Which Job Titles Count As Direct Experience For CISSP?

egrizzlyegrizzly B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+Member Posts: 304 ■■■■□□□□□□
Hi all. For the 5 year experience requirement for the CISSP it does not really indicate exactly which specific job title is approved.  The language just says "experience in any of the eight domains" of the CISSP.  So here then are they gonna approve the following job titles where the roles include integrated exposure to the eight domains in addition with other IT responsibilities:

Deskside Support (includes Asset Security, as well as Identity/Access Management)
Helpdesk Support (Roles include exposure to Identity & Access Management, Asset Security, Network Security)
System Analyst (Roles include exposure to Identity & Access Management, Asset Security, Network Security)
Database Admin (Database admins have exposure to Identity & Access Management as they have to add, update, remove access permissions to DB users)

I think you all see my point.  Although none of these job titles are Security Analyst, Identity & Access Manager, or SOC Analyst they all include daily responsibilities where the individuals have to perform tasks within those domains. 

So would the above 4 job titles then count as experience towards the 5 year requirement for CISS?

Comments

  • advanex1advanex1 CASP, MCSA 2016, MCSA 2012, CCNA, Security+, Network+, Project+, Server+ Member Posts: 364 ■■■■□□□□□□
    I wasn't aware the job titles mattered. They are only looking for experience within the domains. Job titles.. they could care less. I don't even know why that would be a qualifying factor.
    Order of Certifications to come: CISM, C|EH, CISA
    2019 certification tests taken: CISSP (Passed - awaiting endorsement), MCSA: 2016 (Passed), CCNA (Re-certification - Passed)
    Currently Reading: CISM: All-in-One
    New Blog: https://jpinit.com/blog
  • That Random GuyThat Random Guy Member Posts: 45 ■■■□□□□□□□
    advanex1 said:
    I wasn't aware the job titles mattered. They are only looking for experience within the domains. Job titles.. they could care less. I don't even know why that would be a qualifying factor.
    Of the jobs he's mentioned, would you say that passes under the domains considered? I'm likely in the same boat but I don't dwell in cyber security.
  • PCTechLincPCTechLinc CISSP, CHFI, CEH, MCSA Server 2008, Project+, Security+ce, Server+, Network+, A+ King City, CAMember Posts: 631 ■■■■■□□□□□
    The job titles do not mean anything when you submit your application for review.  When you post your credentials for a certified member to review, it asks specifically about the duties that you performed while in those positions, and the total cumulative experience you have in each domain.
    Master of Business Administration in Information Technology Management - Western Governors University
    Master of Science in Information Security and Assurance - Western Governors University
    Bachelor of Science in Network Administration - Western Governors University
    Associate of Applied Science x4 - Heald College
  • egrizzlyegrizzly B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+ Member Posts: 304 ■■■■□□□□□□
    The job titles do not mean anything when you submit your application for review.  When you post your credentials for a certified member to review, it asks specifically about the duties that you performed while in those positions, and the total cumulative experience you have in each domain.
    You're kidding me!!! So you saying that something like Help Desk roles which I have probably a good 10 years of experience in.  They would consider that for the 5 year requirement since a significant amount of helpdesk is Endpoint Security (specifically the use of endpoint security solutions such as McAfee Antivirus, Symantec Antivirus, etc) to remove malware from endpoints (Laptops, Workstations, etc)
  • advanex1advanex1 CASP, MCSA 2016, MCSA 2012, CCNA, Security+, Network+, Project+, Server+ Member Posts: 364 ■■■■□□□□□□
    edited October 2019
    @egrizzly That is correct. If you're dealing with Identity & Access Management (Active Directory, PKI, etc) and if you're doing asset security (this is fairly broad), as well as, network security.. your roles do not matter. If you passed the exam and if you have 5 or more years in 2 or more domains.. you're good. It's why the 5 year requirement really isn't hard to meet. You basically just have to have worked in IT for the last 5 years.

    Let me be clear here though.. if you put I've had "exposure" to technologies.. that's not the same as working or active experience. Don't get those two mixed up.
    Order of Certifications to come: CISM, C|EH, CISA
    2019 certification tests taken: CISSP (Passed - awaiting endorsement), MCSA: 2016 (Passed), CCNA (Re-certification - Passed)
    Currently Reading: CISM: All-in-One
    New Blog: https://jpinit.com/blog
  • advanex1advanex1 CASP, MCSA 2016, MCSA 2012, CCNA, Security+, Network+, Project+, Server+ Member Posts: 364 ■■■■□□□□□□
    That Random Guy said:
    advanex1 said:
    I wasn't aware the job titles mattered. They are only looking for experience within the domains. Job titles.. they could care less. I don't even know why that would be a qualifying factor.
    Of the jobs he's mentioned, would you say that passes under the domains considered? I'm likely in the same boat but I don't dwell in cyber security.
    100%. Job titles do not matter. If he can explain how he worked in those domains effectively for at least 5 years.. it doesn't matter.
    Order of Certifications to come: CISM, C|EH, CISA
    2019 certification tests taken: CISSP (Passed - awaiting endorsement), MCSA: 2016 (Passed), CCNA (Re-certification - Passed)
    Currently Reading: CISM: All-in-One
    New Blog: https://jpinit.com/blog
  • egrizzlyegrizzly B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+ Member Posts: 304 ■■■■□□□□□□
    @advanex1  this is a breath of ocean fresh air!!!  I have 20+ years experience in IT pretty much doing either Network Support, Help Desk, or lately, Cybersecurity.  All of these have major elements of security as part of the main job duties.  Well, I'll certainly start the process immediately.

