Should I pursue CISSP

ian 123ian 123 Member Posts: 20 ■□□□□□□□□□
Hi Guys,

I am currently working as level 3 desktop support but really want to get into the security field.
My initial plan was to first take the SSCP and then CISSP but from speaking to recruiters, SSCP is not sought after in my area.
On the other hand, nearly all security job spec's have CISSP on them.

The question is, without having working experience in security, is it worth my while gaining CISSP?
Im just not sure if companies would have any interest if I dont have the security experience to go along with it.



  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    I'd look over the domains listed for the CISSP and check to see if you may have filled some the requirements they are looking for.... Alot of stuff fits in those domains even if your title doesn't say Security in it.
  • jamesleecolemanjamesleecoleman Member Posts: 1,899 ■■■■■□□□□□
    How many years of experience do you have?

    Having a certification on the ISC2 list can wave a year off of the five years.
    WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
    *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
  • beadsbeads Member Posts: 1,525 ■■■■■■■■■□
    And what exactly do you want "to do" in security? A cert like like the CISSP isn't going help much with a title change without the requisite skill sets to back it up. Errr.... at least in my shop.

    Start here:

    - b/eads
  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    1. How many years have you been working in technology? If you don’t have the full 4 or 5 (see website), then you can get it right now anyways.

    2. Will your employer pay for any? Getting some from GIAC with SANS training, or a vendor security cert like Cisco could help you break into the field. Honestly if you just have a CISSP, don’t be surprised if you get a lot of compliance based jobs calling. Eventually one way or another, you will have to get he CISSP but research skills that are desired for specific jobs you want and try to match those.
  • laurieHlaurieH Member Posts: 109 ■■■□□□□□□□
    Probably the easiest thing in terms of seeing whether your experience would match up is to check it against the exam outline which breaks down each section:

    Don't forget you need 5 years experience in at least 2 domains.
    CCNA - expired
    CISSP - live n' kickin'
    My CISSP study apps
    My CISSP study advice blog
  • mattster79mattster79 Member Posts: 135 ■■□□□□□□□□
    You could look into the associate CISSP route.

    Personally, I would suggest building up your portfolio of other security certifications, and get some day to day security experience under your belt before going for the CISSP.
  • ClmClm Member Posts: 444 ■■■■□□□□□□
    If you want to work in the security field i would say yes get the cert. Its mostly security theory and you will have to find out how to apply that theory to your job.

    Also every job i have ever worked in this field came with a few weeks of train up on how to things the companies way. Ask a lot of questions and take some of your time to learn what ever you need to learn and you should be good
    I find your lack of Cloud Security Disturbing!!!!!!!!!
    Connect with me on LinkedIn

  • Tim2Tim2 Registered Users Posts: 1 ■□□□□□□□□□

    I can give you some feedback from the government contractor perspective. I have been interviewing candidates for Information System Security Engineer (Security +) and Information System Security Manager (CISSP or CAP) positions for the past 4 months.

    Given your current experience level in cybersecurity I would suggest not going for the CISSP but another credential such as Security +. Security + will allow you to get your foot in the door much quicker. Should take you about 6 weeks to study for at most. There is no years of experience to get the credential as there is with CISSP.

    Security + will qualify you for positions as an Information System Security Engineer (ISSE). Given the current job market, we have hired people with Security+ and no experience because it is so difficult to find people. We look at potential and team fit when the person does not have experience. If I am interviewing someone with a CISSP and no experience, I consider them at the same level as someone with Security +.

    Once you get your foot in the door, then start studying for CISSP or another higher credential. The key is getting your foot in the door and getting experience. Always be studying for your next credential or at least have an idea what you are going to do next.

    If you are considering government contracting take a look at DOD 8570 which spells out the certifications needed for cybersecurity professionals in the government. Focus on the first two rows, IAT and IAM.
Sign In or Register to comment.