IT Certification Order: What to Get (and When)

Most IT certification advice gets it backwards.

You’ve seen the forums: “Get A+, then Network+, then Security+, then specialize.” It’s repeated so often it sounds like law. But here’s what nobody mentions: that path assumes you know where you’re going. If you don’t, you’ll waste thousands of dollars and hundreds of hours collecting certifications that don’t stack.

The question isn’t which certifications to get. It’s which certifications to get in what order, based on where you actually want to end up.

This matters more than most people realize. A 2026 Robert Half study found that 87% of tech leaders offer higher salaries for candidates with strategically-aligned credentials. Random certifications? Those get you generic roles. Strategic certification stacking? That’s how you hit senior positions faster.

Let’s build your roadmap.

The Foundation Question Nobody Asks

Before mapping your certification path, you need to answer one question: Do you want to stay technical or move toward management?

This isn’t philosophical. It determines everything.

The purely technical track (eventually leading to architect-level roles) requires deep specialization certifications. The management-adjacent track (leading to IT director, CTO-type positions) benefits from broader foundational certs plus business credentials. Mixing these randomly creates a resume that tells no coherent story.

Here’s how to think about it:

Technical Track Signals:

• You’d rather debug a complex system than attend a meeting
• “People problems” drain you more than technical problems
• You want to be the expert everyone consults, not the person managing the experts

Management-Adjacent Track Signals:

• You enjoy translating technical concepts for non-technical stakeholders
• Coordinating projects energizes rather than frustrates you
• You’re interested in business outcomes, not just technical solutions

Most people don’t fit neatly into one category. That’s fine. But having a general direction prevents the scattered certification collection that plagues so many IT resumes.

The Universal Foundation (Almost Everyone Starts Here)

Regardless of your eventual specialization, most IT careers benefit from a solid foundation. Here’s what that actually looks like in 2026:

Entry-Level: The CompTIA Core Trio

The classic path still works for a reason:

1. CompTIA A+ - Hardware, software, troubleshooting fundamentals
2. CompTIA Network+ - Networking concepts that apply everywhere
3. CompTIA Security+ - Security baseline required for many roles

According to LearnZapp’s certification analysis, this trio can be completed in 12-18 months of focused study. Security+ alone meets DoD 8570 requirements, opening government contractor positions that require security clearances.

The cost breakdown:

• A+ (two exams): ~$500
• Network+: ~$370
• Security+: ~$390
• Total: ~$1,260 (before study materials)

The ROI: Entry-level help desk roles pay $45,000-$55,000. With this foundation, you’re competitive for tier 2 support and junior sysadmin positions in the $55,000-$70,000 range. That’s roughly a $10,000+ annual return on a $1,500 investment.

But Here’s the Catch

The core trio is necessary but not sufficient. Stopping here is the most common certification mistake. These credentials establish baseline competence, not differentiation. They get your resume past the ATS—they don’t make hiring managers excited.

The real question: what comes next?

Cloud Certification Roadmaps (Where the Money Is)

Let’s be direct: cloud certifications offer the highest ROI in 2026. Global cloud spending is projected to hit $723 billion this year, and companies are desperate for certified cloud professionals.

Here’s how each major platform’s certification path works:

AWS Certification Order

AWS dominates with roughly 32% market share. Their certification structure:

Level 1: Foundational

• AWS Cloud Practitioner - Entry point for cloud concepts

Level 2: Associate

• Solutions Architect Associate - The most valuable associate-level cert
• Developer Associate - For those building on AWS
• SysOps Administrator Associate - Operations-focused

Level 3: Professional

• Solutions Architect Professional - $155,000-$175,000 average salary
• DevOps Engineer Professional

Level 4: Specialty

• Security Specialty - Highest paying at $203,597 average
• Advanced Networking, Machine Learning, Database, others

The recommended AWS path:

For most IT professionals transitioning to cloud:

1. Skip Cloud Practitioner (unless your employer pays for it)
2. Start directly with Solutions Architect Associate
3. Add either Developer or SysOps based on your role
4. Pursue Professional-level after 2+ years hands-on experience

According to NetCom Learning, 80% of cloud job postings that require AWS want the Solutions Architect Associate. It’s the gatekeeper certification.

