14 IT certifications that will survive and thrive in the pandemic

data science certification man at computer

The pandemic has thrown a lot of what we know in turmoil and hurt some industries more than others -- think airlines, hospitality/leisure, retail, Big Pharma, oil and some consumer products. But what has been the overall effect so far on tech professionals and the skills marketplace? 

I began to answer this question in my last column with a review of what we’ve been hearing from several hundred senior tech executives and decision-makers across 40 industries in our research partnership base. But also, we provided a high-level data analysis of how cash pay premiums for 1,090 tech skills and certifications were affected in the first three months of 2020.

Next, we’ll go deeper into how individual certified and noncertified tech have been affected, beginning with tech certifications.

Pay for IT certifications has been on a downward trajectory for nearly two years according to Foote Partners’ long-running IT Skills and Certifications Pay IndexTM. This data is provided by 3,578 private and public-sector employers in 83 U.S. and Canadian cities who partner with our firm to report pay for their 324,480 technology professionals. Currently averaging the equivalent of 7 percent of base salary on average for a single certification, that’s the lowest average pay premium for IT certifications in seven years. Moreover, the average market value for 505 tech certifications has declined nearly 8 percent since Q1 2018.

And the survivors are…

These are certifications we believe will survive the pandemic effect on labor markets and continue to be 'best bets' for tech professionals looking for answers to how to build their careers in this new normal.

The following tech certifications are distinctive for two reasons: they recorded notable gains in cash market value in the six months ending April 1, 2020 and are also earning cash pay premiums equivalent to 10 to 13 percent of base salary. This is significantly higher than the average of all tech certifications being reported. They are listed in declining order based first on cash pay premium earned and second by highest to lowest six-month growth.

1. (Tie) EC-Council Computer Hacking Forensic Investigator (CHFI) 

CompTIA Advanced Security Practitioner (CASP)

Market Value Increase: 30 percent (in the six months ending April 1, 2020)         

 The CompTIA Advanced Security Practitioner is a hands-on, performance-based certification for practitioners — not managers — at an advanced skill level of cybersecurity. While cybersecurity managers help identify what cybersecurity policies and frameworks could be implemented, CASP certified professionals figure out how to implement solutions within those policies and frameworks.  This certification validates advanced-level competency in risk management, enterprise security operations and architecture, research and collaboration, and integration of enterprise security. It measures knowledge in the following:

  • Enterprise security domain expanded to include operations and architecture concepts, techniques and requirements
  • More emphasis on analyzing risk through interpreting trend data and anticipating cyber defense needs to meet business goals
  • Expanding security control topics to include mobile and small-form factor devices, as well as software vulnerability

Computer forensics is the application of computer investigation and analysis techniques in the interests of determining potential legal evidence. Evidence might be sought in a wide range of computer crime or misuse, including but not limited to theft of trade secrets, theft of or destruction of intellectual property, and fraud. Computer hacking forensic investigation is the process of detecting hacking attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks.

Likewise, achieving the Computer Hacking Forensic Investigator (CHFI) certification validates that you have the knowledge and skills to detect hacking attacks, to properly gather the necessary evidence to report the crime and prosecute the cybercriminal in a court of law, and to conduct an analysis that enables you to prevent future attacks.

With a focus on computer forensics from a vendor-neutral perspective, the CHFI certification provides the ideal level of network security expertise for law enforcement personnel, system administrators, security officers, defense and military personal, legal professionals, bankers, security professionals and anyone who is concerned about the integrity of the network infrastructure.

3. (Tie) GIAC Certified Forensics Analyst (GCFA)

Certified Secure Software Lifecycle Professional (CSSLP)

Market Value Increase: 18.2 percent (in the six months ending April 1, 2020)         

The GIAC Certified Forensics Analyst focuses on computer forensics in the context of investigation and incident response, and thus also focuses on the skills and knowledge needed to collect and analyze data from Windows and/or Linux computer systems during such activities. It certifies that candidates have the knowledge, skills, and ability to conduct formal incident investigations and handle advanced incident handling scenarios, including internal and external data breach intrusions, advanced persistent threats, anti-forensic techniques used by attackers, and complex digital forensic cases. GCFAs are front line investigators during computer intrusion breaches across the enterprise. They can help identify and secure compromised systems even if the adversary uses anti-forensic techniques. Using advanced techniques such as file system timeline analysis, registry analysis, and memory inspection, GCFAs are adept at finding unknown malware, rootkits, and data that the intruders’ thought had been eliminated from the system.

