Which certifications should you pursue if you want a top IT salary?
Topping this year’s list is ISACA with four IT certifications, followed by AWS, Cisco and Citrix. Our 2018 IT Skills & Salary Report also shows trending areas in cybersecurity, cloud computing, and business—demonstrating what skills you need to become a more valuable and higher-paid IT professional.
The survey was distributed globally, but this article focuses on the United States data. Salary variations exist based on where you work, your experience and the type of company you work for, but this information is still helpful in deciding where to spend your time and money in earning additional certifications.
To qualify for this year’s list:
- A certification had to have at least 100 survey responses to ensure that the data was statistically valid.
- The certification exam had to be available as of the writing of this article.
Top Paying Certifications:
- Certified in the Governance of Enterprise IT (CGEIT) - $121,363
- AWS Certified Solutions Architect – Associate - $121,292
- Project Management Professional (PMP®) - $114,473
- AWS Certified Developer – Associate - $114,148
- Certified Information Systems Security Professional (CISSP) - $111,475
- Certified in Risk and Information Systems Control (CRISC) - $111,049
- Certified Information Security Manager (CISM) - $108,043
- Certified ScrumMaster - $106,938
- Certified Ethical Hacker (CEH) - $106,375
- Six Sigma Green Belt - $104,099
- Citrix Certified Professional – Virtualization (CCP-V) - $103,424
- Microsoft Certified Solutions Expert (MCSE) – Server Infrastructure - $100,656
- Certified Information Systems Auditor (CISA) - $99,684
- Cisco Certified Networking Professional (CCNP) Routing and Switching - $99,402
- Citrix Certified Associate – Networking (CCA-N) - $99,217
1. Certified in the Governance of Enterprise IT (CGEIT)
The nonprofit group ISACA, which formerly stood for Information Systems Audit and Control Association, but now is an acronym only, offers and manages the CGEIT certification. This certification is designed for those who manage, advise, or provide assurance services around enterprise IT governance. The CGEIT certification, introduced in 2007, covers the basic framework for governance and strategic management (aligning the business and IT), making sure that IT investments are managed in an optimal way. CGEIT seeks to ensure that management of IT resources is optimized and aligned with the business’s risk management framework, and that resources (including infrastructure, applications, and people) are optimized to meet business goals and objectives.
Competitiveness factor: More than 7,000 people worldwide have earned this credential. Due to the demand for professionals with these skills and the small supply of those who have them, CGEIT is the highest-paying certifications on the list this year. It is also one of four certifications by ISACA.
Path to certification: To obtain CGEIT certification, you must have at least five years of experience in at least three of the five areas that the certification covers, including at least one year in the IT governance framework area, and you must pass the exam; the experience must be within the preceding 10 years or no more than five years after passing the exam. The exam is only offered during two 16-week windows per year (this year they are February 1 to May 24 and June 1 to September 23) and it is computer-based. To find a computer-based testing (CBT) location near you, ISACA provides a CBT locator on its website.
In addition, Continuing Professional Education (CPE) credits are required each year to maintain your certification. Achieving CGEIT certification requires ongoing effort and years of planning (as do all the ISACA certifications), but with the growth of hybrid and cloud computing and the complicated nature of enterprise IT today, it will stay in high demand for many years to come.
The AWS Certified Solutions Architect Associate-level exam demonstrates an individual’s expertise in designing and deploying scalable systems on AWS. It’s unsurprising to see this certification in this year’s top 15 due to the market need for skilled and certified AWS solutions architects. This certification has been here for several years, showing how much demand there is year after year due to the growth in the cloud.
This is the prerequisite step to achieving the AWS Certified Solutions Architect – Professional certification. According to this year's salary survey responses, each of the five AWS certifications available report an average salary of more than $100,000 (the average among them all is $125,591).
