What Cert After CISSP?

ZzBloopzZ

Hello,

I passed the CISSP last week. I have spent several hours looking at what certification to do next but nothing really seems worthy ROI wise. The higher CISSP concentrations seem interesting. Maybe CISM? I was interested in the PMP but no where near the requirements you need for it. I would like to get into management or consulting down the road.

For those that passed the CISSP, what did you end up studying for next and why?

Thanks!

Dharmaraja

It depends very much on your career path. If you head up for Security Management, then CISM is the best choice as of now.

OctalDump

It's not exactly what you are asking, but I think you should consider a Master's degree if you don't have one already.

If you want to get PMP, then there is also CAPM from PMI which has lower requirements.

There's also the ISO27000 Lead Auditor and what not. ISACA certs are probably also a good fit. Axelos also have a broad 'best practices' certification, Resilia. Those sort of things to give you better fluency in the various frameworks.

There also GIAC Security Leadership Certification, and GIAC Certified Project Manager Certification.

webpriestess

Morning! Hopefully I can pass this CISSP and move on already. The next cert I have in mind is ACE - American Council on Exercise. There were some changes at the YMCA recently, and this cert (or type of cert) is a condition of my employment as a GroupX instructor.

But I'm sure that's not what you meant I have actually been thinking about going for the ITIL Foundations certification. I thought about PMP, and I have no interest in project management at this time. ITIL would be a very attractive certification to have in government, so maybe I will shoot for that next year...if I can pass this CISSP.

Congrats again, buddy
::Claudia

cyberguypr

The answer to this question depends on several factors. In my case I look at where I'm heading next as well as what will be beneficial to my current role. I had some gaps in forensics so I went for GCFE and am currently working on Encase. My employer is doing a lot of cloud stuff so I am shooting for CCSP next. If something else comes along that requires me to adjust my plan, I do so. I have to admit I looked at CISM but just don't see it happening as it's not too popular in the potential roles I may may be looking at in the next couple of years.

Takeaway is to see where you are and where you want to go, then build from there.

Ertaz

I chose CASP because of the overlap and additional emphasis on practitioner skills. I am scheduled to take it at the end of the month. Still don't have my printed certificate from ISC2 yet.

Swimfan2516

I'm leaning towards CISM as my next challenge because I already have my PMP and a graduate degree... I'd recommend graduate degree and PMP if you have the experience, time, and money of course.. ITIL-F you can probably take a weekend at most to study and pass the exam if it's something you want to put on your resume.

Clm

what route do you want to go Im trying to get to senior management positon so CISM and then GCIH are my main focus. linux+ and CEH i will sprinkle somewhere in the mix as well

Remedymp

You can probably challenge the Certified Fraud Examiner certification or the CISA from ISACA.

IaHawk

I just passed in May and now I'm looking at the GCIH, just contemplating if I do OnDemand or Live. Currently work on a small security team and feel this would best fit my current needs (aka, get work to pay for it). I would like to eventually look into some forensics courses.

TechGuru80

Hard question because it depends on what you have and what you want to do. Cisco, Microsoft, Linux, OSCP, Forensics, GIAC, CISM, CISA....there are so many options. I would say start looking at what helps you immediately and then start looking at what helps you in the future.

Seab

What about the ISSAP concentration ?

It seems to be a logical path following CISSP.


The ISSAP exam will test candidate's knowledge in the 6 domains of the ISSAP CBK, which cover:

• Access Control Systems and Methodology
• Communications and Network Security
• Cryptography
• Security Architecture Analysis
• Technology Related Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP)

• Physical Security Considerations

CCSP seems interesting as well considering the trend of companies using clouds, and think it is quite interesting area to be an expert or at least knowledgeable. Plus, the course is available on Cybrary, lead by nobody else than Kelly! Exam is still 550usd.

ZzBloopzZ

Seab wrote: »

What about the ISSAP concentration ?

It seems to be a logical path following CISSP.


The ISSAP exam will test candidate's knowledge in the 6 domains of the ISSAP CBK, which cover:

• Access Control Systems and Methodology
• Communications and Network Security
• Cryptography
• Security Architecture Analysis
• Technology Related Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP)

• Physical Security Considerations

CCSP seems interesting as well considering the trend of companies using clouds, and think it is quite interesting area to be an expert or at least knowledgeable. Plus, the course is available on Cybrary, lead by nobody else than Kelly! Exam is still 550usd.

Thanks for the feedback! You are right about the CISSP concentrations. I just may shoot for one of those. I was looking at the CCSP but would rather wait end of this year or beginning of 2017 when better proper books for it come out. Cloud is used alot at work so it will be useful.

The other certs do not seem beneficial to me personally since I already know people making 180k+ with CISSP being their highest cert and funny enough 2 of them don't even have a masters degree either.

OctalDump

ZzBloopzZ wrote: »

The other certs do not seem beneficial to me personally since I already know people making 180k+ with CISSP being their highest cert and funny enough 2 of them don't even have a masters degree either.

But if you want to make 185k+, then you really need a master's and a CISSP concentration

I think at some point, you re-evaluate and just start doing what you find intrinsically rewarding, and damn the money.

ItsmHarun

Depends on you carrier path. You can do certificati - CISA, Prince2 certification.