Associate of (ISC)²: This credential is best used by recent graduates or career-changers looking to carve out a niche in the data security field, but may be lacking the work experience required for SSCP or CISSP certification. Associates of (ISC)² gain access to the organization's network of message boards, where like-minded professionals discuss matters of the trade, and establish themselves as dedicated, qualified candidates for solid IT security positions.

Certified Information Systems Security Professional (CISSP): This most lucrative of (ISC)² certifications holds the distinction of being the first information security credential accredited by the American National Standards Institute and the International Organization for Standardization.

It requires five or more years of work experience in the IT security field, and mandatory domains include the following:

  • Business continuity and disaster recovery planning
  • Legal, regulations, investigations and compliance
  • Security architecture and design
  • Application development security

Certified Secure Software Lifecycle Professional (CSSLP): According to the 2011 (ISC)² Global Information Security Workforce Study, application vulnerabilities took the top spot among information security threats. Any individual with more than four years' experience in the software lifecycle is encouraged to earn this certification, which promotes attention to security at each phase of software development.

Systems Security Certified Practitioner (SSCP): With the least demanding requirements among (ISC)² certifications that require work experience, the SSCP credential can give a leg up to entry-level data and network security personnel, as well as provide a functional understanding of security to professionals in non-security disciplines.

Domains of work experience required for this credential include the following:

  • Networks and communications
  • Monitoring and analysis
  • Risk, response and recovery
  • Cryptography
  • Access control

Certified Authorization Professional (CAP): This credential helps systems professionals better assess and manage risk. It requires work experience in systems administration, information security policy, information assurance or one of many other domains, and is appropriate for work within government entities such as the State Department and the U.S. Department of Defense.