Path to certification: To get certified, you need to have some hands-on experience with AWS (they suggest six months or more). The exam is computer-based and offered at PSI testing centers. The AWS Certified Solutions Architect – Associate certification exam addresses a range of topics, including designing on AWS, selecting the appropriate AWS services for a given situation, ingress and egress of data to and from the AWS environment, estimating AWS costs, and identifying cost-control measures.
Read more about what it takes to earn a top-paying AWS certification or check out our AWS Certification Tracks and Learning Paths.
Preparing for the exam? Enroll in our Architecting on AWS course.
The third highest-paying certification is PMP. It was created and is administered by the Project Management Institute (PMI®) and is the most recognized project management certification.
Competitiveness factor: There are almost 770,000 active PMPs in 210 countries and territories worldwide.
Path to certification: The PMP certification exam tests five areas relating to the life cycle of a project: initiating, planning, executing, monitoring and controlling, and closing. PMP certification validates expertise running any kind of project and is not specialized by industry. It’s important to know that a new version with updated exam objectives will be released on March 26 this year. Check out our webinar that details the PMBOKv6 updates.
To become certified, individuals must have 35 hours of PMP-related training. In addition, those who have less than a bachelor’s degree must have 7,500 hours of project management experience, while those who have a bachelor’s degree or higher need 4,500 hours. To become certified, you need to apply at the PMI website, and then once your application is approved, you can sign up for the actual exam via Prometric.
To maintain PMP certification, 60 professional development units (PDUs, similar to the CPEs in other certifications) are required every three years. PMP certification is another one that requires years of planning and effort, but has been on our top 15 list for many years and should continue to do so.
If you're looking to plan your track, see our Project Mangement certification map.
Preparing for the exam? Enroll in our PMP® Exam Prep Boot Camp.
Need to maintain your PDUs? Check out our PMP Renewal Program.
New and high on the list for 2018 is the AWS Certified Developer – Associate certification. This certification validates technical expertise in developing and maintaining applications on AWS, as opposed to designing the solution with the Solutions Architect certification above. Achieving the AWS Certified Developer certification demonstrates the ability to efficiently use AWS SDKs to interact with services from within applications and write code that optimizes AWS application performance.
Competitiveness factor: The explosion in popularity of the AWS Certified Developer certification is directly correlated with the rapid growth of organizations developing cloud-based applications to quickly advance their footprint and remain competitive. This also is related to the explosive growth in IoT (Internet of Things) and mobile development, much of which is backed by resources in the cloud.
Path to certification: To get certified, you need to have some hands-on experience with one or more programming languages as well as AWS (they suggest six months or more). The exam is computer-based and offered at PSI testing centers, like all AWS exams. The AWS Certified Developer – Associate certification exam addresses a range of topics, including using SDKs to interact with AWS services, selecting the appropriate AWS services for a given situation, creating code that optimizes performance of the AWS services used in an application, and coding security for access to AWS services.
Preparing for the exam? Enroll in our Developing on AWS course.
Offered by the International Information Systems Security Certification Consortium (ISC)² as a vendor-neutral credential, CISSP is designed to prove security expertise. As with the other security-related certifications, demand is high and is projected to be so for many years to come, but unlike the others, you can earn an associate credential while working on the required experience, making this a valuable certification for those wanting to get into the security field.
Competitiveness factor: According to (ISC)², there are more than 122,000 certified people worldwide, with approximately two-thirds of them in the United States.
Path to certification: The exam is offered at Pearson Vue Testing centers. It also requires at least five years of experience in Information Security (IS). Continuing education credits are required each year to maintain your certification. CISSP candidates must have at least five years of full-time, paid experience in at least two of the eight areas tested. If you don’t have the work experience, you can still earn an (ISC)² Associate designation by passing the exam while working toward the full certification. You will have up to six years to complete the required experience.
The exam is based around eight areas in computer security, including security and risk management, communications and network security, software development security, asset security, security architecture and engineering, identity and access management, security assessment and testing, and security operations. To remain certified, CISSPs must earn Continuous Professional Education (CPE) credits every year.
