Need suggestion for CISM

VivekaViveka Posts: 3Member ■□□□□□□□□□
Hi all,

I would like to appear for CISM, but i dont have any prior exp in security. I am working as web developer. After going through the blog I thought may be first I should do my CISSP (to have basics in security) and then to proceed my CISM.

Please suggest me how should I start my career in security ?. ....

Thanks all for your time,



  • dynamikdynamik Posts: 12,314Banned
    If you don't have any experience in security, I think the Security+ is the best place to start. After that, you can become an (ISC)^2 associate by passing either the SSCP or the CISSP. You will remain an associate until you satisfy the certification's prerequisites.
  • JDMurrayJDMurray Certification Invigilator Surf City, USAPosts: 11,284Admin Admin
    You'll need at least three years of information security management work experience to be awarded the CISM. It's unlikely that someone with no InfoSec experience would start immediately in a management position. It's more likely you'll get the work experience to qualify for the SSCP and CISSP first. But regardless, the Security+ is where everyone interested in InfoSec should start.

    Requirements for CISM Certification
  • Fugazi1000Fugazi1000 Posts: 145Member
    JD Speaks the truth.

    If you are a developer, then getting Security+ might be useful to start understanding some of the principles of InfoSec and of vulnerabilities. Then use it to hone your skills and become an expert in producing secure code. That will be a valuable skill and highly in demand.

    I must stress that S+ only scratches the surface.
  • Gennosuke HIGAKIGennosuke HIGAKI Posts: 68Member ■■□□□□□□□□
    You work as web developer, right? You might follow a track in CIW too.

    Available options are rich and broad toward CIW Security Analyst.
  • VivekaViveka Posts: 3Member ■□□□□□□□□□
    Hi everbody..

    Thanks for your valuable suggestion. I have decided to start my security+ course as the first step.

Sign In or Register to comment.