Just passed CISSP, now what ?

joker197cinquejoker197cinque Junior MemberMember Posts: 6 ■□□□□□□□□□
Hi guys,

I just passed CISSP exam and, because of established study mood, I would like to collect info about other infosec exams, like for example CISM to take it in 2018.

Can you please give me some advice ?

Any help much appreciated

Kind regards


  • Danielm7Danielm7 Senior Member Member Posts: 2,310 ■■■■■■■■□□
    What do you do in infosec? What are your goals?
  • nisti2nisti2 Senior Member Member Posts: 502 ■■■■□□□□□□
    Congratulations!! All the best!!
    Stay chill for a long while... Then you can go with CISM :P
    2020 Year goals:
    Already passed: Oracle Cloud, AZ-900
    Taking AZ-104 in December.

    "Certs... is all about IT certs!"
  • JoJoCal19JoJoCal19 California Kid Mod Posts: 2,834 Mod
    What's next? Profit.

    If you have the experience required for CISM, then I suggest going right into it. There is a lot of overlap and while the CISSP is fresh, it will make it super easy to knock out the CISM. Just grab the online QAE DB and pound on that for 2-4 weeks and take the exam. Like was asked by Daniel, what are your goals? If you want management, GRC, audit, then you want the CISM/CISA/CRISC triad, if you meet the experience reqs. If you want pentesting, look toward CEH/eJPT/eCPPT/OSCP/GPEN. If you want network security then look towards CCNA RS and CCNA Security. Interested in cloud, pursue CCSK/CCSP and then some AWS, Azure, or both.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • DZA_DZA_ Member Posts: 467 ■■■■■■■□□□
    I'm pretty much in the same boat of having to decide what to do next with my life. Given that I've studied for the CISSP for the last 10 months, it's still relatively fresh, and obtaining the CISA/CISM certifications are relatively easy compared to the CISSP. With that being said, it all comes down to what I would like to pursue. That's the problem with Information Security is that its so broad to pick one and focus on one thing only.

    My background is that I did a handful in consulting and operations for Network Security. I've done client engagements for the last several years and now working in a bank. I'm aiming to hit the GRC stream over the 1-2 years once things settle down on my team. For writing the CISM exam, would it make sense to write it now or wait for the new updated curriculum in 2018? Thank you.
  • Info_Sec_WannabeInfo_Sec_Wannabe Senior Member Member Posts: 428 ■■■■□□□□□□
    @joker - Congratulations! icon_thumright.gif

    @DZA_ - Even if it does change, I don't think it will be that significant. :)
    X year plan: (20XX) OSCP [ ], CCSP [ ]
  • DZA_DZA_ Member Posts: 467 ■■■■■■■□□□
    I'm going for the gusto and booking my CISM exam in the next 2 months - gonna go over the QAE first but I don't think its going to be too much for a climb since I've been somewhat reading an older revision of the CISM Study Material / and Cybrary MP3s. I'll post my exam results once I've written it. Thanks for that last final push Info_Sec_Wannabe !
Sign In or Register to comment.