General questions about CISSP

hellotechhellotech Posts: 3Registered Users ■□□□□□□□□□
Hi everyone,
I have a background as software/test and network engineer with a Gap in my career going to teaching. I'm trying to go back to the field and I need to update my learning. I'm thinking to go into the security engineer field with taking CISSP certificate and I have few questions before I invest time and money in it.
1- I understand the networking layers and basic TCP/IP LAN/WAN configurations and I am a quick learner, but can I pass the certificate without the need to take other certificate/s before it?
2- I have no experience in security, would companies ask for that? and if I pass the CISSP will it be enough for the employer to consider my resume?
3- I need to fill in some paper work for an informational interview for a 2 technical IT preferably who have the certificate and are working, it's a 20-30 mins questionnaire that asks about their daily routine at work and what they need to be successuful at their jobs, etc.

I'm new to the forum and I hope I can find some answers.
Thank you for your time.

Comments

  • TechGuru80TechGuru80 Posts: 1,534Registered Members
    How long was your gap? There is only a certain timeframe that you can claim previous experience towards the CISSP (5 years or 4 years and an applicable degree/certification).

    1. You must understand it from a security perspective (attacks, malicious use, etc.). The OSI model is one part in an otherwise very large common body of knowledge. You are probably better off starting with Security+ (or network security certifications, such as Cisco) and see where you stand. Not to mention you haven't worked in security so although you have technical knowledge, security involves analyzing bad guys (many of whom are operational employees).

    2. Passing the CISSP without experience is worthless. Especially since things change fast in technology, your previous experience could be out of date. Do not assume you will be able to walk into a Mid to High level position.

    3. I have no clue what you are asking...passing the CISSP without experience is worthless.
  • CyberscumCyberscum Posts: 773Registered Members
    TechGuru80 wrote: »
    How long was your gap?

    Getting kinda personal here.
  • markulousmarkulous Posts: 2,375Registered Members
    Don't you have to have two years experience in security to qualify for the CISSP?
  • Danielm7Danielm7 Posts: 2,173Registered Members
    markulous wrote: »
    Don't you have to have two years experience in security to qualify for the CISSP?

    5, or 4 with a related degree. It's in one of the domains though, so a security function, not exactly a 100% security job. Either way, no security experience and an unknown work gap + a CISSP isn't really a great combo.
    2- I have no experience in security, would companies ask for that? and if I pass the CISSP will it be enough for the employer to consider my resume?

    Yes, they'll want experience, especially for an engineer level position. Consider your resume is relative, if you have experience in the tasks they need, even similar ones, they might consider that.
  • markulousmarkulous Posts: 2,375Registered Members
    Oh so you can just use 4 years of general IT experience (with a degree) and just tailor it enough to qualify?
  • Danielm7Danielm7 Posts: 2,173Registered Members
    Assuming your general IT experience falls under the 8 domains for the CISSP, from what I understand, yes.
  • hellotechhellotech Posts: 3Registered Users ■□□□□□□□□□
    I'm trying to take with "new Horizons" (not sure if I can say the name), they'll teach it for one weak with an instructor and then you prepare on your own for 5-6 weeks and pass the exam when you're ready. I have more than 4 years of experience as QA engineer where only 2.5 years are in networking more in the development and scripting side of that. The school told me with your experience you should be able to go into the class without any certificate before. but with all your inputs it looks like I can't?
  • hellotechhellotech Posts: 3Registered Users ■□□□□□□□□□
    (*week for earlier typo) Also if CISSP is not the right certificate for me , which one can be beneficial to put me in the field of security engineer rather than QA engineer? I'm not looking for advancd level, an entry to mid level is my goal now.
  • alias454alias454 Posts: 648Registered Members
    I found this the other day and thought it had some good information about different sec focused certs https://danielmiessler.com/essays/infoseccerts/.
    “I do not seek answers, but rather to understand the question.”
  • Mike7Mike7 Posts: 1,050Registered Members
    hellotech wrote: »
    Hi everyone,
    I have a background as software/test and network engineer with a Gap in my career going to teaching. I'm trying to go back to the field and I need to update my learning. I'm thinking to go into the security engineer field with taking CISSP certificate and I have few questions before I invest time and money in it.

    Will you be able to get a certification using existing network knowledge? Say a CCENT or CCNA?

    Security today is very extensive and covers a lot of areas. You may want to start with CompTIA's Security+ as it gives you a foundation knowledge, all you need to do is pass the exam. Depending on your background, this may be as short as a few days intense study with the right textbook. Check the CompTIA Security+ forum for good study materials.

    CISSP is more for those with some experience; it can take weeks and months to prepare for it. After passing, there is still the endorsement/audit process before they award the CISSP title.

    Since you are fairly new, you may want to check Starting an InfoSec Career (1-3) and Starting an InfoSec Career (4-5).
Sign In or Register to comment.