ISC2 Professional Can Only Endorse 1 year

egrizzly

Hi all,

I worked at a SOC for 1 year and my supervisor was an ISC2 Certified Professional (a CISSP).  My prior job history before this (where I had experience within the 8 domains) had no ISC2 professionals there.  Since the CISSP supervisor is only able to attest to my work experience for just 1/5 required years, when going for endorsement at ISC2 is it better just to request that ISC2 conduct the endorsement, or do I request just 1 year endorsement from the CISSP supervisor, then have 4 more years remaining.

At the ISC2 website there is no option to have a mixed/hybrid endorsement so this situation is a bit confusing 

SteveLavoie

As written on ISC2 website:

The (ISC)² certified professional is anyone who:

• Is able to attest to your professional experience
• Is an active (ISC)² credential holder in good standing

The endorser will attest that your assertions regarding professional experience are true to the best of the endorser’s knowledge, and that you are in good standing within the cybersecurity industry. You will need the endorser’s member/certification number when filling out the online application.

It is to your endorser to decide if he want to endorse you. I did endorsement for a customer with whom I was in contact for more than 5 years.

Whatever you decide, the only thing that it change is the time to get endorsed. If you ask ISC2 to endorse you, it will take 6-8 weeks. If someone endorse you, you will get the endorsement confirmation in less than 1 week.   

egrizzly

Yeah, but what I'm saying is that I need endorsement for 5 years of experience.  However, the CISSP guy that can endorse me only knew me as a co-worker for 1year.  So even if he endorses me for that one year, he does not know of my previous work history before that leaving 4 years remaining to be endorsed on.

advanex1

It's why you provide references so that they can verify your experience. Regardless of how long they've known you.

Danielm7

I had a manager endorse me, he listed that he only knew me for 1.5 years, but vouched for my experience, it wasn't a problem. I also mapped out my resume with the (10 at the time) domains over a period of 15 years so I guess they weren't all that worried about it. 

JDMurray

I have endorsed people who I did not personally work with. I met them for lunch, had a long conversation with them about their career as if I were interviewing them for a job, and determined if they had the professional work experience to satisfy the requirements of the CISSP. You can chat with people just a short time and discover if they have been around the InfoSec game a while or not.

bigdogz

This is true but there still must be a validation process.
I can talk to the guy for an hour to know that he has worked in InfoSec a while but I still verified the employment because that is part of the process.

Regards

bigdogz

@egrizzly

I don't know what happened with your endorsement but I hope things went well. Just remember that the endorser will audit all of your experience.

... and congrats on the pass.

MitM

While I knew some people with their CISSP, I decided to let ISC2 endorse me.  I didn't want to have to rely on other people

bigdogz

@MitM I would have done it for you bro. I got your back.... Unless you are female, then you should change your name to WitM... LOL!!!

MitM

bigdogz said:

@MitM I would have done it for you bro. I got your back.... Unless you are female, then you should change your name to WitM... LOL!!!

haha thanks big dog

LordQarlyn

I had ISC2 vet my experience. I did have to provide proof of my work history I listed as experience for the domains, but that wasn't difficult. The entire process took about two weeks.

mikey88

LordQarlyn said:

I had ISC2 vet my experience. I did have to provide proof of my work history I listed as experience for the domains, but that wasn't difficult. The entire process took about two weeks.

I did the same. Probably the most straight forward process. I asked some CISSPs I knew to endorse me, but some will act like you're asking their endorsement to lead men into battle on the frontline... 

It's not a big deal, just do your due diligence, verify experience and help out fellow IT professionals. 

bigdogz

Agreed, it's not a big deal. Some are worried of being audited. I just document my process and there are no issues.

LordQarlyn

mikey88 said:

LordQarlyn said:

I had ISC2 vet my experience. I did have to provide proof of my work history I listed as experience for the domains, but that wasn't difficult. The entire process took about two weeks.

I did the same. Probably the most straight forward process. I asked some CISSPs I knew to endorse me, but some will act like you're asking their endorsement to lead men into battle on the frontline... 

It's not a big deal, just do your due diligence, verify experience and help out fellow IT professionals. 

I used the analogy of asking them to perform satanic rituals but yeah, I often got the same look of discomfort when I asked CISSP holders for endorsement.