Passed!

eMeSeMeS Member Posts: 1,875
Took this one today and passed with an 814...I was surprised because my travel schedule limited my study time.....

I don't want to open a can of worms, but I went after Security+ because of a lack of security credentials (not a lack of experience). Any thoughts on what is the best high-level security cert to attain? I am an independent consultant, specializing mostly in ISO/IEC 20000 implementations, and am hoping to bring something extra to the table in terms of information security (in my opinion, ITIL v2.0 addresses security as almost an afterthought, v3.0 does a little better, but I think a specific and respected credential in this area can go a long way).

Thanks,

MS

Comments

  • eMeSeMeS Member Posts: 1,875
    110 views and no one has thoughts about which direction I should take for a higher level security cert?
  • dynamikdynamik Banned Posts: 12,314 ■■■■■■■■□□
    I think part of the problem is that many people aren't that familiar with ISO/IEC 20000 and the ITIL certifications (myself included). It's hard to give advice when you're not familiar with a person's background and future goals. For more "hands-on" type work, you could look at CEH, CFHI, SSCP, CCSP, but if you're looking at more of a managerial role, you would be better off with the CISSP and/or CISM. It would probably help if you detailed your past experience better and gave some indication of where you would like to go.
  • sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    Congrats on the pass.

    CISSP is probably the most widely recognized security certification. Like the Security+ it is not a hands-on certification, but covers a wide range of security topics (known as the CBK - Common Body of Knowledge).

    For hands-on you'd want something more along the lines of SANS or vendor-specific certification such as Cisco CCSP.
    All things are possible, only believe.
  • eMeSeMeS Member Posts: 1,875
    Thanks guys...I'm definitely not looking for something to validate "hands-on" experience or ability...

    The work that I do is more high-level, in the following general areas: policy, guidance, process, assessment, improvement, adoption, achievement of international standards, IT governance, and education.

    There are some ISO standards pertaining to information security (e.g., 17799, 27001, and 27006)....I have experience and familiarity with these, however, there is currently no credential (such as the ISO 20000 Consultant Certificate) that I am aware of that can validate knowledge and experience with these standards.

    Do any of the non-hands-on certs mentioned cover these topics in detail?

    Thanks,

    MS
  • dynamikdynamik Banned Posts: 12,314 ■■■■■■■■□□
    They definitely overlap with a lot of that material. Research them a bit and see if they provide what you're looking for.

    https://www.isc2.org/cgi-bin/content.cgi?category=1331
    http://www.isaca.org/Template.cfm?Section=CISM_Certification
Sign In or Register to comment.