John Hales, Global Knowledge VMware, SDN, and SoftLayer instructor, A+, Network+, CTT+, MCSE, MCDBA, MOUS, VCP, VCAP, VCI, EMCSA
To gain refined skills and expertise and to increase pay, many IT professionals choose to pursue a certification.
Based on the findings of the 2015 IT Skills and Salary Survey conducted by Global Knowledge and Windows IT Pro in the fall of 2014, I’ve compiled a list of the 15 top-paying certifications for 2015. Certifications in IT security, networking, and systems management are at the top of the certification pay scale. What may surprise you are the business-related certifications holding their own on this year’s list.
The rankings are derived from certifications that received the minimum number of responses to be statistically relevant. Certain certifications pay more but are not represented due to their exclusive nature. Examples include Cisco Certified Internetworking Expert (CCIE) and VMware Certified Design Expert (VCDX).
With each certification, you’ll find the average (mean) salary and a brief description.
The IT Skills and Salary Survey is a nationwide survey. Variations exist based on respondents’ work location, years of experience, and company type (government, nonprofit, etc.).
1. Certified in Risk and Information Systems Control (CRISC)
The nonprofit group ISACA offers CRISC certification, much in the way that CompTIA manages the A+ and Network+ certifications. Formerly, “ISACA” stood for Information Systems Audit and Control Association, but now they’ve gone acronym only.
The CRISC certification is designed for IT professionals, project managers, and others whose job it is to identify and manage risks through appropriate Information Systems (IS) controls, covering the entire lifecycle, from design to implementation to ongoing maintenance. It measures two primary areas: risk and IS controls. Similar to the IS control lifecycle, the risk area spans the gamut from identification and assessment of the scope and likelihood of a particular risk to monitoring for it and responding to it if/when it occurs.
Since CRISC’s introduction in 2010, more than 17,000 people worldwide have earned this credential. Because of the demand for people with these skills and the relatively small supply of those who have them, CRISC is the highest-paying certification on the list this year.
To obtain CRISC certification, you must have at least three years of experience in at least three of the five areas that the certification covers, and you must pass the exam, which is only offered twice a year. This is not a case where you can just take a class and get certified. Achieving CRISC certification requires effort and years of planning.
2. Certified Information Security Manager (CISM)
ISACA also created CISM certification. It’s aimed at management more than the IT professional and focuses on security strategy and assessing the systems and policies in place more than it focuses on the person who actually implements those policies using a particular vendor’s platform.
More than 24,000 people have been certified since its introduction in 2002, making it a highly sought-after area with a relatively small supply of certified individuals. In addition, the exam is only offered three times a year, making taking the exam more of a challenge than with many other certification exams. It also requires at least five years of experience in IS, with at least three of those as a security manager. As with CRISC, requirements for CISM certification demand effort and years of planning.
3. Certified Information Systems Security Professional (CISSP)
Offered by the International Information Systems Security Certification Consortium (ISC)2, CISSP is designed to provide vendor-neutral security expertise, similar to the certifications ISACA offers. Launched in 1994, CISSP consists of an exam based around ten different areas in computer security, including risk analysis, cloud computing, security when developing applications, mobile, cryptography, physical security, business continuity and disaster recovery planning, and legal and compliance issues.
CISSP candidates must have at least five years of full-time experience in at least two of the ten areas tested. If you don’t have the work experience, you can earn an Associate of (ISC)2 designation while working toward the full certification.
CISSP certification has a broad focus, covering many areas in a single certification. There is also a requirement to earn Continuous Professional Education (CPE) credits every year to remain certified. There are nearly 96,000 CISSPs worldwide, with approximately two-thirds of them in the United States.
4. Project Management Professional (PMP®)
The fourth highest paying and the first that is not security related, the PMP certification was created and is administered by the Project Management Institute (PMI®). It is the most recognized project management certification available. There are more than 630,000 PMPs worldwide.
