The IT Certification Resource Center

Featured Deal

Get CompTIA, Cisco, or Microsoft training courses free for a week.
Learn More ❯

Six Niche Security Certifications

Sometimes you have to step off the beaten path to find the right certification. Let's take a look at the world of computer security certifications, and see which certs some people may be overlooking.

The right security certification can help you fill an important niche job role.There are a few big players in the cybersecurity certification space. CompTIA’s Security+ certification is the go-to credential for entry-level cybersecurity professionals while those with more depth of experience commonly pursue the gold standard Certified Information Systems Security Professional (CISSP) certification.


If you’ve been active in the cybersecurity field, then you’re probably also familiar with a few of the less common, but still prevalent credentials. For example, the Systems Security Certified Practitioner (SSCP) credential is another well-known entry level credential, while the Certified Information Security Manager (CISM) certification is popular among those on the management track.


But what if you’re looking to specialize more deeply? There are many less well-known certifications out there that appeal to cybersecurity specialists seeking to document more niche skills in the field.


These credentials may not be widely pursued, and might also not be immediately recognized by some employers, but they are sought after by recruiters seeking to fill highly specialized positions. They may be the keyword on your resume that lands you your next job interview.


Let’s take a look at six niche security certifications:


Certified Cloud Security Professional (CCSP)


There’s no technology niche more important these days than cloud computing. Cybersecurity professionals who specialize in this area will find themselves well-positioned to help their organizations navigate the complexity of the cloud. The Certified Cloud Security Professional (CCSP) credential is a partnership between (ISC)² and Cloud Security Alliance (CSA) that documents the knowledge of cloud security practitioners.


The CCSP program covers six domains of knowledge:

● Cloud Concepts, Architecture, and Design
● Cloud Data Security
● Cloud Platform and Infrastructure Security
● Cloud Application Security
● Cloud Security Operations
● Legal, Risk, and Compliance


You might think that a certification like the CCSP would be incredibly popular, but that’s simply not the case. As of June 2019, there are just a bit more than five thousand CCSP-certified individuals worldwide. If you’re looking for a high-demand niche that can quickly lead to gainful employment, this may be just the right fit for your next cybersecurity certification.


SANS GIAC Certified Forensic Analyst (GCFA)


The SANS Institute has long sponsored their Global Information Assurance Certification (GIAC) program that is specifically designed to fill the niches in cybersecurity. GIAC offers more than 30 cybersecurity certification programs that drill into many different niches, ranging from perimeter protection to Python coding and from penetration testing to incident handling. If you’re looking for a certification covering a technical specialization in cybersecurity, the GIAC program is a good starting point.


The GIAC Certified Forensic Analyst (GCFA) credential is an advanced credential for those working in the digital investigation space. Technologists earning this credential are qualified to conduct advanced forensic examinations across a variety of hardware and software platforms. Earning the GCFA requires passing an exam covering 10 deeply technical forensic topics:

● Identification of malicious system and user activity
● Incident response in an enterprise network
● Incident response process and framework
● Timeline artifact analysis
● Timeline collection
● Timeline processing
● Volatile artifact analysis
● Volatile data collection
● Windows filesystem structure and analysis
● Windows system artifact analysis


As with the CCSP, you might assume that a respected certification like the GCFA would be extremely popular, but the numbers prove there is opportunity here — only 15,695 people have ever earned the GCFA credential.


Cybersecurity Analyst+ (CySA+)


The technology industry suffers from a cybersecurity skills gap — there simply aren’t enough qualified individuals to fill all of the open positions posted by companies. And industry analysts expect that this gap is only going to get wider over time.


One of the key areas creating this gap is a lack of individuals qualified to work in cybersecurity analyst roles. These roles are typically a step up from entry-level positions and require thoughtful insight and broad knowledge of security operations. Cybersecurity analysts are typically the individuals who receive case escalations from front-line security personnel and conduct further investigation.


The Cybersecurity Analyst+ (CySA+) credential is designed to test a candidate’s knowledge of four key areas:

● Threat Management
● Vulnerability Management
● Cyber Incident Response
● Security Architecture and Tool Sets