    Would you need statements from former co-workers/managers or anything of that nature? ....or are the folks at ISC2 basing this on the honor system where they trust you'll be honest in how you were involved in security in the past roles?
  • advanex1advanex1 CASP, MCSA 2016, MCSA 2012, CCNA, Security+, Network+, Project+, Server+ Member Posts: 364 ■■■■□□□□□□
    You're going to have to provide contact information for former supervisors/individuals who can vouch for your work history anyways. All that matters is how you write and submit your experience. You need to write your job description/work duties to be in line with those domains and be sure that your coworkers/supervisors agree and can confirm that you did them. If you didn't work in those domains or in those duties, then when they call to verify your experience you wouldn't pass the endorsement test. Just make sure you're telling the truth and you'll be good to go.
    Order of Certifications to come: CISM, C|EH, CISA
    2019 certification tests taken: CISSP (Passed - awaiting endorsement), MCSA: 2016 (Passed), CCNA (Re-certification - Passed)
    Currently Reading: CISM: All-in-One
    New Blog: https://jpinit.com/blog
  • lucky0977lucky0977 Senior Member Member Posts: 218 ■■■■□□□□□□
    It's easier if you have a friend/co-worker who possesses a CISSP to validate your work experience. It almost appears as though you'll have someone at ISC2 validate your work experience. In that case, you may get lucky and they take your word for it, accept the information you provided and award you the certification or they may actually do their due diligence and do an actual audit. But from my experience, all they want is your money.  
    Bachelor of Science: Computer Science | Hawaii Pacific University
    CISSP | CISM | CISA | CASP | SSCP | Sec+ | Net+ | A+
  • beadsbeads Senior Member Member Posts: 1,459 ■■■■■■■■□□
    Anything you want to assign on to as having security experience. Its a rule that I doubt has ever really been enforced pas the time we (the ISC(2)) changed from quality of the candidates to purely getting the numbers up.
  • egrizzlyegrizzly B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+ Member Posts: 304 ■■■■□□□□□□
    beads said:
    Anything you want to assign on to as having security experience. Its a rule that I doubt has ever really been enforced pas the time we (the ISC(2)) changed from quality of the candidates to purely getting the numbers up.
    Wow, you're affiliated with ISC(2) ?  Thanks for the insight from your side of the CISSP endorsement world.
  • egrizzlyegrizzly B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+ Member Posts: 304 ■■■■□□□□□□
    lucky0977 said:
    It's easier if you have a friend/co-worker who possesses a CISSP to validate your work experience. It almost appears as though you'll have someone at ISC2 validate your work experience. In that case, you may get lucky and they take your word for it, accept the information you provided and award you the certification or they may actually do their due diligence and do an actual audit. But from my experience, all they want is your money.  
    Thanks for the valued opinion @lucky0977 .  I'm certainly going to start lining up those individuals from my work history.  Just out of curiosity, how was your endorsement experience with ISC2?  Can you share how long it took from the time you filled out the form on their website to when you got your official notification that you had been endorsed as CISSP?
  • lucky0977lucky0977 Senior Member Member Posts: 218 ■■■■□□□□□□
    egrizzly said:
    lucky0977 said:
    It's easier if you have a friend/co-worker who possesses a CISSP to validate your work experience. It almost appears as though you'll have someone at ISC2 validate your work experience. In that case, you may get lucky and they take your word for it, accept the information you provided and award you the certification or they may actually do their due diligence and do an actual audit. But from my experience, all they want is your money.  
    Thanks for the valued opinion @lucky0977 .  I'm certainly going to start lining up those individuals from my work history.  Just out of curiosity, how was your endorsement experience with ISC2?  Can you share how long it took from the time you filled out the form on their website to when you got your official notification that you had been endorsed as CISSP?
    Can't remember. I think it was a month
    Bachelor of Science: Computer Science | Hawaii Pacific University
    CISSP | CISM | CISA | CASP | SSCP | Sec+ | Net+ | A+
  • egrizzlyegrizzly B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+ Member Posts: 304 ■■■■□□□□□□
    lucky0977 said:
    egrizzly said:
    lucky0977 said:
    It's easier if you have a friend/co-worker who possesses a CISSP to validate your work experience. It almost appears as though you'll have someone at ISC2 validate your work experience. In that case, you may get lucky and they take your word for it, accept the information you provided and award you the certification or they may actually do their due diligence and do an actual audit. But from my experience, all they want is your money.  
    Thanks for the valued opinion @lucky0977 .  I'm certainly going to start lining up those individuals from my work history.  Just out of curiosity, how was your endorsement experience with ISC2?  Can you share how long it took from the time you filled out the form on their website to when you got your official notification that you had been endorsed as CISSP?
    Can't remember. I think it was a month
    Nice, nice! ....this is sounding very promising.
Sign In or Register to comment.