CISSP or GSNA?

Just passed my CISA. I’m doing CRISC next to get a deeper understanding of IT Risk as the CISA just scrapes the surface.

After that, I’m wondering if CISSP or GSNA is better, thoughts?

(IT Auditor)

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

the_Grinch

I would go for the CISSP as it is better recognized and would better round out your skills.

CV33

I don't disagree. I suspect that the GSNA is an expert level cert whereas CISSP is advanced.

I wonder if the CISSP is too broad...

CV33

Does the CISSP explain the osi model and where system aceess comes into play at each layer?

krucial85

Yes it does.

TechGromit

CV33 wrote: »

I’m wondering if CISSP or GSNA is better, thoughts?

Depends on your goals, if you want knowledge, the GSNA is the way to go, if you want career marketability, CISSP. Try a search on any of the major job websites, type in GSNA and see how many hits you get. I found zero hits for one search and three hits on another website for Washington DC and up to 150 miles away, I tried CISSP next, 257 hits.

SANS certifications are becoming more popular, perhaps in the future they will recognized as better overall certs, but CISSP is still the gold standard. The ISC was established in 1989 and CISSP came into existence in 1994, SANS wasn't established as a certification entity until 1999 and the GSNA came into existence in late 2002.

The simple fact is unless you work in the security industry, chances are you never heard of GIAC, but most people in IT heard of the CISSP. I knew what CISSP was 10+ years ago, I didn't hear about the GIAC until it was a requirement for my position in 2015.

hilld

I personally think the amount of stuff you learn in the SANS courses with the accompanying GIAC certification will put you ahead technically, however, the CISSP will probably open more doors for you, especially with HR as that is probably the Gold standard for security certifications.

E Double U

Definitely CISSP!

636-555-3226

CISSP first for sure. Trust me, it'll get you much more well-rounded knowledge-wise and looks better on the resume.

clintonia

Throwing in another vote for the CISSP. GIAC certs aren't bad at all, however CISSP will let you hit more HR filters for better job opportunities and give you more high level security knowledge about all of the major domains. From there, you can drill down into an area of interest.