Is CISSP Associate track recommended?

in SSCP
As an IT Support Analyst (level2-3) with 5 years of IT industry experience I know I will not meet enough domain experience to be fully CISSP certified. However, I get the sense on this forum that it is not wise to get the CISSP unless you know that you have enough experience. My goal is to move on to IT Sec Auditing but am not sure Secrity+ is eougt to be considered, so I want CISSP. Most positions list CISSP as a qualification. Can any auditors weigh in?
Comments
One of our directors was also on the ISC2 board and he said that when you fill out your experience to fill it out to best of your knowledge, be generous without lying. You'll put references and just see how it goes.
Still recommend doing the SSCP in preparation as the fact is - the more test you take the easier they become. As an added benefit your building some measure of credibility rather than coming out of obscurity and suddenly having the CISSP on your resume with little actual experience to back it up. Those are the resumes I either highly question if not simply add to the pile in the wastebasket. I no longer bother with those - really!
Security+? Meh. Its a good exam to get your feet wet and to train yourself to take security exam but no one really pays attention to it after your first real security job. If you took it at a time that it was supposed to be forever that comes with its own prejudice. After that time frame and someone is going to ask why you took it in the first place. Personally, I see some skill building when I see it others don't. YMMV on this one. Took me 32 minutes to complete the Security+ exam with a near perfect score. Little less than 2 hours (with five breaks) to complete the CISSP and nearly two hours to complete the ISSAP. All good and valid exams but done at different points in time of my career.
Going the slightly longer road may help build some credibility in the longer run but its your career - your choice.
Good luck and enjoy the journey!
- beads
The Security+ is a requirement for level 1 IAT jobs and a must have.
On the other hand, ISC will waive 1 year of experience for the Security+ when you apply for endorsement so you would only need 4 years of verifiable experience.
Don't know what your goals are but you might want to look at the OSCP if you are very technical.
Ive heard its a very technical and challenging course.
The CISSP isn't very technical but more of a managers type test.
I said HR drones not the ISC2 now, didn't I? Sue me and take my birthday away. Make me eat cake. Oh well.
- b/eads