Which security certification to do

mirror51mirror51 Member Posts: 84 ■■■□□□□□□□
edited February 2020 in Cybersecurity

Guys if these are the job requirements , which security certification should i do .

Develop, implement and maintain security governance, including but not restricted to security frameworks, policies and standards Third Party Risk Management, Incident Response Plans, IS18 Assessments, ISMS creation, Business Impact Assessments, Threat and Risk Management

Solid Knowledge of risk management guidelines and frameworks such as ISO27005, ISO31000, OCTAVE and NIST 800-30

<span>In-depth experience of risk assessment, security best practice and practical application of security controls in an enterprise environment</span><br>

I am currently Devops engineer and have all AWS certifications
· Share on FacebookShare on Twitter

Comments

  • tedjamestedjames Member Posts: 1,182 ■■■■■■■■□□
    CISSP
    · Share on FacebookShare on Twitter
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    To me this screams CRISC. Are you changing roles? Big jump form DevOps to risk.
    · Share on FacebookShare on Twitter
  • JohnBMDJohnBMD Member Posts: 1 ■□□□□□□□□□
    CISM. Great for management and knowledge of aligning a security program to a governance framework.
    · Share on FacebookShare on Twitter
  • SteveLavoieSteveLavoie Member Posts: 1,133 ■■■■■■■■■□
    CISSP is the "generic black belt" for that kind of requirement ;)
    · Share on FacebookShare on Twitter
  • egrizzlyegrizzly Member Posts: 533 ■■■■■□□□□□
    CISSP certification covers 95% of this Mirror51
    B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+
    · Share on FacebookShare on Twitter
  • JDMurrayJDMurray Admin Posts: 13,094 Admin
    edited June 2020
    I agree with @cyberguypr. CRISC is the cert--CISSP and CISM are not deep enough. That is a huge career path change from being an AWS developer. You'll never write a line of code in your new profession.
    Forum Admin at www.techexams.net
    --
    Credly
    LinkedIn
    Twitter
    · Share on FacebookShare on Twitter
  • E Double UE Double U Member Posts: 2,233 ■■■■■■■■■■
    CISSP and ISACA certifications would cover those topics just for gaining knowledge, but if that is a job posting that requires "experience" in those areas then going after a certification without the skills is pointless. If you have zero experience in the areas required for the role then I highly doubt that a certification will get you over the hump. 

    Just my $0.02
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
    · Share on FacebookShare on Twitter
  • balancebalance Member Posts: 244 ■■■■■□□□□□
    CRISC  all day long .    as stated before by other uses . CISSP  and CISM  are just not deep enough.
    · Share on FacebookShare on Twitter
  • bigdogzbigdogz Member Posts: 881 ■■■■■■■■□□
    I agree with cyberguy as well. This certification is all about risk.
    One issue that you may have is that the the HR or hiring manager may want the CISSP as it is more well known but not as applicable.
    · Share on FacebookShare on Twitter
  • balancebalance Member Posts: 244 ■■■■■□□□□□
    You could go  CISSP, CISM,CRISC   in that order  but it is gonna suck 
    · Share on FacebookShare on Twitter
Sign In or Register to comment.