Azure Certification Order

Microsoft Azure holds 23% market share and dominates enterprise environments. 85% of Fortune 500 companies use Azure, making these credentials particularly valuable for corporate IT.

The Azure path:

• AZ-900: Fundamentals - Skip unless required by employer
• AZ-104: Azure Administrator - The money cert (78,000+ job openings)
• AZ-305: Solutions Architect Expert
• Specialty certs: Security, DevOps, AI, Data

Why AZ-104 specifically?

At $165 exam cost with an average salary of $110,000 for certified administrators, the ROI is staggering. According to BestJobSearchApps, that’s a 9,000%+ return if you’re moving from a non-cloud role.

The strategic play: If your target company runs Azure (most enterprises), this path gets you there faster than AWS.

Google Cloud Certification Order

GCP has smaller market share (~10%) but leads in data analytics and machine learning workloads. The professional-level certifications are technically demanding.

GCP path:

• Cloud Digital Leader - Fundamentals
• Associate Cloud Engineer
• Professional Cloud Architect - $190,204 average salary
• Professional Data Engineer, ML Engineer, Security Engineer

When to choose GCP:

• You’re targeting data-heavy companies
• You want to specialize in ML/AI infrastructure
• Your target employer is a Google shop

Multi-Cloud Strategy

Here’s the uncomfortable truth: specializing in one cloud is safer than spreading thin across three. Employers want depth.

The exception: If you’re targeting a cloud architect role at a company with multi-cloud infrastructure. In that case:

1. Master one platform deeply (usually AWS or Azure)
2. Get foundational certification in the secondary platform
3. Learn to translate concepts between platforms

Don’t try to hold active professional-level certifications across all three platforms. That’s expensive, time-consuming, and signals “knows a little about everything” rather than “expert in what we need.”

Security Certification Roadmaps

Cybersecurity roles are projected to grow 367% through 2035. But the certification options are more scattered than cloud.

Entry to Mid-Level Security Path

1. Security+ - Required baseline, discussed above
2. CySA+ (Cybersecurity Analyst) - Defensive security focus
3. PenTest+ - If you want offensive security

This path takes roughly 2 years of study alongside a security-adjacent job.

Advanced Security Path

• CISSP - The gold standard for security management
• CEH (Certified Ethical Hacker) - Ethical hacking focus
• OSCP - Technical penetration testing (extremely challenging)

CISSP reality check: It requires 5 years of paid security experience or 4 years plus a college degree. You can pass the exam earlier but won’t become fully certified until you meet the experience requirement. Average CISSP salary: $140,000+.

Which Security Path?

Choose defensive (CySA+ → CISSP) if you want to work in corporate security, GRC, or security architecture.

Choose offensive (PenTest+ → OSCP) if you want penetration testing, red team, or security consulting.

Mixing both early in your career can dilute your expertise. Pick a lane for your first 3-5 years, then broaden.

Networking Certification Roadmaps

Networking underpins everything, but pure networking roles are less common than a decade ago. Network skills increasingly blend with cloud, security, and automation.

The Cisco Path

CCNA remains the most recognized networking certification globally. The path:

1. CCNA - Foundation covering routing, switching, security basics
2. CCNP Enterprise - Professional-level networking
3. CCIE - Expert level (45% salary premium over non-certified)

When CCNA makes sense:

• You want to work for an ISP, telecom, or network-focused MSP
• Your target role involves significant network architecture
• You’re building toward network engineering or architecture

When to skip CCNA:

• You’re going straight to cloud (cloud provider networking certs exist)
• Your target role is primarily security or development
• The company is mostly serverless/cloud-native

The Practical Reality

Many IT professionals get Network+ instead of CCNA. It’s vendor-neutral, cheaper, and sufficient for roles where networking is one of many responsibilities rather than the primary focus.

