In an industry where there are a dizzying array of security certifications to be had, many of them are either entry-level certifications, or are based around a particular area of specialization (malware, pentest, etc...).
While these are of value as a 'you must be this high to ride' for more junior or specialized positions, there are only a few that purport to indicate/validate higher levels of experience, the CISSP being the obvious example. Some would argue that even the mighty CISSP has fallen victim to it own success (75,312 in the US along as of April 2017).
Yes, there are some attempts to build things for the more experienced end of the spectrum (EC-Council largely), but these seem to not have caught on to any great extent, based on searching for these certs on various job boards and articles such as:
https://www.globalknowledge.com/us-en/content/articles/top-paying-certifications/
Do certifications in general begin to lose their value when hiring or being hired as experienced security professionals?
If so, what method of evaluating more experienced people takes the place of certifications?
