Afew years ago we published an article on security related certifications that were being marketed as a means to advance your career. At that time there were a relatively small number of certifications that we were seeing listed on resumes. Today, we are still routinely asked which certifications are needed for career advancement or which ones are being requested by hiring managers. Frankly, unless the role has a specific requirement that connects to one of the more technical certifications, for the most part, the hiring authorities are not demanding them.
As an industry we have not done a very good job of defining the various security job functions in a realistic fashion. Further complicating this is the arbitrary and capricious nature of the position descriptions published by security professionals when they are looking for staff. We continually see requirements in position listings that have no relevance to the role they are recruiting for. This makes it more difficult for the certifying authority to identify which body of knowledge they will measure. In addition, it appears that there has been an increase in the popularity of organizations creating a certification as a part of a marketing strategy for membership and mailing lists.