These are the most common roles for GPEN certificants:

  • Incident Response Team Members
  • Threat Hunters
  • SOC Analysts
  • Experienced Digital Forensic Analysts
  • Information Security Professionals
  • Federal Agents and Law Enforcement Professionals
  • Red Team Members, Penetration Testers, and Exploit Developers

Like other (ISC)2 certifications, the Certified Secure Software Lifecycle Professional (CSSLP) is a vendor-neutral credential relevant to many kinds of programming and development projects. Aimed at software developers, engineers, architects, QA and penetration testers, security specialists and the like, the CSSLP recognizes competency in securing applications throughout the software development lifecycle. Prerequisites include at least four years' full-time work-related experience in the software development lifecycle in at least one of eight CSSLP domains, or three years' experience plus a bachelor's degree or equivalent in an IT-related field such as computer science or information technology. The required exam covers all phases of this lifecycle, including secure software concepts, requirements, design, implementation and coding, and testing.

5. EC-Council Certified Incident Handler V2 (ECIH)

Market Value Increase: 33.3 percent (in the six months ending April 1, 2020)

“Incident handler” is a term used to describe the activities of an organization to identify, analyze, and correct hazards to prevent a future reoccurrence. These incidents within a structured organization are normally dealt with by either an Incident Response Team (IRT) or an Incident Management Team (IMT). The teams are often either designated beforehand or during the event and are placed in control of the organization while the incident is dealt with in order to retain business processes. The EC-Council Certified Incident Handler certification is for skilled professionals who are able to handle various types of incidents, risk assessment methodologies, and various laws and policies related to incident handling. They are able to create incident handling and response policies and deal with various types of computer security incidents such as network security incidents, malicious code incidents, and insider attack threats. The sheer number cyber incidents that require these skills is clearly on the rise and so therefore are ECIH certified workers.

6. GIAC Certified Penetration Tester (GPEN) 

Market Value Increase: 20 percent (in the six months ending April 1, 2020)       
The GIAC Certified Penetration Tester certification validates a practitioner's ability to properly conduct a penetration test, using best practice techniques and methodologies. GPEN certification holders have the knowledge and skills to conduct exploits and engage in detailed reconnaissance, as well as utilize a process-oriented approach to penetration testing projects. Areas of expertise covered in the GPEN include:

  • Comprehensive Pen Test Planning, Scoping, and Recon
  • In-Depth Scanning and Exploitation, Post-Exploitation, and Pivoting
  • In-Depth Password Attacks and Web App Pen Testing

Security personnel responsible for assessing networks and systems to find and remediate vulnerabilities are the most common roles for GPEN certificants, including: Penetration testers; Ethical hackers; Red Team members; Blue Team members; and defenders, auditors, and forensic specialists who want to better understand offensive tactics.

7. EC-Council Certified Encryption Specialist (ECES) 

Market Value Increase: 9.1 percent (in the six months ending April 1, 2020)

The EC-Council Certified Encryption Specialist certification introduces professionals and students to the field of cryptography. Certificants have a solid foundation in modern symmetric and key cryptography including the details of algorithms such as Feistel Networks, DES, and AES, plus:

  • Other algorithms such as Blowfish, Twofish, and Skipjack
  • Hashing algorithms including MD5, MD6, SHA, Gost, RIPMD 256 and others.
  • Asymmetric cryptography including thorough descriptions of RSA, Elgamal, Elliptic Curve, and DSA.
  • Significant concepts such as diffusion, confusion, and Kerkchoff’s principle.