The PMP certification exam tests five areas relating to the lifecycle of a project: initiating, planning, executing, monitoring and controlling, and closing. PMP certification is for running any kind of project, and it is not specialized into sub types, such as manufacturing, construction, or IT.
To become certified, individuals must have 35 hours of PMP-related training along with 7,500 hours of project management experience (if they have less than a bachelor’s degree) or 4,500 hours of project management experience with a bachelor’s or higher. PMP certification is another that requires years of planning and effort.
5. Certified Information Systems Auditor (CISA)
The fifth highest-paying certification is also from ISACA, and this one is for IS auditors. CISA certification is ISACA’s oldest, dating back to 1978, with more than 106,000 people certified since its inception. CISA certification requires at least five years of experience in IS auditing, control, or security in addition to passing an exam that is only offered three times per year.
The CISA certification is usually obtained by those whose job responsibilities include auditing, monitoring, controlling, and/or assessing IT and/or business systems. It is designed to test the candidate’s ability to manage vulnerabilities, ensure compliance with standards, and propose controls, processes, and updates to a company’s policies to ensure compliance with accepted IT and business standards.
6. Certified Scrum Master
Another project management-related certification to make the list this year, Certified Scrum Master was originally focused on software application development. Today it is often applied to many areas outside development.
Scrum is a rugby term; it’s a means for restarting a game after a minor rules violation or after the ball is no longer in play (for example, when it goes out of bounds). In project management, Scrum is a process designed to act in a similar manner for projects in which a customer often changes his or her mind during the development process, common in many courseware, programming, manufacturing, and similar projects.
In traditional project management, the request to change something impacts the entire project and must be renegotiated, a time-consuming and potentially expensive way to get the changes incorporated. There is also a single project manager.
In Scrum, however, there is not a single project manager. Instead, the team works together to reach the stated goal. The team should be co-located so members may interact frequently, and it should include representatives from all necessary disciplines (for example, in software design, developers, product owners, experts in various areas required by the application, etc.).
Where PMP tries to identify everything up front and plan for a way to get the project completed, Scrum takes the approach that the requirements will change during the project lifecycle and that unexpected issues will arise. Rather than holding up the process, Scrum takes the approach that the problem the application is trying to solve will never be completely defined and understood, so team members must do the best they can with the time and budget available and by quickly adapting to change.
So where does the Scrum Master fit in? Also known as a servant-leader, the Scrum Master has two main duties: to protect the team from outside influences that would impede the project (the servant) and to chair the meetings and encourage the team to continually improve (the leader).
Certified Scrum Master certification was created and is managed by the Scrum Alliance and requires the candidate to attend a class taught by a certified Scrum trainer and to pass the associated exam. There are fewer than 3,000 Certified Scrum Masters.
7. Cisco Certified Design Associate (CCDA)
Cisco’s certification levels are Entry, Associate, Professional, Expert, and Architect. Those who obtain this Associate-level certification are typically network design engineers, technicians, or support technicians. They are expected to design basic campus-type networks and be familiar with routing and switching, security, voice and video, wireless connectivity, and IP (both v4 and v6). They often work as part of a team with those who have higher-level Cisco certifications.
To achieve CCDA certification, you must have earned one of the following: Cisco Certified Entry Networking Technician (CCENT), the lowest-level certification and the foundation for a career in networking; Cisco Certified Network Associate (CCNA) Routing and Switching; or any Cisco Certified Internetwork Expert (CCIE), the highest level of certification at Cisco. You must also pass a single exam.
8. Citrix Certified Professional – Virtualization (CCP-V)
CCP-V is a newer certification from Citrix, replacing Citrix Certified Enterprise Engineer (CCEE) certification that was retired in November 2014. Focused around XenDesktop 7, CCP-V requires that candidates have already earned Citrix Certified Associate – Virtualization (CCA-V) certification. CCP-V certifies that you can deploy applications and virtual desktops using a variety of Citrix technologies, including XenDesktop 7, XenServer, and NetScaler.
While other Citrix certifications-including many for older versions of the software-are among the top 25 highest-paying this year, this new certification ranking so highly suggests that being certified on the latest version of a platform yields a higher salary than being certified on older versions.
