Is CISSP for me?

brownwrapbrownwrap Member Posts: 549
I took a brief look at the requirements for CISSP and I am not sure if I qualify. I have been a UNIX sys admin since '88. I spent the last five years of of previous job backing up huge amounts of satelite data, over 80 terabytes. I now have an SA job that requires security scans, and fixes, in addition to the typical SA work. I saw a job with the company, in a location I would prefer to be in, but it required a CISSP. I had thought about cets in Linux and Solaris, but maybe this is the route to go. Thanks.

Comments

  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,661 Admin
    You should have several years of solid work experience in several of the CISSP CBK domains before taking the CISSP exam. The CISSP is more to the business and management side of InfoSec than technical. Look at the SSCP cert for technical InfoSec. But a lot of job reqs only recognize the CISSP, so many technical people are stuck having to go for it.
  • hustlin_moe20hustlin_moe20 Member Posts: 225
    brownwrap wrote: »
    I took a brief look at the requirements for CISSP and I am not sure if I qualify. I have been a UNIX sys admin since '88. I spent the last five years of of previous job backing up huge amounts of satelite data, over 80 terabytes. I now have an SA job that requires security scans, and fixes, in addition to the typical SA work. I saw a job with the company, in a location I would prefer to be in, but it required a CISSP. I had thought about cets in Linux and Solaris, but maybe this is the route to go. Thanks.

    CISSP could be the way to go depending on if you're moving towards InfoSec as a career. If it's just a good IT job you're looking for, then it may not be what you want. It requires lots of upkeep to maintain the cert also. Not to mention the focus it takes to pass the exam.

    Moe.
  • brownwrapbrownwrap Member Posts: 549
    JDMurray wrote: »
    You should have several years of solid work experience in several of the CISSP CBK domains before taking the CISSP exam. The CISSP is more to the business and management side of InfoSec than technical. Look at the SSCP cert for technical InfoSec. But a lot of job reqs only recognize the CISSP, so many technical people are stuck having to go for it.


    I'd like to stay on the tech side, but I had to register on a site for my job last week, and in order to not be required to HAVE a CISSP, I had to dumb down my qualifications. There didn't seem to be any rhyme or reason to what it was looking for, but in the end I was required to only have a Security+ certification, which I just passed. Unfortunately a couple of jobs I have been eyeing, which are system admin positions, require the CISSP.
  • hustlin_moe20hustlin_moe20 Member Posts: 225
    @Brownwrap,

    Doesn't really make sense does it? I ran into the same problem when looking for really intriguing roles so I went ahead and took the CISSP. If you can't beat 'em join 'em.
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,661 Admin
    I really wouldn't worry about the "technical vs. business" orientation of security certs. Many hiring managers do not understand the details and nuances of specific certifications; they are only looking for some indication of good knowledge, experience, and initiative in a job candidate. And just studying for the CISSP is an excellent opportunity to learn a lot of great InfoSec information that you wouldn't have picked up otherwise.
  • ibcritnibcritn Member Posts: 340
    Many require the CISSP because of the Hype for sure, but also because it meets some of the higher DDoD 8570 requirements for both technical and managerial roles.
    CISSP | GCIH | CEH | CNDA | LPT | ECSA | CCENT | MCTS | A+ | Net+ | Sec+

    Next Up: Linux+/RHCSA, GCIA
Sign In or Register to comment.