Putting CISSP in sig block, on resume, and memos?

hustlin_moe20hustlin_moe20 Member Posts: 225
Hey TE,

Just something I had on my mind...

Certified InfoSec professionals sometimes use their certification titles like doctors use their MD, PhD, or DDS titles. They're posted in signature blocks in emails, memos and letters,
ie John A. Doe, CISSP or CISA. You also see them at the top of resumes.

Is this standard use of the cert designation? Is it the norm? Do you guys do it yourselves? Or is this considered being "big headed" or another word that rhymes with rocky? If you do use it in this fashion, have you used more than one at a time like,

John A. Doe, CISSP, CISA, GSEC?

I only ask because I've seen many certified professionals that don't post anything at all. The only way you'd even know they're certified is by asking them.

Just a thought,

Moe.
«1

Comments

  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,663 Admin
    Yes, but use the cert as a professional designation only in the proper context. For example, on a business card where you occupation has something to do with InfoSec, list the CISSP, GSEC, etc. In other context where those certs are unknown or do not apply, just leave it off. There are many situations where putting "Ph.D." wouldn't make sense, and also situations where a "Dr." would prefer to be a "Mr." or "Mrs."
  • flatworldflatworld Member Posts: 89 ■■□□□□□□□□
    Hey TE,

    Just something I had on my mind...

    Certified InfoSec professionals sometimes use their certification titles like doctors use their MD, PhD, or DDS titles. They're posted in signature blocks in emails, memos and letters,
    ie John A. Doe, CISSP or CISA. You also see them at the top of resumes.

    Is this standard use of the cert designation? Is it the norm? Do you guys do it yourselves? Or is this considered being "big headed" or another word that rhymes with rocky? If you do use it in this fashion, have you used more than one at a time like,

    John A. Doe, CISSP, CISA, GSEC?

    I only ask because I've seen many certified professionals that don't post anything at all. The only way you'd even know they're certified is by asking them.

    Just a thought,

    Moe.

    I can picture hustling moe, configuring outlook and adding "cissp" to the signature block, and dreaming of sending out that first email to people with "cissp" in the signature block, awaiting reactions
    Next up: OSCP
  • chrisonechrisone Senior Member Member Posts: 2,006 ■■■■■■■■■□
    I am not trying to be a jerk here but i dont see the point in this post other than for some reason this bothers you, or someone you know with a CISSP. I felt a negative vibe reading your post thats all, if i am wrong i do apologize ahead of time. I dont have CISSP nor do i care about it, nor will i ever pursue it in the future. You have my unbiased opinion that is all.
    Certs: CISSP, OSCP, CRTP, eCPPT, LFCS, CEH, AZ-900, VHL:Advanced+, Retired Cisco CCNP/SP/DP
    2020 Goals:
    Courses: VHL (completed), CQURE: Windows Security Crash Course (completed), eLearnSecurity: WAPTv3 (in-progress), eLearnSecurity: IHRP (completed), BlackHills InfoSec: Breaching the Cloud
    Certs: VHL: Advanced+ (completed), OSCP (completed), SLAE32, OSCE, AZ-500 (in-progress), MS-500, eLearnSecurity: eWPT, eLearnSecurity: eCIR (in-progress)
  • hustlin_moe20hustlin_moe20 Member Posts: 225
    @chrisone - Kind of confuses me on why you would even post in the SSCP/CISSP forum if you don't "care about it, nor will i ever pursue it in the future". I hope you at least respect it's prestige and the respect it carries within the InfoSec and IT communities. If not, I'd love to hear your position on that.

    I'm sure by now Flatworld and JD are used to my antics and this isn't a negative post, it's a simple question. I've been turned grey for my negative posts lol. Why would I post this negatively when I'm sure some CISSPs in this forum do the exact thing I'm posting about?

    @Flatworld - Haven't done it yet but plan to once my endorsement is approved. The other 7 CISSPs I work with wouldn't like it if I did it now.

    @JDMurray - Thanks for the clarification on this. I was wondering why I see it some places and some places I don't.

