What next?

PeterHandsPeterHands Member Posts: 86 ■■■□□□□□□□
in CISSP
I have CEH and CISSP.... Im looking to be more achitecture now but I'm feeling I should do CISM as a) its very sought after and b) I should keep the balance between tech and risk governance.

Also I've looked into the CISSP concentrations, but there isn't the info out there comparable with the main CISSP and they don't seem well thought off.

Any thoughts?


ISC2 CISSP, EC-Council C|CISO, CEH, CompTia Security+
· Share on FacebookShare on Twitter

Comments

  • dinger68dinger68 Registered Users Posts: 19 ■■■□□□□□□□
    TOGAF is a good one for architecture.  If not that one then one of the other main architecture frameworks.
    · Share on FacebookShare on Twitter
  • mikey88mikey88 Member Posts: 495 ■■■■■■□□□□
    I've never seen any job postings that ask for CISSP and CISM. But if you have the budget for it and your career goals are aligned with the path, then why not. 


    Certs: CISSP, CySA+, Security+, Network+ and others | 2019 Goals: Cloud Sec/Scripting/Linux

    · Share on FacebookShare on Twitter
  • X5c0rX5c0r Member Posts: 13 ■■■□□□□□□□
    mikey88 said:
    I've never seen any job postings that ask for CISSP and CISM. But if you have the budget for it and your career goals are aligned with the path, then why not. 


    This.  Generally if you check one high level tech cert you'll get your foot in the door.  The more you learn about how the industry reacts to certs on a day to day level the better you can plan your attack.
    · Share on FacebookShare on Twitter
  • laurieHlaurieH Member Posts: 109 ■■■□□□□□□□
    I guess the question to ask yourself is do you need to do a certification in order to know more about architecture? In my experience the certifications are either a good way to get through the HR sift or may be a requirement from a risk point of view. Otherwise why not just learn what you need to know without doing a certification?
    CCNA - expired
    CISSP - live n' kickin'
    My CISSP study apps
    My CISSP study advice blog
    · Share on FacebookShare on Twitter
  • isc2cisspbouncrisc2cisspbouncr Member Posts: 12 ■■■□□□□□□□
    dinger68 said:
    TOGAF is a good one for architecture.  If not that one then one of the other main architecture frameworks.
    Agree that TOGAF and the likes of SABSA are a good idea but note that TOGAF is concerned about Enterprise Architecture nor Enterprise IT Architecture not Enterprise IT Security Architecture.  Enterprise IT Architecture and Enterprise IT Security Architecture are "subordinate" to Enterprise Architecture. 

    ITIL | PMP | Security+ | CISM | CISSP (Endorsing)
    · Share on FacebookShare on Twitter
  • isc2cisspbouncrisc2cisspbouncr Member Posts: 12 ■■■□□□□□□□
    laurieH said:
    I guess the question to ask yourself is do you need to do a certification in order to know more about architecture? In my experience the certifications are either a good way to get through the HR sift or may be a requirement from a risk point of view. Otherwise why not just learn what you need to know without doing a certification?
    CISM does not cover much about architecture.  It's more about management. 
    ITIL | PMP | Security+ | CISM | CISSP (Endorsing)
    · Share on FacebookShare on Twitter
Sign In or Register to comment.