Certificants are also qualified to provide a practical application of the following:

  • How to set up a VPN
  • Encrypt a drive
  • Hands-on experience with steganography
  • Hands on experience in cryptographic algorithms ranging from classic ciphers like Caesar cipher to modern day algorithms such as AES and RSA.

8. GIAC Certified Enterprise Defender (GCED)

Market Value Increase: 22.2 percent (in the six months ending April 1, 2020)   
The GIAC Certified Enterprise Defender certification builds on the security skills measured by the GIAC Security Essentials certification. It assesses more advanced, technical skills that are needed to defend the enterprise environment and protect an organization as a whole. GCED certification holders have validated knowledge and abilities in the areas of defensive network infrastructure, packet analysis, penetration testing, incident handling and malware removal. Areas covered by this certification include: Incident handling and computer crime investigation; computer and network hacker exploits; hacker tools (Nmap, Nessus, Metasploit and Netcat).

9. GIAC Certified Forensics Examiner (GCFE)
Market Value Increase: 11.1 percent (in the six months ending April 1, 2020)      
The GIAC Certified Forensic Examiner certification validates a practitioner's knowledge of computer forensic analysis, with an emphasis on core skills required to collect and analyze data from computer systems. GCFE certification holders have the knowledge, skills, and ability to conduct typical incident investigations including e-Discovery, forensic analysis and reporting, evidence acquisition, browser forensics and tracing user and application activities on Windows systems. Areas covered by this certification include:

10. Six Sigma Black Belt

Market Value Increase: 20 percent (in the six months ending April 1, 2020)   

11. Six Sigma Green Belt

Market Value Increase: 25 percent       

Six Sigma is defined as a method for reducing variation in manufacturing, service or other business processes. At the project level, there are six proficiency levels for conducting projects and implementing improvements.

  • Master Black Belt: Trains and coaches Black Belts and Green Belts. Functions more at the Six Sigma program level by developing key metrics and the strategic direction. Acts as an organization’s Six Sigma technologist and internal consultant.
  • Black Belt: Leads problem-solving projects. Trains and coaches project teams.
  • Green Belt: Assists with data collection and analysis for Black Belt projects. Leads Green Belt projects or teams.
  • Yellow Belt: Participates as a project team member. Reviews process improvements that support the project.
  • White Belt:Can work on local problem-solving teams that support overall projects, but may not be part of a Six Sigma project team. Understands basic Six Sigma concepts from an awareness perspective.
  • Brown Belt: Brown Belt is not traditionally used in Six Sigma and is not recognized by most organizations or accrediting agencies. However, some organizations may classify a Brown Belt as a person who has their Green Belt and has passed the Black Belt certification exam, but hasn't completed a second Six Sigma project.

The Certified Six Sigma Black Belt holder can explain Six Sigma philosophies and principles, including supporting systems and tools, and should demonstrate team leadership, understand team dynamics and assign team member roles and responsibilities. Black Belts have a thorough understanding of all aspects of the define, measure, analyze, improve and control (DMAIC) model in accordance with Six Sigma principles. They have basic knowledge of lean enterprise concepts, are able to identify non-value-added elements and activities and are able to use specific tools.

Earning a Six Sigma Black Belt requires two completed projects with signed affidavits or one completed project with signed affidavit and three years of work experience in one or more areas of the Six Sigma Body of Knowledge. A Black Belt project is one that uses appropriate tools within a Six Sigma approach to produce breakthrough performance and real financial benefit to an operating business or company. Examples of projects that qualify:

  • Manufacturing product defect reduction.
  • Human resources recruitment cycle time reduction.
  • Reduced accounts payable invoice processing costs.
  • Reduced Manufacturing machine setup time.

The Certified Six Sigma Green Belt operates in support of or under the supervision of a Six Sigma Black Belt, analyzing and solving quality problems and involved in quality improvement projects. They help with statistical analysis and may lead projects in a part-time capacity.

