CISSP Requirements question

glenyi

Hello all. I only have 3 years work experience at the moment with 1 year in software development and 2 years technical sales. This involves the technical design and support of physical security solutions, including perimeter detection, access control, surveillance and network.

Would this work experience count towards CISSP qualifications? I know I would need a 4th year of experience first. Currently I have ITIL v3 Foundations and am working on Network+, then Security+. I graduated in computer engineering and am fairly confident I can pass these this year.

Any help on the qualifications or advise on certification path would be greatly appreciated

botbill

glenyi wrote: »

Hello all. I only have 3 years work experience at the moment with 1 year in software development and 2 years technical sales. This involves the technical design and support of physical security solutions, including perimeter detection, access control, surveillance and network.

Would this work experience count towards CISSP qualifications? I know I would need a 4th year of experience first. Currently I have ITIL v3 Foundations and am working on Network+, then Security+. I graduated in computer engineering and am fairly confident I can pass these this year.

Any help on the qualifications or advise on certification path would be greatly appreciated

welcome to the forum.
you know, You need 4 years working experience + BS degree. i would suggest that you taking the sec+ and net+ just to get a feel for certifications. Then, take cissp. you don't believe u are qualified but if you past the exam, you can become cissp associate.
good luck

Bl8ckr0uter

you might want to start here

http://www.isc2.org/uploadedFiles/Credentials_and_Certifcation/CISSP/CISSP_for%20Professionals.pdf

glenyi

Thanks for the quick responses. I know that one of the domains are Physical (Environmental) Security, but I'm not sure if my work experience is applicable. I guess this depends on how strict they are when evaluating work experience.

Either way, I was considering doing the Associate as mentioned above while I complete the work requirement.

JDMurray

The Associate designation is a good way to go. A lot of employers seem to only care that you pass the CISSP exam not not have the full certification.

Download a copy of the CISSP Candidate Information Bulletin for the rules and objectives of the CISSP cert.

aethereos

glenyi wrote: »

Hello all. I only have 3 years work experience at the moment with 1 year in software development and 2 years technical sales. This involves the technical design and support of physical security solutions, including perimeter detection, access control, surveillance and network.

Would this work experience count towards CISSP qualifications? I know I would need a 4th year of experience first. Currently I have ITIL v3 Foundations and am working on Network+, then Security+. I graduated in computer engineering and am fairly confident I can pass these this year.

Any help on the qualifications or advise on certification path would be greatly appreciated

Have you considered the SSCP as a starting point? I have both SSCP and CISSP, and I can tell you the SSCP exam experience helped me tremendously. I had less anxiety about the CISSP (that alone made a difference), and maybe it would make a difference to your potential employers if you made it the last pile of contenders, all with CISSP's (there are >65000 CISSP, and only ~900 SSCP holders as of today).

glenyi

Yes I definitely have, but SSCP seems to be much less in demand (looking at job search engines). I'll definitely have to consider it though after the other certs.

Does anybody have an idea if my work experience (perimeter security) will be approved though?

JDMurray

glenyi wrote: »

Does anybody have an idea if my work experience (perimeter security) will be approved though?

Can you relate it to one or more of the domains of the CISSP CBK? Maybe network security or physical security?

glenyi

JDMurray wrote: »

Can you relate it to one or more of the domains of the CISSP CBK? Maybe network security or physical security?

I worked a year in software which had to have secure elements (e.g. database, user passwords). Now I'm in physical security technical sales, but this is usually detection & surveillance around a site's entire perimeter. This of course has network elements, but it's usually a separate isolated fiber optic network and not connected to WAN or a site's LAN even.

So I figure it could be Application Development and Physical (Environmental) Security. I guess I'll have to wait and see!

JDMurray

Realize that simply working with software that has security elements doesn't qualify. Everybody uses passwords and takes reasonable security precautions. The application security is more for people who specifically architect secure software systems, not just follow secure procedures, install and configure security software, etc. With physical security, they are looking for people who actually design/architect physical security systems, or play an active role in managing/enforcing physical security measures.