The original post: /r/cybersecurity by /u/apoklinon on 2024-11-19 09:52:26.

When I first worked in the industry I always admired people with a lot of reputable certifications. I also fell into the same trap and started to collect them like Pokémon cards.

On the one side it was the challenge and the thrill that is a healthy situation but it was also the peer and HR pressure that sucks big time. Long story short, after a few years in different domains and positions and after interacting with many professionals I realized that the more knowledgeable and skilled someone is the less they care about being certified about their skills. I have reached the point where now I’m almost biased against people with many certs because I feel like they are trying very hard to cover their experience and skill gap with certs. Super smart and talented professionals I have met couldnt care less for an OffSec cert while people trying to prove them selfs hunt them down like crazy.

Don’t get me wrong, I’m not saying everyone that has a lot of certs is not compitent enough to do their job, I just belive that a 1h interview speaks more than a CV with all the latest facny certs. I have seen red teamers that can do APT level stuff and crazy research but they don’t even bother take an OSCP where I have also seen people with CEH, All the Comptia’s and CISA, CISSP having trouble using nmap. I know, I know these are different domains and different kind of work so the comparison isn’t fair and the certs not relevant but I’m sure the red teamer could take all these certs without even trying in a week, they just don’t care.

What are your thoughts on this? Im I being unfair here? On average, are people with tons of certs actually less skilled?