CISSP - Real Value

dustervoice

This has been the greatest investment i've made in my career. After being certified, i've been receiving calls from recruiters like there is no tommorow-- had to create an invite system. Got a new job within weeks of endorsement. for anyone who thinks its an expensive cert.. believe me with some experience and this cert you can easily increase your salary by 30% well worth the price you pay for a few books and to sit the exam. My aim is to not let it expire as i believe it will be my entry ticket to the Pearly Gates. Now for the uncertified, go get this damn cert and get PAID!!!!!! and learn a bit about security while your at it.

E Double U

Good job man! Just a few more weeks for me.

jonwinterburn

dustervoice wrote: »

This has been the greatest investment i've made in my career. After being certified, i've been receiving calls from recruiters like there is no tommorow-- had to create an invite system.

Really? Where are recruiters getting your details from? What country are you in? I'm in the UK, in London and I updated my LinkedIn profile as soon as I got my CISSP endorsed. Nothing. Not even extra views on my profile. Speaking with an associate the other day who works for GCHQ here, he said CISSP is worthless these days, and that CREST qualifications hold more value. My colleagues in the US (Des Moines) say that CISSP isn't sought after much either. So I've felt a bit deflated to be honest

zxbane

I experienced similar results to the OP. Regardless of what people on this forum might say about the CISSP it exponentially increased the number of job opportunities I got contacted about once I added it to my resume. That alone makes it worth the ROI to me.

dustervoice

jonwinterburn wrote: »

Really? Where are recruiters getting your details from? What country are you in? I'm in the UK, in London and I updated my LinkedIn profile as soon as I got my CISSP endorsed. Nothing. Not even extra views on my profile. Speaking with an associate the other day who works for GCHQ here, he said CISSP is worthless these days, and that CREST qualifications hold more value. My colleagues in the US (Des Moines) say that CISSP isn't sought after much either. So I've felt a bit deflated to be honest

I'm in the UK as well....... Will send you a PM.

cyberguypr

@jonwinterburn Your colleagues in the US are either oblivious to the Infosec arena or are in a specific industry/niche that doesn't care about the CISSP. There's simply no other Infosec related cert that is widely considered as required or recommended by most job posts. Anyone looking for an Infosec gig will most likely come across this.

The CISSP (and most certs) have a ton of haters. At the end of the day it's all about enhancing your chances of landing that perfect job. One of the reasons I got the CISSP (although not the primary) was to be prepared for the time when I found a job that said "CISSP required". That time came two years after I certified and I was prepared. Mission accomplished.

dave0212

cyberguypr wrote: »

The CISSP (and most certs) have a ton of haters. At the end of the day it's all about enhancing your chances of landing that perfect job. One of the reasons I got the CISSP (although not the primary) was to be prepared for the time when I found a job that said "CISSP required". That time came two years after I certified and I was prepared. Mission accomplished.

Exactly my thoughts, it is sort of expected within the industry that you hold this certificate

jonwinterburn

dave0212 wrote: »

Exactly my thoughts, it is sort of expected within the industry that you hold this certificate

You've hit the nail on the head. It is expected now that you hold the CISSP. That's what I'm saying - that holding the CISSP doesn't really set you aside from the crowd because so many people already hold it It feels like MCSE all over again. It's like an entry level cert from what I see. So that leaves experience or other certs. Experience is the one thing on my side...but then again, a number of employers consider 15 years experience = old and stuck in your ways. As for certs, I was chasing them with SSCP then CISSP and started on CISM and looked at OSCP but I'm floundering as I don't want to waste time and money on worthless certs.

Apologies for the negativity. I'm usually very positive about CISSP and the industry as a whole, but I'm having one of those weeks when everything is crap and I feel like I wasted my time.

jonwinterburn

cyberguypr wrote: »

@jonwinterburn Your colleagues in the US are either oblivious to the Infosec arena or are in a specific industry/niche that doesn't care about the CISSP.