Preparing for the exam? Take our CISSP Certification Prep Course.
ISACA offers and manages the CRISC certification. This certification is designed for IT professionals, project managers and others whose job it is to identify and manage IT and business risks through appropriate Information Systems (IS) controls. The CRISC certification, introduced in 2010, covers the entire life cycle, from design to implementation to ongoing maintenance.
Competitiveness factor: More than 20,000 people worldwide have earned this credential. Due to the demand for professionals with these skills and the relatively small supply of those who have them, CRISC is among the highest-paying certifications on the list this year.
Path to certification: To obtain CRISC certification, you must have at least three years of experience in at least two of the four areas that the certification covers, and you must pass the exam; the experience must be within the preceding 10 years or no more than five years after passing the exam. The exam is only offered during the same two 16-week windows per year (this year they are February 1 to May 24 and June 1 to September 23), and is computer-based. Registration is via the ISACA website; use the CBT locator to find a testing site.
In addition, Continuing Professional Education (CPE) credits are required each year to maintain your certification. Achieving CRISC certification requires ongoing effort and years of planning, but it has been a top certification for years and with the growth of cloud computing, it will stay in high demand for years to come.
Preparing for the exam? We offer a CRISC Prep Course, but only in a private group setting.
ISACA created and maintains the CISM certification. It’s aimed at management and focuses on security strategy and assessing the systems and policies in place.
Competitiveness factor: More than 38,000 people have been certified since its introduction in 2002, making this a highly sought-after area with a relatively small supply of certified individuals, like CRISC.
Path to certification: The exam is only offered during the same two 16-week windows per year (this year they are February 1 to May 24 and June 1 to September 23), and is computer-based. Registration is via the ISACA website; exam locations are available here.
It also requires at least five years of experience in IS, with at least three of those as a security manager. Your experience must be within 10 years of taking the exam or five years after passing it. Unlike CRISC, there are some alternatives to the experience requirement for this certification. Continuing education credits are required each year to maintain your certification.
Preparing for the exam? We offer a CISM Prep Course.
The Certified ScrumMaster, originally focused on software development, is another popular project management certification that today is often applied to many areas outside of just development. Scrum is an agile methodology that gets its name and general concept idea based on the game of Rugby—when the ball goes out of play, the team huddles together in a scrum to redefine their approach or mode of attack. The idea of scrum in project management is similar—teams huddle together daily to start each morning off in a stand-up meeting to review progress. In the scrum, adjustments are made to further the progress of the project. Teams are self-organized dividing much of the action items and deliverables among themselves, deciding who can do what together. The ScrumMaster acts as the coach to direct the team to the values and framework of scrum. The ScrumMaster focuses on removing outside forces that impede the progress of the project.
Competitiveness factor: It is the oldest SCRUM certification.
Path to certification: The Certified ScrumMaster certification is created and managed by the Scrum Alliance and requires the individual to attend the two-day (16-hour) Certified ScrumMaster® Workshop course. After successfully completing this course you will need to pass the 24-35 question exam, which will give you 16 Scrum Education Units (SEUs). The CSM certification is valid for two years from the original certification date. In order to renew your certification you will need to obtain 40 SEUs within each two-year period. Achieving a certified ScrumMaster certificate validates that you understand the Agile Scrum methodology and are well-versed in putting scrum into practice.
The International Council of E-Commerce Consultants (EC-Council) created and manages the CEH certification, which is aimed at security officers and auditors, site administrators, and others responsible for network and data security. The exam is designed to test a candidate’s abilities to prod for holes, weaknesses and vulnerabilities in a company’s network defenses using techniques and methods that hackers employ. The difference between a hacker and a CEH is that a hacker wants to cause damage, steal information, etc., while the CEH wants to fix the deficiencies found. This certification was not on this list last year but was 10th in 2016.