If you’ll be the network specialist, get CCNA. If you need to understand networking to do your actual job, Network+ is probably enough.

The Decision Framework

Here’s how to actually map your path:

Step 1: Identify Your Target Role

Not “I want to work in IT.” Be specific:

• Cloud Solutions Architect at an enterprise company
• Security Analyst at a financial services firm
• DevOps Engineer at a tech startup
• Systems Administrator at a healthcare organization

Research job postings for your target role. What certifications appear in “required” versus “preferred” sections? That’s your roadmap.

Step 2: Map Backwards

Start with the senior-level certification for your path, then work backwards:

Example - Cloud Architect path:

• Target: AWS Solutions Architect Professional
• Requires: Solutions Architect Associate
• Helpful: SysOps or Developer Associate
• Foundation: Network+, Security+ (not strictly required but helpful)

Example - Security Management path:

• Target: CISSP
• Helpful: CySA+
• Required foundation: Security+
• General foundation: A+, Network+

Step 3: Consider Your Starting Point

The path looks different depending on where you’re starting:

If you have zero IT experience: Start with A+ to prove baseline competence and get your first help desk role. Everything builds from there.

If you’re already working in IT (1-3 years): Skip A+ unless your employer requires it. Go directly to Network+ or Security+ depending on your direction, then specialize.

If you’re experienced (5+ years) but uncertified: Target the highest certification you can realistically pass. An experienced sysadmin doesn’t need A+. They need Azure Administrator or AWS Solutions Architect.

If you’re switching from another career: Consider career transition strategies alongside certification planning. You’ll likely need foundational certs to break in, then can accelerate based on transferable skills.

The Money Paths (Highest ROI Certification Sequences)

Based on 2026 salary data, here are the certification sequences with the strongest financial returns:

Path A: Cloud Architect ($150,000-$190,000)

1. Network+ ($55,000-$65,000 entry)
2. AWS Solutions Architect Associate ($85,000-$110,000)
3. AWS Solutions Architect Professional ($155,000-$175,000)

Timeline: 2-3 years | Investment: ~$1,500 in exams | ROI: 6,000%+

Path B: Security Leadership ($130,000-$170,000)

1. Security+ ($55,000-$70,000 entry)
2. CySA+ ($75,000-$95,000)
3. CISSP ($130,000-$160,000)

Timeline: 4-6 years (due to experience requirements) | Investment: ~$2,500 | ROI: 4,000%+

Path C: Enterprise Systems ($100,000-$140,000)

1. A+/Network+ ($50,000-$60,000 entry)
2. Azure Administrator (AZ-104) ($95,000-$115,000)
3. Azure Solutions Architect ($120,000-$145,000)

Timeline: 2-3 years | Investment: ~$1,800 | ROI: 5,500%+

Path D: DevOps Engineering ($120,000-$160,000)

1. Linux+ or equivalent hands-on experience ($60,000-$75,000)
2. AWS/Azure DevOps certification ($100,000-$125,000)
3. Kubernetes certification (CKA/CKAD) ($130,000-$160,000)

Timeline: 3-4 years | Investment: ~$2,000 | ROI: 5,000%+

What About Hands-On Practice?

Certifications prove you passed an exam. Employers want proof you can do the work.

Every certification path should include hands-on practice:

• For cloud certs: Use free tier accounts (AWS Free Tier, Azure Free Account) to build real projects
• For security certs: Practice on HackTheBox or TryHackMe
• For Linux/systems: Build a home lab or use Shell Samurai for command-line practice
• For networking: Use Packet Tracer or GNS3

The combination of certification + demonstrated project experience consistently outperforms either alone.