Des Moines is the insurance capital of the US. InfoSec jobs everywhere. My colleagues (who work for the same employer as me, which isn't insurance, but who used to work in insurance and know people in insurance there) are saying that roles there now value a degree in Cyber Security or equivalent over a CISSP and that some of the roles they've seen advertised don't even ask for CISSP. That's the only reason I mention the US. Of course, Des Moines is only one city.

dave0212

jonwinterburn wrote: »

You've hit the nail on the head. It is expected now that you hold the CISSP. That's what I'm saying - that holding the CISSP doesn't really set you aside from the crowd because so many people already hold it It feels like MCSE all over again. It's like an entry level cert from what I see. So that leaves experience or other certs. Experience is the one thing on my side...but then again, a number of employers consider 15 years experience = old and stuck in your ways. As for certs, I was chasing them with SSCP then CISSP and started on CISM and looked at OSCP but I'm floundering as I don't want to waste time and money on worthless certs.

Apologies for the negativity. I'm usually very positive about CISSP and the industry as a whole, but I'm having one of those weeks when everything is crap and I feel like I wasted my time.

This is true of any cert that gains this kind of holder expectation, since getting CISSP I had no desire to attain anything else really, but ended up doing CISA recently as a work expectation and now that will pretty much drive anything I do in future. I also always like to learn something so while no mandate from the CEO exist, I will pick something to do in the interim

dustervoice

jonwinterburn wrote: »

That's what I'm saying - that holding the CISSP doesn't really set you aside from the crowd because so many people already hold it It feels like MCSE all over again.

If a recruiter is trying to fill a role that requires CISSP and is reviewing 10 CV's if 9 has cissp listed and yours is the one without.. most likely thats the one going into the rubbish bin(recycle bin). Cissp will definitely get you a foot in the door from there your on stage to perform and if youve read the shon harris book then the buzz words will automatically spill out of your mouth!

YouWill787

Thanks for making this post along with everyone who joined in! I've been a lurker on this site for a while now.. it's things like this that pick you up when you're 4+ months into prepping for the CISSP and at a point where you're wondering if it's all even worth it. So, I just wanted to put that out there, posts like this do help people when they're discouraged and they are appreciated, even for all the lurkers who never leave a reply.

TheFORCE

dustervoice wrote: »

This has been the greatest investment i've made in my career. After being certified, i've been receiving calls from recruiters like there is no tommorow-- had to create an invite system. Got a new job within weeks of endorsement. for anyone who thinks its an expensive cert.. believe me with some experience and this cert you can easily increase your salary by 30% well worth the price you pay for a few books and to sit the exam. My aim is to not let it expire as i believe it will be my entry ticket to the Pearly Gates. Now for the uncertified, go get this damn cert and get PAID!!!!!! and learn a bit about security while your at it.

I have had a similar experience with CISSP. In the beginning it started really slow. Two months after passing the exam, 1 week after receiving the paper cerification I was offered a new job with 26% increase. I will start the new job next week and stil everyday and I really mean every day I receive at least 1 call from recruiters for a infosec position and I have to decline and tell them already found something. Be patient, good things will happen if you try.

jonwinterburn

dustervoice wrote: »

If a recruiter is trying to fill a role that requires CISSP and is reviewing 10 CV's if 9 has cissp listed and yours is the one without.. most likely thats the one going into the rubbish bin(recycle bin). Cissp will definitely get you a foot in the door from there your on stage to perform and if youve read the shon harris book then the buzz words will automatically spill out of your mouth!

True enough, LOL. My current role in InfoSec I got without CISSP. It's a US firm with offices in London. CISSP wasn't a requirement from either side of the pond in this firm; experience was. I decided to gain SSCP then CISSP simply as an insurance policy. Having said that, I did learn an awful lot during my studies - knowledge I hadn't covered despite my experience (mainly crypto and SDLC).

jeremywatts2005

I am studying for my CISSP, but doubt I will get a huge pay bump from someone else. Without my CISSP I have went from making 68K a year in May 2013 to 145K a year in Coming May 2015. You do the math and all I did was take a second masters in Digital Forensics from Champlain College. You do the math on that one. I get the CISSP I expect maybe 10 - 15% more if I am lucky. I am kind of pushing my experience limit right now. I need more to get a better job.

jonwinterburn

Huh. Seems recruiters are watching this forum. Literally just received an invite on LinkedIn from a recruiter who says they're interested in me for an Incident Response Consultant vacancy. No way is that a coincidence!

dustervoice

jonwinterburn wrote: »

Huh. Seems recruiters are watching this forum. Literally just received an invite on LinkedIn from a recruiter who says they're interested in me for an Incident Response Consultant vacancy. No way is that a coincidence!