9. Cisco Certified Network Professional (CCNP) Routing and Switching
CCNP Routing and Switching certification is a follow on to Cisco Certified Network Associate (CCNA) Routing and Switching certification and a prerequisite to Cisco Certified Internetwork Expert (CCIE) Routing and Switching. Many CCNA-level engineers move on to CCNP Routing and Switching to show greater knowledge and depth in networking and to earn higher salaries.
CCNPs in routing and switching typically have at least a couple of years of experience (though that experience is not required) and have demonstrated the ability to plan, deploy, and troubleshoot both LAN and WAN scenarios and work with experts in related fields, such as voice and wireless. CCNP Routing and Switching certification requires separate exams in switching, routing, and troubleshooting.
10. Juniper Networks Certified Internet Associate – Junos (JNCIA-Junos)
The JNCIA-Junos certification certifies knowledge of networking fundamentals, basic routing and switching, and Junos OS. It is the only entry-level certification in the top 10, and it is valid for two years.
11. Microsoft Certified Systems Engineer (MCSE)
This certification ranked number 11 with an average salary of $96,121 for those who didn’t list an associated Windows version and $96,726 for those who listed MCSE on Windows 2003, for the weighted average of $96,198 listed above.
The Microsoft Certified Systems Engineer is an old certification and is no longer attainable. It has been replaced by the Microsoft Certified Solutions Expert (yes, also MCSE). The Engineer certification was valid for Windows NT 3.51 – 2003, and the new Expert certification is for Windows 2012. There is an upgrade path if you are currently an MCSA or MCITP on Windows 2008. There is no direct upgrade path from the old MCSE to the new MCSE.
12. ITIL v3 Foundation
ITIL® was created by England’s government in the 1980s to standardize IT management. It is a set of best practices for aligning the services IT provides with the needs of the organization. It is broad based, covering everything from availability and capacity management to change and incident management, in addition to application and IT operations management.
ITIL is composed of a set of books. Over the last 30 years, it has become the most widely used framework for IT management in the world. ITIL standards are owned by AXELOS, a joint venture company created by the Cabinet Office on behalf of Her Majesty’s Government in the United Kingdom and Capita plc, but they have authorized partners who provide education, training, and certification. The governing body defined the certification tiers, but they leave it to the accredited partners to develop the training and certification around that framework.
ITIL Foundation certification is the entry-level one and provides a broad-based understanding of the IT lifecycle and the concepts and terminology surrounding it. Anyone wishing for higher-level certifications must have this level first, thus people may have higher certifications and still list this certification in the survey, which may skew the salary somewhat.
13. Certified Ethical Hacker (CEH)
The International Council of E-Commerce Consultants (EC-Council) created and manages CEH certification. It is designed to test the candidate’s abilities to prod for holes, weaknesses, and vulnerabilities in a company’s network defenses using techniques and methods that hackers employ. The difference between a hacker and a CEH is that a hacker wants to cause damage, steal information, etc., while the CEH wants to fix the deficiencies found. Given the many attacks, the great volume of personal data at risk, and the legal liabilities possible, the need for CEHs is quite high, hence the salaries offered.
14. VMware Certified Professional – Data Center Virtualization (VCP-DCV)
The entry-level VMware Certified Professional (VCP) is the oldest certification from VMware. As the VMware product portfolio has grown in the last several years, it was decided that a single certification was not sufficient. Now several VCP tracks exist, enabling VCPs to specialize.
The only VCP track that broke the top 15 this year is the Data Center Virtualization track, the largest and oldest of the VCP tracks. VCP-DCV certifies one’s knowledge of and ability to perform basic deployment and administration of vCenter and ESXi.
A policy established in 2014 requires that every two years, VCPs must recertify on their current track, take an exam in another VCP track, or take a higher-level exam to remain certified. With this new requirement, there will probably be fewer VCPs next year. Also, the release of vSphere version 6 provides an opportunity to upgrade VCP 5 skills to VCP 6 quickly and less expensively this year.