    Moe.
  • Chris:/*Chris:/* Member Posts: 658
    Just for clarification it is not just done in the InfoSec world. I see it with networking professionals, system administrators and project managers (which by the way is kinda funny when someone does not know the cert). I had a younger guy ask me why someone would call themselves a Pimp in their signature block. I asked him to show me "John Doe PMP".
    Degrees:
    M.S. Information Security and Assurance
    B.S. Computer Science - Summa Cum Laude
    A.A.S. Electronic Systems Technology
  • cablegodcablegod Member Posts: 294
    Moe, this thread was on the front of the forum at the main entry page. That's where he saw it. That's where I saw it and decided to read it. Personally, I would never put a certification in my email signature, memos or any other type of "normal" communication. In my mind, those are resume fodder. I have seen many email signatures as John Doe, MBA or John Doe, CISSP, and anything between. It gives off the wrong vibe to me, even if I had a PhD, I would never sign it as My Name, PhD. It's a sign of arrogance in my mind. When I first started down the certification trail 10+ years ago, a lot of people did it, and it was semi-effective back then, but not so much now, unless it's John Doe, MD.
    “Government is a disease masquerading as its own cure.” -Robert LeFevre
  • veritas_libertasveritas_libertas CISSP, GIAC x5, CompTIA x5 Greenville, SC USAMember Posts: 5,735 ■■■■■■■■■■
    JDMurray wrote: »
    Yes, but use the cert as a professional designation only in the proper context. For example, on a business card where you occupation has something to do with InfoSec, list the CISSP, GSEC, etc. In other context where those certs are unknown or do not apply, just leave it off. There are many situations where putting "Ph.D." wouldn't make sense, and also situations where a "Dr." would prefer to be a "Mr." or "Mrs."

    +1 At my work place it's not unusual to see certifications pop-up in e-mails or business cards. Just don't crazy with a string of certs in your e-mail icon_wink.gif
    Currently working on: Linux and Python
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    cablegod wrote: »
    Moe, this thread was on the front of the forum at the main entry page. That's where he saw it. That's where I saw it and decided to read it. Personally, I would never put a certification in my email signature, memos or any other type of "normal" communication. In my mind, those are resume fodder. I have seen many email signatures as John Doe, MBA or John Doe, CISSP, and anything between. It gives off the wrong vibe to me, even if I had a PhD, I would never sign it as My Name, PhD. It's a sign of arrogance in my mind. When I first started down the certification trail 10+ years ago, a lot of people did it, and it was semi-effective back then, but not so much now, unless it's John Doe, MD.

    I mean why shouldn't you show off your accomplishments? To me, it is a bit unfair for an industry to be so cert crazy and yet you can't even say you achievements. When I get the GCFW and GCIA you better believe those bad boys are going in my email sig. When I get my JD you know where that is headed. If I ever earn a CCIE or GSE or even CISSP, you already know where that is headed.
  • Chris:/*Chris:/* Member Posts: 658
    +1 At my work place it's not unusual to see certifications pop-up in e-mails or business cards. Just don't crazy with a string of certs in your e-mail icon_wink.gif

    Agreed as long as it is at least professional level.
    Degrees:
    M.S. Information Security and Assurance
    B.S. Computer Science - Summa Cum Laude
    A.A.S. Electronic Systems Technology
  • cablegodcablegod Member Posts: 294
    I mean why shouldn't you show off your accomplishments? To me, it is a bit unfair for an industry to be so cert crazy and yet you can't even say you achievements. When I get the GCFW and GCIA you better believe those bad boys are going in my email sig. When I get my JD you know where that is headed. If I ever earn a CCIE or GSE or even CISSP, you already know where that is headed.


    I've had many recruiters/hr people tell me that people whom email their resume in, with a email signature like "John Doe, MCSE, CCNA, MBA, CISSP, A+, etc, etc, etc, etc, etc" get their resume thrown to the bottom of the pile because they think those types are "know-it-alls" and/or full of themselves. They told me that belongs inside the resume. I agree because it seems a bit tacky in my mind unless you are an MD. I think you should extoll your virtues in your resume/CV, LinkedIn, etc, not at the end of every email.
    “Government is a disease masquerading as its own cure.” -Robert LeFevre
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    cablegod wrote: »
    I've had many recruiters/hr people tell me that people whom email their resume in, with a email signature like "John Doe, MCSE, CCNA, MBA, CISSP, A+, etc, etc, etc, etc, etc" get their resume thrown to the bottom of the pile because they think those types are "know-it-alls" and/or full of themselves. They told me that belongs inside the resume. I agree because it seems a bit tacky in my mind unless you are an MD. I think you should extoll your virtues in your resume/CV, LinkedIn, etc, not at the end of every email.

    I shouldn't say I don't every cert. I mean just the "major" one. I think for people in certain job roles, like say a consultant, would actually benefit from having certs in their email signatures, especially when corresponding with clients.


    Why is it any different for an MD?

