John Hales, Global Knowledge VMware, SDN, and SoftLayer instructor, A+, Network+, CTT+, MCSE, MCDBA, MOUS, VCP, VCAP, VCI, EMCSA
To gain refined skills and expertise and to increase pay, many IT professionals choose to pursue a certification.
Based on the findings of the 2015 IT Skills and Salary Survey conducted by Global Knowledge and Windows IT Pro in the fall of 2014, I've compiled a list of the 15 top-paying certifications for 2015. Certifications in IT security, networking, and systems management are at the top of the certification pay scale. What may surprise you are the business-related certifications holding their own on this year's list.
The rankings are derived from certifications that received the minimum number of responses to be statistically relevant. Certain certifications pay more but are not represented due to their exclusive nature. Examples include Cisco Certified Internetworking Expert (CCIE) and VMware Certified Design Expert (VCDX).
With each certification, you'll find the average (mean) salary and a brief description.
The IT Skills and Salary Survey is a nationwide survey. Variations exist based on respondents' work location, years of experience, and company type (government, nonprofit, etc.).
1. Certified in Risk and Information Systems Control (CRISC)
The nonprofit group ISACA offers CRISC certification, much in the way that CompTIA manages the A+ and Network+ certifications. Formerly, "ISACA" stood for Information Systems Audit and Control Association, but now they've gone acronym only.
The CRISC certification is designed for IT professionals, project managers, and others whose job it is to identify and manage risks through appropriate Information Systems (IS) controls, covering the entire lifecycle, from design to implementation to ongoing maintenance. It measures two primary areas: risk and IS controls. Similar to the IS control lifecycle, the risk area spans the gamut from identification and assessment of the scope and likelihood of a particular risk to monitoring for it and responding to it if/when it occurs.
Since CRISC's introduction in 2010, more than 17,000 people worldwide have earned this credential. Because of the demand for people with these skills and the relatively small supply of those who have them, CRISC is the highest-paying certification on the list this year.
To obtain CRISC certification, you must have at least three years of experience in at least three of the five areas that the certification covers, and you must pass the exam, which is only offered twice a year. This is not a case where you can just take a class and get certified. Achieving CRISC certification requires effort and years of planning.
2. Certified Information Security Manager (CISM)
ISACA also created CISM certification. It's aimed at management more than the IT professional and focuses on security strategy and assessing the systems and policies in place more than it focuses on the person who actually implements those policies using a particular vendor's platform.