Competitiveness factor: Given the many security lapses over the last few years, it is no surprise that this certification is back on the list. It applies equally to on-premises and cloud deployments. Given the many attacks and great volume of personal data at risk and the potential legal liabilities, the need for CEHs is quite high, hence the salaries reported.
Path to certification: CEH exam topics include general background knowledge, analysis and assessment, security (in many forms), tools/systems/programs used, procedures and methodology, regulation and policy, and ethics.
Preparing for the exam? We offer a Certified Ethical Hacker course.
10. Six Sigma Green Belt
Like the CEH, the Six Sigma Green Belt certification didn’t make our list last year but was ranked 11th in 2016. Six Sigma is a process of analyzing defects—that is, anything outside a customer’s specifications—in a production/manufacturing process, with a goal of no more than 3.4 defects per million “opportunities” or chances for a defect to occur. The basic idea is to measure defects, analyze why they occurred and then fix the issue(s).
There is a Six Sigma process for improving existing processes and a slightly modified version for new processes or major changes. Motorola pioneered the concept in the mid-1980s, and many other companies have since followed its example to improve quality. Unlike most of the other certifications on this list, Six Sigma Green Belt is not IT-specific. Instead it’s primarily focused on manufacturing and producing better quality products.
Competitiveness factor: Six Sigma process improvement is a Body of Knowledge that has been around since the 1980s.
Path to certification: There are numerous organizations that offer Six Sigma certifications but there is no governing body or measurement that defines Six Sigma frameworks or objectives. Global Knowledge training directly correlates to the 6Sigma.us requirements. In order to receive a Green Belt certification based on the 6sigma.us requirements, there are no prerequisites. Students will receive two certifications, one for completing the training and another for completing a live project which designates individuals as internationally-recognized Six Sigma Green Belts.
Preparing for the exam? Enroll in our two-week Six Sigma Green Belt Program.
CCP-V certifies that candidates can deploy applications and virtual desktops using a variety of Citrix technologies, primarily XenApp and XenDesktop 7. CCP-V is a newer certification from Citrix that replaced Citrix Certified Enterprise Engineer (CCEE) certification, which was retired in November 2014.
Competitiveness: While the number of Citrix-certified individuals is elusive, demand is fairly high and supply low in order to command a premium salary.
Path to certification: Focused on XenApp and XenDesktop 7, the Citrix Certified Professional – Virtualization certification requires that candidates have already earned the Citrix Certified Associate – Virtualization (CCA-V) certification. CCP-V certification is valid for three years. However, note that renewing the CCP-V does not automatically renew the CCA-V as each certification must be individually renewed, unlike many other certifications. Note that as long as your certification has not expired, you can either take the current version of the exam or attend a Citrix authorized class and forgo the exam.
Preparing for the exam? Check out our overview of CCP-V and the available courses.
Making our list of the 15 top-paying IT certifications yet again, this certification has seen significant change over the past year. In March 2017, it was retired and replaced by the MCSE: Cloud Platform and Infrastructure certification. While this certification is no longer attainable, if previously earned, it will remain on your transcript in the Active section.
The new MCSE: Cloud Platform and Infrastructure certification is part of a suite of certifications in the Microsoft Certified Solutions Expert line. Other MCSE certifications include MCSE: Data Management and Analytics, MCSE: Mobility, and MCSE: Productivity.
Competitiveness factor: This certificate is all about modernity. It will validate that you have the skills necessary to run an efficient data center using cloud technologies, identity management, systems management, virtualization, storage, and networking. The MCSE: Cloud Platform and Infrastructure certification aligns with roles such as cloud administrator, cloud architect, computer support specialist, and information security analyst.
Path to certification: To earn your MCSE, you must first possess one of four MCSA certifications: Windows Server 2016, Cloud Platform, Linux on Azure, or Windows Server 2012, and then pass one of several elective exams. It is worth noting that you cannot use the same exam to fulfill both your MCSA and MCSE elective requirements.
