Should I pursue CISSP
Hi Guys,
I am currently working as level 3 desktop support but really want to get into the security field.
My initial plan was to first take the SSCP and then CISSP but from speaking to recruiters, SSCP is not sought after in my area.
On the other hand, nearly all security job spec's have CISSP on them.
The question is, without having working experience in security, is it worth my while gaining CISSP?
Im just not sure if companies would have any interest if I dont have the security experience to go along with it.
Thanks!
I am currently working as level 3 desktop support but really want to get into the security field.
My initial plan was to first take the SSCP and then CISSP but from speaking to recruiters, SSCP is not sought after in my area.
On the other hand, nearly all security job spec's have CISSP on them.
The question is, without having working experience in security, is it worth my while gaining CISSP?
Im just not sure if companies would have any interest if I dont have the security experience to go along with it.
Thanks!
Comments
Having a certification on the ISC2 list can wave a year off of the five years.
WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
*****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
Start here: http://www.techexams.net/forums/security-certifications/24759-need-helping-chosing-security-certification.html
- b/eads
2. Will your employer pay for any? Getting some from GIAC with SANS training, or a vendor security cert like Cisco could help you break into the field. Honestly if you just have a CISSP, don’t be surprised if you get a lot of compliance based jobs calling. Eventually one way or another, you will have to get he CISSP but research skills that are desired for specific jobs you want and try to match those.
https://cert.isc2.org/cissp-exam-outline-form/
Don't forget you need 5 years experience in at least 2 domains.
CISSP - live n' kickin'
My CISSP study apps
My CISSP study advice blog
Personally, I would suggest building up your portfolio of other security certifications, and get some day to day security experience under your belt before going for the CISSP.
CISM
Also every job i have ever worked in this field came with a few weeks of train up on how to things the companies way. Ask a lot of questions and take some of your time to learn what ever you need to learn and you should be good
Connect with me on LinkedIn https://www.linkedin.com/in/myerscraig
I can give you some feedback from the government contractor perspective. I have been interviewing candidates for Information System Security Engineer (Security +) and Information System Security Manager (CISSP or CAP) positions for the past 4 months.
Given your current experience level in cybersecurity I would suggest not going for the CISSP but another credential such as Security +. Security + will allow you to get your foot in the door much quicker. Should take you about 6 weeks to study for at most. There is no years of experience to get the credential as there is with CISSP.
Security + will qualify you for positions as an Information System Security Engineer (ISSE). Given the current job market, we have hired people with Security+ and no experience because it is so difficult to find people. We look at potential and team fit when the person does not have experience. If I am interviewing someone with a CISSP and no experience, I consider them at the same level as someone with Security +.
Once you get your foot in the door, then start studying for CISSP or another higher credential. The key is getting your foot in the door and getting experience. Always be studying for your next credential or at least have an idea what you are going to do next.
If you are considering government contracting take a look at DOD 8570 which spells out the certifications needed for cybersecurity professionals in the government. Focus on the first two rows, IAT and IAM.
https://iase.disa.mil/iawip/Pages/iabaseline.aspx