Timing Your Certifications

When to Get Your Next Cert

Get certified before applying if:

• The cert is listed as “required” in most job postings
• You need it to get past ATS screening
• You’re transitioning into a new specialization

Get certified after you’re hired if:

• Your employer offers to pay for it
• You need hands-on experience to pass the exam
• The cert is listed as “preferred” rather than “required”

Renewal Strategy

Most certifications expire after 3 years. Planning for renewal:

• Higher-tier CompTIA certs automatically renew lower-tier ones
• Cloud certifications often require recertification exams
• Build continuing education into your annual learning plan

The certification treadmill is real. Budget both time and money for ongoing maintenance.

Red Flags: Certification Paths to Avoid

Collecting every foundational cert: A+, Network+, Security+, Cloud Practitioner, AZ-900, and Google Cloud Digital Leader is redundant. Pick one cloud foundational cert, max.

Getting management certs too early: PMP and ITIL are valuable for managers, not individual contributors. Wait until you’re moving into management.

Chasing “hot” certifications without context: If everyone says “get Kubernetes certified!” but your target role doesn’t use Kubernetes, it’s wasted effort.

Ignoring the experience clock: CISSP, CCIE, and some professional-level certs require verified experience. Starting the exam process before you can actually achieve certification creates frustration.

Your 90-Day Certification Plan

Here’s how to start regardless of your current level:

Days 1-7: Research

• Identify 10 job postings for your target role
• List the certifications mentioned (required vs. preferred)
• Map the most common path to those certifications

Days 8-30: Foundation Assessment

• If you lack fundamentals: Start A+ or Network+ study
• If fundamentals are solid: Identify your first specialization cert
• Set up a free tier cloud account for hands-on practice

Days 31-60: Study Mode

• Block 1-2 hours daily for certification study
• Use Professor Messer (free), CBT Nuggets or similar
• Begin hands-on labs alongside theoretical study

Days 61-90: Exam Prep

• Schedule your exam (having a date creates urgency)
• Focus on practice tests and weak areas
• Join certification-focused communities for support

Frequently Asked Questions

Do I need A+ if I already work in IT?

No. If you’re already employed in IT and have 1+ years of experience, skip A+ unless your employer specifically requires it. Your experience demonstrates baseline competence. Move directly to Network+, Security+, or cloud certifications based on your career direction.

Should I get AWS or Azure first?

Check where your target employers are. Most enterprises lean Azure. Startups and tech companies often prefer AWS. If you’re unsure, AWS has broader job market coverage (80% of cloud job postings mention it), but Azure is growing faster in enterprise environments.

How long does it take to get certified from zero experience?

Realistically: 3-6 months to first certification (like A+ or Cloud Practitioner), 1-2 years to reach associate-level cloud or Security+, and 3-5 years to reach professional-level credentials. This assumes part-time study while working.

Is the CompTIA stack worth it if I’m going into cloud?

Partially. Network+ gives you fundamentals that transfer directly to cloud networking. Security+ is valuable because cloud security is in high demand. A+ is often skippable if you’re going straight to cloud from an IT-adjacent role.

What’s the cheapest path to a $100K salary?

The fastest ROI path: Land any IT job, immediately start studying for AWS Solutions Architect Associate while building projects in the free tier. Within 18-24 months, you can go from entry help desk ($45K) to junior cloud engineer ($85K+). Total certification investment: roughly $600.

Mapping Your Path Forward

The certification world can feel overwhelming. Hundreds of credentials, dozens of vendors, endless forum debates about which path is “best.”

But it’s simpler than it looks: pick your destination, identify the certifications that get you there, and start moving.

The people who advance fastest aren’t collecting the most certifications. They’re collecting the right ones in the right order, with hands-on experience to back them up.

Your next step is deciding your target role. Not “somewhere in IT” or “something with cloud.” A specific position at a specific type of company. Once you have that, the certification path becomes obvious.

Start with the job posting. Work backwards to today. That’s your roadmap.

---

Figuring out your next certification? Check out our topic hub for IT certifications for more in-depth guides on specific credentials and career paths.