You see i told you .......... Do what i said in the PM and watch your bank account grow exponentially.

chickenlicken09

lol, duster can you send me that email too.

dustervoice

eddo1 wrote: »

lol, duster can you send me that email too.

Nope i cannot as you dont have CISSP in your list of certs or signature... when u've earned the "badge of glory" i will send you that email

chickenlicken09

haha ok cheers.

E Double U

dustervoice wrote: »

You see i told you .......... Do what i said in the PM and watch your bank account grow exponentially.

ooh ooh ooh me too me too

dustervoice

Oh i forgot mention that i read about the monetary value of cissp under the "Disaster Recovery" domain. Thats what kept me going

LionelTeo

Be is CISSP or Degree In Cyber Security (saw someone mention that) only gets u as far as passing the HR and disgusting automated filtering machine. Your applicability to the job, how you present your character to the hiring manager still applies, and how you fare comparing to other candidates out in the market.

I would rather get hired for a job that the hiring manager recognize what is a good skillet, than over a organization that emphasize what's on a paper. A job that probably don't require CISSP that randomly listed CISSP tells you a lot about their hiring process, and give some in sight to their cultural viewpoints on how they judge things. Instead, if you see something like OSCP in a position listing requirement, it does tells you a different story how in depth did the company went for in terms of looking for relevant professional.

E Double U

LionelTeo wrote: »

how you present your character to the hiring manager still applies.

Humor has gotten me through several interviews.

beads

Seeing fewer and fewer postings demanding or requiring the CISSP as the market, like any other, will eventually over saturate with candidates. If you've been in the field long enough and the position gets expensive enough for business to automate - it will.

Where another CNE to explain this one. LOL. How about another MCSE 3.x, 4.0 or 2k? It always catches up with us eventually. At least the (ISC)2 has some experience requirement involved or we'd have another race to see whose got the youngest progeny to able to pass the exam? What was the record for youngest MCSE? 8 years old I believe? Come on - its a cert in audit!

JasminLandry

At what point in your career did you start studying for the CISSP? How many years of experience did you have when passing the exam?

E Double U

JasminLandry wrote: »

At what point in your career did you start studying for the CISSP? How many years of experience did you have when passing the exam?

Over a decade in IT, but it was the 6+ years at a telco (NOC, SOC, config) and 2+ years of bank security that helped the CISSP material sink in.

wayne_wonder

jonwinterburn wrote: »

Really? Where are recruiters getting your details from? What country are you in? I'm in the UK, in London and I updated my LinkedIn profile as soon as I got my CISSP endorsed. Nothing. Not even extra views on my profile. Speaking with an associate the other day who works for GCHQ here, he said CISSP is worthless these days, and that CREST qualifications hold more value. My colleagues in the US (Des Moines) say that CISSP isn't sought after much either. So I've felt a bit deflated to be honest

I'm in the UK and the cissp value is a all time high(yet to get mine yet) get on sc/dv cleared jobs/cyber security jobs and indeed and you'll be well onto the road of a new role

impelse

In my case after I got certified and updated my profile the phone calls begin to show up.

Robertf969

jonwinterburn wrote: »

Huh. Seems recruiters are watching this forum. Literally just received an invite on LinkedIn from a recruiter who says they're interested in me for an Incident Response Consultant vacancy. No way is that a coincidence!

::cough:: ::cough:: i'm looking for a job ::cough:: ::cough::

Robertf969

jonwinterburn wrote: »

Huh. Seems recruiters are watching this forum. Literally just received an invite on LinkedIn from a recruiter who says they're interested in me for an Incident Response Consultant vacancy. No way is that a coincidence!

Duster I will take your magic PM!