Question about employment qualifications for CISSP

Gorby

Hello, I searched around the forum and I was wondering what qualifies as experience in 2 of the 8 CISSP domains. I currently work in the IT security auditing field for about 2 years now, but before this job I was working in desktop support area for a few years doing the usual tasks such as virus removal, account creation/ removal, managing assets etc.

Would I be able to map my current job experience towards five years of experience in 2 of the domains or does (ISC)2 look for a security job title when looking at the 5 years experience?

rfra

You have to submit your resume and previous manager contact info along with a good description of what your job duties were in each role. The job title doesn't necessarily need to identify you as a security practitioner as they are more interested in the responsibilities you executed in those jobs. You do not want to embellish the nature of your position as the endorsement process (and potential audit) are there to help weed out people who are exaggerating their experience to get the cert, but you should certainly emphasize how your job duties aligned with the CISSP domains to make it clear why you are qualified. Your endorser will (and ISC2 might) contact your previous employers to make sure that what you are claiming is true.

paul78

I've heard that ISC2 is pretty liberal about their definition on what applies as experience. Based on your description, it probably could qualify as experience.