A breakdown of 914 real cybersecurity job postings, sorted by domain, to show which certifications employers are actually asking for — and what they pay.
This report is built from 914 unique, deduplicated job postings pulled live from Indeed, LinkedIn, and ZipRecruiter via the JSearch API, across 47 targeted searches — things like "SOC analyst," "cloud security architect," "GRC analyst," and "Okta engineer identity." Each posting was assigned to one of seven domain categories based on the search that surfaced it, then scanned for certification mentions against a list of 32 cybersecurity certifications.
Mentions counts how many postings within a category reference a given certification, as required or preferred. Average salary is calculated only from postings that disclosed a pay range — that was true for 32% of postings overall, in line with general US job market disclosure rates. Wherever fewer than three postings disclosed salary for a given certification, the figure is marked directional rather than treated as a reliable average.
What this isn't: a comprehensive labor market census. Lightcast and the Bureau of Labor Statistics draw on millions of postings; this report draws on under a thousand. That's enough to establish reliable relative ranking within a category — which certification shows up more often than another — but small gaps (18 mentions vs. 20) shouldn't be read as statistically meaningful. Every category here sits between 77 and 184 postings, which I consider the floor for a ranking worth publishing.
Data pulled June 2026. This is a static snapshot, not a live feed.