SSCP after Security+?

Would it be a wise choice to get the SSCP after the Security+? After passing the Security+ would one have to study a lot or a little to get SSCP certified?

Find more posts tagged with

Comments

Falcon56

I have both certs.....if I had it to do over again, I would have skipped the SSCP and gone on to the CISSP. If you need the SSCP for a DOD job, I'd consider it. If not, move on to CyberSecurity Analyst+ or your Net+.

rscrt

There is a great deal of overlap... dependes on what do you want to achieve

SteveLavoie

I recently had to choose between Security+ and SSCP. I compared the outline of both exam, and they are very alike. I choose the SSCP because I want to shot for the CISSP in 2017. But for me, both are similar. I think there is more brand recognition on Sec+

If you have to maintain some A+, or Network+, go for Sec+.

Remedymp

It doesn't make sense to have both. Choose one, but not both.

NavyMooseCCNA

I'm a few weeks from taking my Security+ and my intention was to immediately start studying for the SSCP. My long term certification goals are the following: SSCP, CCSP, and CCFP.

Remedymp

NavyMooseCCNA wrote: »

I'm a few weeks from taking my Security+ and my intention was to immediately start studying for the SSCP. My long term certification goals are the following: SSCP, CCSP, and CCFP.

If you're CCSP, then that supersedes the SSCP.

rscrt

I have both, and I think that harder is the one you take first

but I believe SSCP is more known here in Europe and adds a bit of credibility by requiring experience and endorsement... if you want to go the CISSP route and dont want to take the other CompTIAs, go for SSCP.

NavyMooseCCNA

Remedymp wrote: »

If you're CCSP, then that supersedes the SSCP.

Correct, I am looking at the ISC2 certifications because they interest me and I thought getting the Security+ then CCSP would be a good primer into the ISC2 system.

Remedymp

NavyMooseCCNA wrote: »

Correct, I am looking at the ISC2 certifications because they interest me and I thought getting the Security+ then CCSP would be a good primer into the ISC2 system.

Yes, but don't get security+ and then CCSP. It won't make sense to have several security certifications of the same performance level. If you're CCSP, then you're already of a mature security resource.

djcarter

Remedymp wrote: »

Yes, but don't get security+ and then CCSP. It won't make sense to have several security certifications of the same performance level. If you're CCSP, then you're already of a mature security resource.

agreed, if you plan to get the CCSP right after, don't bother with the security+ unless you need it specifically for DoD or other requirements. I would invest the energies and time in the CCSP and then maybe consider the CISSP after if you need it specifically or want the really big name cert.

OctalDump

SSCP is more focussed on security operations than Sec+. Sec+ does have security operations, but is broader and shallower. CISSP is more security management, design and architecture, more abstracted.

What I am saying is that they all fill different (although overlapping) roles. One reason you might get SSCP is if you are working in sec ops, or perhaps a network/systems role with a substantial security component, and have less than 3-4 years experience. It will help make you better at that job and give some external evidence of competence. It might be useful if you were transitioning into a more security operations or engineering focussed role.

If you are motivated purely by up front ROI, then you'd need to judge the market you are in. It might be that SSCP has very little visibility, or that it's treated the same as Sec+, or it could be that it is specifically asked for over and beyond CISSP or Sec+.

CISSP is definitely more challenging exam than SSCP. It is sort of "gold standard" for security. It's broad and abstracted so that a CISSP should be able to bring security knowledge to most areas of IT without needing to know deep technical detail in every aspect. They'd be able to specify requirements, architect and design, but not necessarily be intimately involved in the implementation - think specifying a password policy vs configuring that policy in Active Directory. Now, it is possible, and in many cases likely that a CISSP will be implementing security, but that usually implies skills/knowledge not within the CISSP eg CCNP Security or OSCP or MCSE etc. But they could also be taking an advisory, compliance, or high level architect role.

CSA+ and CASP are also options. CSA+ is Cyber Operations with a focus on Security Analyst, blue team, type work you'd typically find in a junior SOC role. CASP is similar to SSCP, but offered by CompTIA, it has a strong hands on focus and is a little more towards the security engineering end. CCNA Cyber Ops is also a possibility.

My suggestion is to look at your career plan. Where are you now, where do you want to get to. If you are looking for a role with a strong sec ops focus, hands on, then SSCP might be a good choice. If you've already been doing that and are looking to move onto something more engineer/design/architect focussed, then CISSP might be a good choice. If you're just starting out, and looking at helpdesk roles, then Sec+ is likely good enough for now.

I think it's perfectly ok to progress through different certs as your career progresses. You might end up holding certs that overlap, but as you move on, you can let the less relevant ones expire.

Ideally, you should be studying a little ahead of where you are now, so that you can apply some of what you are learning immediately and be stretching towards that next role. Often the best time to be interviewing for a new job is when you are just about to, or just finished certifying, since your brain will be full of all that recent knowledge and you can sound smart

mritorto2

I took security+ then sscp. I think its good to go in order and build up to the six hr cissp exam. The more certs the better.