CEH validation for hands on security operations and intelligence activities. “In 2011, we see the need for very specific skill sets which can be obtained through training and certifications such as the CEH,” says Vernon Ross, director of learning and organizational capability at Lockheed Martin Information Systems and Global Solutions.

CISM

Certified Information Security Manager is significantly in demand as the profession focuses on the business side of security. CISM offered by ISACA addresses the connection between business needs and IT security by focusing on risk management and security organizational issues. “ISACA’s CISM are a few that are on our radar for 2011,” Summers says.
CISM is ideal for IT security professionals looking to grow and build their career into mid-level and senior management positions. In fact, the CISM earned a place on the list of highest paying IT security certification by the 2010 IT Skills and Certifications Pay Index from independent research firm Foote Partners.

GIAC

The demand is rising for Global Information Assurance Certification (GIAC) in specific disciplines such as digital forensics, intrusion detection, incident handling, security operations and application software security.