What Cert After CISSP?

ZzBloopzZZzBloopzZ Member Posts: 192
Hello,

I passed the CISSP last week. I have spent several hours looking at what certification to do next but nothing really seems worthy ROI wise. The higher CISSP concentrations seem interesting. Maybe CISM? I was interested in the PMP but no where near the requirements you need for it. I would like to get into management or consulting down the road.

For those that passed the CISSP, what did you end up studying for next and why?

Thanks!

Comments

  • DharmarajaDharmaraja Member Posts: 7 ■□□□□□□□□□
    It depends very much on your career path. If you head up for Security Management, then CISM is the best choice as of now.
  • OctalDumpOctalDump Member Posts: 1,722
    It's not exactly what you are asking, but I think you should consider a Master's degree if you don't have one already.

    If you want to get PMP, then there is also CAPM from PMI which has lower requirements.

    There's also the ISO27000 Lead Auditor and what not. ISACA certs are probably also a good fit. Axelos also have a broad 'best practices' certification, Resilia. Those sort of things to give you better fluency in the various frameworks.

    There also GIAC Security Leadership Certification, and GIAC Certified Project Manager Certification.
    2017 Goals - Something Cisco, Something Linux, Agile PM
  • webpriestesswebpriestess Member Posts: 82 ■■□□□□□□□□
    Morning! Hopefully I can pass this CISSP and move on already. The next cert I have in mind is ACE - American Council on Exercise. There were some changes at the YMCA recently, and this cert (or type of cert) is a condition of my employment as a GroupX instructor.

    But I'm sure that's not what you meant :) I have actually been thinking about going for the ITIL Foundations certification. I thought about PMP, and I have no interest in project management at this time. ITIL would be a very attractive certification to have in government, so maybe I will shoot for that next year...if I can pass this CISSP.

    Congrats again, buddy :)
    ::Claudia
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    The answer to this question depends on several factors. In my case I look at where I'm heading next as well as what will be beneficial to my current role. I had some gaps in forensics so I went for GCFE and am currently working on Encase. My employer is doing a lot of cloud stuff so I am shooting for CCSP next. If something else comes along that requires me to adjust my plan, I do so. I have to admit I looked at CISM but just don't see it happening as it's not too popular in the potential roles I may may be looking at in the next couple of years.

    Takeaway is to see where you are and where you want to go, then build from there.
  • ErtazErtaz Member Posts: 934 ■■■■■□□□□□
    I chose CASP because of the overlap and additional emphasis on practitioner skills. I am scheduled to take it at the end of the month. Still don't have my printed certificate from ISC2 yet.
  • Swimfan2516Swimfan2516 Member Posts: 42 ■■■□□□□□□□
    I'm leaning towards CISM as my next challenge because I already have my PMP and a graduate degree... I'd recommend graduate degree and PMP if you have the experience, time, and money of course.. ITIL-F you can probably take a weekend at most to study and pass the exam if it's something you want to put on your resume.
  • ClmClm Member Posts: 444 ■■■■□□□□□□
    what route do you want to go Im trying to get to senior management positon so CISM and then GCIH are my main focus. linux+ and CEH i will sprinkle somewhere in the mix as well
    I find your lack of Cloud Security Disturbing!!!!!!!!!
    Connect with me on LinkedIn https://www.linkedin.com/in/myerscraig

  • RemedympRemedymp Member Posts: 834 ■■■■□□□□□□
    You can probably challenge the Certified Fraud Examiner certification or the CISA from ISACA.
  • IaHawkIaHawk Member Posts: 188 ■■■□□□□□□□
    I just passed in May and now I'm looking at the GCIH, just contemplating if I do OnDemand or Live. Currently work on a small security team and feel this would best fit my current needs (aka, get work to pay for it). I would like to eventually look into some forensics courses.
  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    Hard question because it depends on what you have and what you want to do. Cisco, Microsoft, Linux, OSCP, Forensics, GIAC, CISM, CISA....there are so many options. I would say start looking at what helps you immediately and then start looking at what helps you in the future.
  • SeabSeab Member Posts: 127
    What about the ISSAP concentration ?

    It seems to be a logical path following CISSP.


    The ISSAP exam will test candidate's knowledge in the 6 domains of the ISSAP CBK, which cover:
    • Access Control Systems and Methodology
    • Communications and Network Security
    • Cryptography
    • Security Architecture Analysis
    • Technology Related Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP)
    • Physical Security Considerations
    CCSP seems interesting as well considering the trend of companies using clouds, and think it is quite interesting area to be an expert or at least knowledgeable. Plus, the course is available on Cybrary, lead by nobody else than Kelly! Exam is still 550usd.


  • ZzBloopzZZzBloopzZ Member Posts: 192
    Seab wrote: »
    What about the ISSAP concentration ?

    It seems to be a logical path following CISSP.


    The ISSAP exam will test candidate's knowledge in the 6 domains of the ISSAP CBK, which cover:
    • Access Control Systems and Methodology
    • Communications and Network Security
    • Cryptography
    • Security Architecture Analysis
    • Technology Related Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP)
    • Physical Security Considerations
    CCSP seems interesting as well considering the trend of companies using clouds, and think it is quite interesting area to be an expert or at least knowledgeable. Plus, the course is available on Cybrary, lead by nobody else than Kelly! Exam is still 550usd.


    Thanks for the feedback! You are right about the CISSP concentrations. I just may shoot for one of those. I was looking at the CCSP but would rather wait end of this year or beginning of 2017 when better proper books for it come out. Cloud is used alot at work so it will be useful.

    The other certs do not seem beneficial to me personally since I already know people making 180k+ with CISSP being their highest cert and funny enough 2 of them don't even have a masters degree either.
  • OctalDumpOctalDump Member Posts: 1,722
    ZzBloopzZ wrote: »
    The other certs do not seem beneficial to me personally since I already know people making 180k+ with CISSP being their highest cert and funny enough 2 of them don't even have a masters degree either.

    But if you want to make 185k+, then you really need a master's and a CISSP concentration ;)

    I think at some point, you re-evaluate and just start doing what you find intrinsically rewarding, and damn the money.
    2017 Goals - Something Cisco, Something Linux, Agile PM
  • ItsmHarunItsmHarun Member Posts: 178
    Depends on you carrier path. You can do certificati - CISA, Prince2 certification.
Sign In or Register to comment.