The Six Sigma Green Belt certification requires three years of work experience in one or more areas of the Six Sigma Green Belt Body of Knowledge.  Candidates must have worked in a full-time, paid role; paid intern, co-op or any other course work cannot be applied toward the work experience requirement. Additional minimum expectations of a Certified Six Sigma Green Belt include: Analyzes and solves quality problems; involved in quality improvement projects; participated in a project, but has not led a project; has ability to demonstrate their knowledge of Six Sigma tools and processes.

12. Certification of Capability in Business Analysis (CCBA)

Market Value Increase: 22.2 percent (in the six months ending April 1, 2020)

The Certification of Capability in Business Analysis designation from the International Institute of Business Analysis (IIBA) highlights a certificant’s capability to work effectively with stakeholders, to model business processes, and identify and evaluate opportunities for better business outcomes. The certification represents skills and knowledge applied to real-life scenarios. The CCBA exam is based on A Guide to the Business Analysis Body of Knowledge (BABOK Guide). To earn this certification a business analyst needs to be knowledgeable in all six knowledge areas in the BABOK Guide with proficiency in at least two. Minimum prerequisites to qualify for the exam are:  

  • Minimum 3750 hours of business analysis work experience aligned with BABOK Guidein the last seven years
  • Minimum 900 hours in each of 2 of the 6 knowledge areas OR 500 hours in each of 4 of the 6 knowledge areas
  • Minimum 21 hours of Professional Development in the past four years
  • Minimum high school education or equivalent
  • Two references from a career manager, client or Certified Business Analysis Professional recipient

13. ITIL Expert Certification

Market Value Increase: 11.1 percent (in the six months ending April 1, 2020)    
The ITIL Expert is an advanced certification that encompasses the breadth and depth of ITIL processes and practices across all ITIL disciplines. Aimed at those who are interested in demonstrating knowledge of the ITIL Scheme in its entirety, the certificate is awarded to candidates who have achieved a well- rounded, superior knowledge and skills base in ITIL Best Practices. ITIL Expert certification is also a prerequisite for the ITIL Master certification.

Of the many possible combinations of modules from the ITIL framework available to those wishing to attain the ITIL Expert certificate, there are some key requirements:

  • End learners must hold the ITIL v3 Foundation* certificate or ITIL 4 Foundation certificate
  • End learners must have earned a minimum total of 17 credits from the Foundation and Intermediate modules.
  • Some credits from earlier qualifications and complementary certifications can also count towards these 17 credits. See the ITIL Credit System page for more information.
  • The Managing Across the Lifecycle (MALC) module must then be taken and passed to achieve a total of 22 credits, which is the minimum required for the ITIL Expert certificate.

What is ITILFor readers who are unfamiliar, The Information Technology Infrastructure Library (ITIL) is a framework for managing IT service delivery around the world. By adopting the ITIL framework, companies ensure that their services are delivered according to a set of consistent, well-defined processes that incorporate best practices and processes, resulting in a predictable level of service for users. The benefits of ITIL include reduced cost of service development and deployment, improved customer satisfaction with service delivery, increased productivity from IT personnel, quality improvements, better management metrics of services and increased flexibility in adapting services to changing business requirements. There are five different certification levels: Foundation; Practitioner; Intermediate (Service Lifecycle and Service Capability categories); Expert; Master.

14. AWS Certified DevOps Engineer – Professional

Market Value Increase: 11.1 percent (in the six months through April 1, 2020)

The AWS Certified DevOps Engineer certification is all about provisioning, operating, and managing applications on the Amazon Web Services platform. This certification focuses heavily on continuous delivery (CD) and the automation of processes, two fundamental concepts of the DevOps movement. Areas of knowledge covered to pass the exam include: The basics of modern CD methodologies; how to implement CD systems; set up, monitoring, and logging systems on AWS; how to implement highly available and scalable systems on AWS; and how to design and manage tools that enable automation of production operations.

Recommended knowledge and experience to attain this certification include:

  • Experience developing code in at least one high-level programming language
  • Experience building highly automated infrastructures
  • Experience administering operating systems
  • Understanding of modern development and operations processes and methodologies