15. Certified Novell Engineer (CNE)
The CNE certification was very popular in the 1990s and fell out of favor as Microsoft Windows became a dominant server vendor in the 2000s. Now that there are many more platforms and fewer CNEs, as many moved on to other areas, this certification is back in demand.
CNE certification confirms your ability to design, implement, troubleshoot, and upgrade networks based on SUSE Linux Enterprise Server (SLES). Those who have the Novell NetWare 6 CNE may upgrade to the Novell Open Enterprise Server for NetWare. Open Enterprise Server is based on SLES and offers server management and file storage that NetWare was known for.
Rounding Out the Top 25
A few popular certifications just missed the Top 15 cut due to a low total number of responses or an average (mean) pay just outside the threshold. Due to their popularity, I have included them for informational purposes.
|16. Citrix Certified Advanced Administrator (CCAA) for XenApp 6||$93,831|
|17. Citrix Certified Enterprise Engineer (CCEE)||$93,662|
|18. Citrix Certified Associate – Virtualization (CCA-V)||$93,437|
|19. Citrix Certified Administrator (CCA) for Citrix XenServer 6||$92,695|
|20. CCA for Citrix XenDesktop 6||$92,411|
|21. Microsoft Certified IT Professional (MCITP): Enterprise Administrator||$92,252|
|22. CCA for Citrix XenApp 6||$91,069|
|23. Red Hat Certified System Administrator (RHCSA)||$89,427|
|24. Certified Novell Administrator (CNA)||$89,018|
|25. Microsoft Certified Systems Administrator (MCSA)||$87,667|
AWS Certified Solutions Architect – Associate
The AWS Certified Solutions Architect – Associate is a relatively new certification that debuted in mid-2013. While it did not receive enough responses to qualify for our “Top 15” list, it is definitely a certification that warrants a mention based on the salaries of those who did respond.
AWS’s baseline certification, AWS Certified Solutions Architect – Associate is intended for individuals with experience designing distributed applications and systems on the AWS platform. The certification addresses a range of topics, including designing on AWS, selecting the appropriate AWS services for your situation, estimating AWS costs, and identifying cost control measures.
Since the release of the AWS Certified Solutions Architect – Associate certification, AWS has rolled out three additional certifications, including the AWS Certified Solutions Architect – Professional, and they have one more in beta (AWS Certified DevOps Engineer – Professional). In this year’s salary survey, each of the four active AWS certifications has an average salary of more than $100,000, but they did not meet the minimum number of responses to make our list. Based on the number of companies moving to the cloud and the growth of AWS, I would certainly expect to see a few AWS certifications in next year’s list.
Of this year’s top-paying certifications:
- Five are in security (1, 2, 3, 5, and 13).
- Three are in business (4, 6, and 12).
- Three are in networking (7, 9, and 10).
If you’re looking to improve your skills (and your pay!), consider adding one or more of the certifications above. Consider your current skill set and see if a related skill or a management skill may help power your career to the next level. For example: If you already know storage or networking, consider a certification in virtualization. Or, break out of your technical track into a management track by taking ITIL or PMP training and getting certified in one of those areas.
About the Author
John Hales, VCP, VCP-DT, VCAP-DCA, VCI, is a VMware instructor at Global Knowledge, teaching most of the vSphere classes that Global Knowledge offers, including the View classes. John is also the author of many books, including involved technical books from Sybex, exam preparation books, and many quick reference guides from BarCharts, in addition to custom courseware for individual customers. His latest book on vSphere is entitled Administering vSphere 5: Planning, Implementing and Troubleshooting. John has various certifications, including the VMware VCA-DCV, VCA-DT, VCA-Cloud, VCP, VCP-DT, VCAP-DCA, VCI, and VCI Level 2; the Microsoft MCSE, MCDBA, MOUS, and MCT; the EMC Storage Administrator (EMCSA); and the CompTIA A+, Network+, and CTT+. John lives with his wife and children in Sunrise, FL.