[ohm]

You don't need certifications to get a job if you have knowledge of various security topics. But if you don't, certifications are a great start to gain that knowledge. Also majority of security interviews will ask you questions from various parts of security so it's best to learn those topics. First figure out which part of security you want to work in and then take the shortest path to get a job in that part of security.

For compliance work you need certifications. Security+ as a start. AWS and Azure to stand out from the crowd, then CISSP and CISA and whatever other certs company requires.

For network security. Certifications matter. Network+, Security+, CCNA.

For blue team. Certifications matter. Security+, Microsoft, Linux, Network+, etc.

For pentesting. Skills matter more but certifications will help you with interview questions and getting first job. Web App testing knowledge is the most important, followed by code review and netpen knowledge. Security+ and Network+ certs to answer security related interview questions. OSCP to help you with learning how to use tools, how AD attacks work and getting a boost over other candidates.