Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
AWS Security is a nice cert if you can get it.
The Amazon Web Services “AWS Certified Security: Specialty” badge ranked at the top of Skillsoft’s list of highest paying IT certifications in the US.
Holders of the cert averaged $203,597, according to the online training provider’s annual study, conducted from May to September 2024.
Who’s winning? Synergy Research Group has noted “a strong lead” for Amazon in cloud infrastructure, calculating Amazon’s Q1 market share at 31% compared to Microsoft’s 25% and Google’s 11%.
AWS Certified Security: Specialty validates cyber-defense expertise within the AWS Cloud, taking into account new services, like AI.
Amazon Bedrock, made generally available in September 2023, allows AWS service customers to build generative AI applications using foundational models from companies like Meta, Anthropic, and Mistral. Greg Fuller, VP of Codeacademy Enterprise at Skillsoft, said a certification helps provide assurance that “guardrails” are in place to protect those emerging applications, including enforcing proper access controls for cloud ops team members.
“Once you layer in the fact that everyone’s trying to get into the AI world—AWS Bedrock, for example—you really need those cloud skills, but you also want to roll the AI in a secure way. So, this is why you’re seeing those security specializations really climbing up that list so rapidly,” Greg Fuller, vice president of Codecademy Enterprise at Skillsoft, said.
Your average security pro. According to Skillsoft’s list, the likely job role for an average AWS Certified Security holder includes security engineer or analyst. The average age of a holder was 37, and a popular cross certification included CISSP, a globally recognized and vendor-neutral information-security standard.
Bobby Kuzma, an AWS security cert holder and director of offensive cyber operations at cybersecurity company ProCircular, finds the certification valuable, considering the number of high-profile breaches stemming from errors related to access privileges. A 2024 study from Verizon found that around 10% of its survey data breaches resulted from misconfigurations.
“Having more people that are very familiar with best practices and finding those kinds of gaps really only helps to strengthen the overall security posture of the entire industry,” Kuzma said.
Kuzma estimated that an IT pro with admin or developer experience could likely attain the certification by studying for a couple hours a week for three months. For someone new, however, “it’s probably more of a six- to nine-month endeavor,” he added.
Candidates have 170 minutes to complete the $300, 65-question certification exam.