Cybersecurity Certifications in 2025: Hands-On vs. HR-Friendly | Reviewing HackTheBox CJCA
In my comprehensive comparison of cybersecurity certifications for 2025, I categorize & review them based on their value for hands-on skills versus their recognition by HR departments.
Hands-On Certifications
For those looking to build practical, real-world skills, I recommend two main paths:
1. Defensive Path:
I suggest starting with the Hack The Box Certified Junior Cybersecurity Associate (CJCA). This certification provides a broad foundation in both offensive and defensive security. From there, you can progress to more specialized certifications like the TryHackMe SOC Level 1 (THM SOC1), CompTIA CySA+, and the Blue Team Level 1 (BTL1). For those looking to advance further, I recommend the BTL2, Certified Defensive Security Analyst (CDSA), and the Certified Cloud Security Professional (CCSP) for cloud-focused roles.
2. Offensive Path:
The offensive path also begins with the Hack The Box CJCA. After establishing a solid foundation, I recommend pursuing certifications like the eLearnSecurity Certified Junior Penetration Tester (eJPT), Practical Network Penetration Tester (PNPT), and the TryHackMe Pentest+ (PT1). For more advanced skills, the Offensive Security Certified Professional (OSCP), Certified Penetration Testing Specialist (CPTS), and the Certified Red Team Professional (CRTP) are excellent choices. For those who want to specialize further in red teaming, the Certified Red Team Expert (CRTE) is the next logical step.environments. The platform is stable, which contrasts with the frequent glitches seen in other exams.
HR-Friendly Certifications
For those who want to maximize their chances of getting noticed by HR and recruiters, I suggest a different approach:
1. General Entry-Level:
The CompTIA Security+ remains the “gold standard” for entry-level cybersecurity roles due to its widespread recognition.
2. Offensive Security:
Certifications like the Certified Ethical Hacker (CEH), OSCP, CPTS, and CRTP are highly valued by HR. The Certified Red Teamer (CRT) is also an excellent choice for demonstrating real-world network security knowledge.
3. Defensive Security:
After obtaining the CompTIA Security+, I recommend pursuing the CompTIA CySA+ or the BTL1. For those aspiring to managerial roles, the Certified Information Systems Security Professional (CISSP), CompTIA Advanced Security Practitioner (CASP), and the Certified Information Security Manager (CISM) are highly respected. For cloud security professionals, the CCSP is the top choice for HR recognition.
Certifications That Offer Both
It’s worth noting that some certifications, such as the OSCP, CPTS, CRTP, and CRTE, offer the best of both worlds: they provide valuable hands-on experience while also being highly recognized by HR.
