There are various certifications you could take but it depends on your career interest. Options are:
Security +, is about general security and doesn't require professional security experience.
OSCP, is around offensive security (penetration testing etc).
CISSP, but this certification would require you to have security experience.
If you are interested in penetration testing, you could also look into joining public Bug Bounty (BB) programs. Companies such as (Airbnb, Facebook, Google, etc.) offer BB programs, where they reward researchers for finding vulnerabilities in their infrastructure/products etc. More info here.
In my experience in Silicon Valley, I've learned that bug bounty skills could be more valuable as certifications, especially for Security Engineering jobs. However, as I've mentioned before, it depends on your career interest. If you are trying to find out which path you would like to go, I would suggest looking into Security + or OSCP.
Kadia recommends the following next steps:
- Read more about Security + here: https://certification.comptia.org/certifications/security
- Read more about OSCP here: https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/
- Decide which certification aligns the most with your career interest. If you are more interested in learning more about vulnerability research, visit one of the Bug Bounty Platforms, for example: https://www.hackerone.com/, https://www.bugcrowd.com/, ...