ISC2 Members

RTmarc

It seems like finding someone to endorse you after have successfully completed the SSCP or CISSP exam is an issue for many applicants. While the ISC2 does offer to endorse candidates, I know several people have mentioned they would rather not go that route for whatever reason.

The purpose of this thread is to provide a directory of TE members who are certified and are willing to endorse new candidates. Obviously this is completely voluntary.


Do not think that those of us who are willing to endorse new candidates will "rubber stamp" your application. I would venture to say that most, if not all, will (and should) verify your background and make every effort to contact your references.

---

Marc, CISSP
PM me contact for contact information.

dynamik

Thanks to you, JD, and anyone else who decides to do this as well. It's great to know that this option is available. I could see sponsorship being as large of an obstacle as the experience requirements for some people.

What sort of liability do you have as endorsers? That's one reason I never outright asked anyone here to sponsor me. I love this site, and I don't mean this in a derogatory manner, but it is just a forum on the internet. I thought it would put whoever I was asking in a somewhat awkward position since they would probably want to help but realize they're dealing with someone they don't really know. Do you just have to verify their information or would you be held accountable if the person you sponsored did something illegal or unethical in the future? Just to be clear, I'm not planning on doing anything like that; I'm just curious as to what amount of risk the sponsor takes when he or she sponsors someone.

Thanks again.

shednik

Thats a great idea, I have someone for myself when I'm finally ready to take one of the exams but this will be a great help to many i'm sure.

LarryDaMan

I am studying for the CISSP now and its interesting to see how many people anticipate the endorsement being a problem. This thread is a great idea, but I would suggest for anyone who works in a medium to large sized company, to check with the CLO or Knowledge Management person for a list of CISSPs in your organization

Having CISSPs is a major asset to an organization, so most companies will try to help with that last step.

As for dynamik's question. A endorser cannot possibly be held liable for an endorsee's conduct unless the endorser is knowingly violating the Code of Ethics. How can any of us fully know what eachother's actions will be in the future?

I would guess the number of those that pass the test but don't earn the credential due to endorsement problems is very very small.

JDMurray

It's not possible to know how strongly any endorsement is actually considered in the certification process. The (ISC)2 makes the final judgment to award a certification or not; therefore, the (ISC)2 bears any final responsibility as to the determination of how fit the applicant is. It is likely that the peer endorsement policy was created to reduce the amount of time required by the (ISC)2 itself in certifying applicants, and as an attempt of making sure that fewer ill-qualified people are certified (i.e., the (ISC)2 membership should police its own applicants).

I would assume that the only real liability is if there is an attempt at perpetrating a deliberate fraud by endorsing people who are knowingly not qualified for the certification by the endorser. According to the (ISC)2 standard of ethics, this could get you (the endorser) dragged in front of a board of inquiry and possible stripped of your (ISC)2 certification(s). This would effectively end your career in InfoSec.

Hmmmm...maybe I don't wanna endorse any of you bums.

tdempsey

Hey guys. I just passed the CISSP exam and am seeking an endorser.

I am currently unemployed and reluctant to use my boss at my previous employer for a number of reasons but mainly because I can really only ask him to vouch for my last two years as Security Analyst at that particular company and he really wouldn't be able to vouch for the experience that I had before that. I have nearly 10 years in IT with 5 years of security related experience.

My last position was Security Analyst for a nationwide property management company that lasted for 2 years. Prior to that, I worked for a software company as a tech support engineer that created and deployed HTTP and SMTP content filtration systems. That was also for 2 years.
And before that, I worked for InfoSpace.com as the third shift NOC lead. I also worked a bunch of other jobs there too asI climbed the ranks of what was at the time, a startup. I worked there for a total of 3 years.

I would be happy to provide resume/CV with job descriptions and verifiable references and a copy of my S+ card to anybody who would like to help out so I am not asking for somebody to make a huge leap of faith. I could have ISC2 find somebody and I will if necessary but that seems so impersonal and I thought I would try this way first. This of course would be a service that I would like to pay forward when the time comes to keep the Karma machine chuggin' along.

If anybody is interested, please let me know so I can get the ball rolling.

RTmarc

Send me a PM with your contact information and I'll endorse you. Don't be offended if I contact your references to verify your entries. That's my conditions. If you don't have a problem with it, shoot me a PM.

tdempsey

Thank you very much. I look forward to returning the favor sometime in the near future.

-td