13. Certified Information Systems Auditor (CISA)
CISA certification is another ISACA certification and is usually obtained by those whose job responsibilities include auditing, monitoring, controlling, and/or assessing IT and/or business systems. It is designed to test the candidate’s ability to manage vulnerabilities and propose controls, processes, and updates to a company’s policies to ensure compliance with accepted IT and business standards.
Competitiveness: CISA certification is ISACA’s oldest, dating back to 1978, with more than 130,000 people certified since its inception.
Path to certification: ISACA’s CISA certification requires at least five years of experience in information systems auditing, control or security and passing an exam that is only offered during the same two 16-week windows per year (this year they are February 1 to May 24 and June 1 to September 23) and is computer-based. Registration is via the ISACA website, where you can also find testing locations and availability. Maintaining CISA certification also means earning continuing professional education credits each year.
Your five years of experience must be within 10 years of the exam or five years after passing it, however there are some alternatives to the experience requirement for this certification. Continuing education credits are required each year to maintain your certification.
Preparing for the exam? Make sure you know about the requirements for the CISA certification.
The Cisco CCNP Routing and Switching certification is an advanced certification that ensures network engineers and administrators have the skills to plan, implement, verify, and troubleshoot local and wide area enterprise networks and can work collaboratively with specialists on advanced security, voice, wireless and video solutions. Students should have at least a year of networking experience and the ability to work independently on complex network solutions.
Competitiveness: This certification has staying power and is always in demand. While other areas come and go, routing and switching is something that is required for almost all organizations, whether they keep their data locally or in the cloud.
Path to certification: Achieving CCNP certification requires that you have achieved CCNA Routing and Switching and that you pass three exams—one for routing, one for switching, and one for troubleshooting. View the entire Cisco Certification Roadmap for a visual representation.
CCA-N is a newer certification from Citrix that covers the basics of a NetScaler implementation, followed by either a specialization in traffic management or the NetScaler Unified Gateway, including integration with XenDesktop and XenApp. It also covers how to troubleshoot issues with the NetScaler in these areas. Like all Citrix certifications, the CCA-N certification is valid for three years.
Competitiveness factor: While the number of Citrix-certified individuals is elusive, the NetScaler is a popular piece of infrastructure and is widely used in Citrix deployments. It is also somewhat complex, requiring a solid foundation in basic networking.
Path to certification: You can become CCA-N certified by simply passing one of two exams, depending on the track selected.
Preparing for the exam? Decide on your certification track and enroll in Citrix NetScaler Essentials and Traffic Management (CNS-220) or Citrix NetScaler Essentials and Unified Gateway (CNS-222).
Let’s conclude this analysis with a few notable facts. Of this year’s top-paying certifications:
- All but three of the top 15 certifications pay $100,000 or more. The other three are just short of $100,000.
- Six are in security (1, 5, 6, 9, and 13), up from four last year.
- Four are from ISACA (1, 6, 7, and 13), the most from any vendor, and up from three last year.
- Three are in virtualization and cloud computing (2, 4, and 11), down from four last year.
- Three are in business (3, 8, and 10), up from two last year.
- Two are in networking (14 and 15).
- One is based on Windows knowledge (12), down from three last year.
- All of the top seven certifications were included in the 2017 top-paying certifications article.
If you’re looking to improve your skills and possibly your salary as well, these are some certifications you could pursue. Consider your current skillset and whether a related skill or a management skill may help power your career to the next level. For example, if you already know storage or networking, consider pursuing a certification in virtualization or cloud computing. Or, break out of your technical track and get on a management track by taking an ITIL® or PMP course and getting certified in one of those areas.
John Hales is a Global Knowledge instructor for Amazon Web Services (AWS), Google Cloud Platform (GCP), IBM Cloud, VMware, and Software-Defined Networking (SDN).