    I am not attacking you, I am just saying.
  • cablegodcablegod Member Posts: 294
    I didn't take it as an attack, so don't worry :) I'm not attacking anyone either, just sharing in the discussion. I think it's my disdain for any type of "fluff" be it professionally or personally. I hate all of the junk included in any of my paper bills, you know: inserts trying to sell you everything from A to Z. I just want my bill without all of the fluff. That's why I do ebills where I can. I hate listening to hold music, or a voice telling me how great the company is, etc, and then repeat the same thing over and over while you wait. When I go to Lowe's, I am there to potentially buy something from Lowe's, not to donate money to the kids for XYZ that wait for you by the exit doors. Are you following where I'm going with this? :)
    “Government is a disease masquerading as its own cure.” -Robert LeFevre
  • eMeSeMeS Member Posts: 1,875
    Why is it any different for an MD?

    It's different because an MD, like many other credentials, is post-nominally accredited. None of the various certifications discussed here are post-nominally accredited, and should not be appended to anyone's name.

    I'd also point out that nothing discussed here is equivalent in any way, shape or form to earning an MD.

    In many countries, post-nominals are governed by law. Not so in the US, unless you use one of the many post-nominals that are provided for by law (such as MD, CPA, etc..).

    MS
  • hustlin_moe20hustlin_moe20 Member Posts: 225
    Your opinions are the reason I posted this in the first place. Some people think it's ok, some people don't. I wasn't sure of that for sure but it's clear now.

    @cablegod - The recruiters/HR personnel that you speak of are exactally who I was worried about. People that I work with would already know my cert status but a potential employer may think it's arrogant to put the cert in a sig. I guess there's a fine line there someplace.

    Moe.
  • ibcritnibcritn Member Posts: 340
    I don't put them in my signature block, but I have always been tempted....at least for the relevant certifications. I typically follow suite with how the organization handles it...my last company did, so I did, but my current company doesn't so I don't.

    I think if I achieve CISSP I likely will :)
    CISSP | GCIH | CEH | CNDA | LPT | ECSA | CCENT | MCTS | A+ | Net+ | Sec+

    Next Up: Linux+/RHCSA, GCIA
  • rwmidlrwmidl CISSP, CISM, MCSE, MCSA, MCPxAlot Worldwide AvailabilityMember Posts: 807 ■■■■■■□□□□
    The only time I list any certs is in my "work" email - and then I only limit it to the big 3 (GCIH, GSEC, MCSE:Sec). Say I added CISSP, I'd probably change it to CISSP, MCSE:Sec or when I obtain MCITP:EA I'd drop the MCSE, make sense?

    For non-work email, I don't add them. Now, if I did consulting and I had email through my domain (ex: [email protected]) I would add the credentials to my signature as more than likely you would be using that email on a professional level.

    -Richard
    CISSP | CISM | ACSS | ACIS | MCSA:2008 | MCITP:SA | MCSE:Security | MCSA:Security | Security + | MCTS
  • SyntaxSyntax Member Posts: 61 ■■■□□□□□□□
    Honestly unless you REALLY need to assert your authority on particular subject matter (ex. You are writing a Cisco book and you're a CCIE/CCA level something like that), I would leave the alphabet soup off of your email signature, resume header, etc. I would agree with JDMurray and say if on business cards and your job is directly related to it, it would be appropriate to place a professional level certification you have obtained (CISSP, CCNP+, etc). Otherwise you're going to look like someone who is trying to prove something. Actions speak louder than words (or capital letters in this case).
  • flatworldflatworld Member Posts: 89 ■■□□□□□□□□
    Your opinions are the reason I posted this in the first place. Some people think it's ok, some people don't. I wasn't sure of that for sure but it's clear now.

    @cablegod - The recruiters/HR personnel that you speak of are exactally who I was worried about. People that I work with would already know my cert status but a potential employer may think it's arrogant to put the cert in a sig. I guess there's a fine line there someplace.

    Moe.


    HM,

    I also have a lot of certifications, and I do have them in my signature.
    However I'll only have CISSP, and my Oracle 11G DBA cert in there.

    I'll strip out MCITP, MCTS, MCP, Security+ soon.

    A wise CEO I know has told me that alot of people out there may know how to "take tests", but what was studied/learned for a test, can it be applied consistently on the job?
    Next up: OSCP
  • hustlin_moe20hustlin_moe20 Member Posts: 225
    flatworld wrote: »
    HM,

    I also have a lot of certifications, and I do have them in my signature.
    However I'll only have CISSP, and my Oracle 11G DBA cert in there.

    I'll strip out MCITP, MCTS, MCP, Security+ soon.

    A wise CEO I know has told me that alot of people out there may know how to "take tests", but what was studied/learned for a test, can it be applied consistently on the job?

    I might put CISSP in my sig or resume header but we'll see. This is a hot debate! Could get you a job or keep you from getting an interview at all, what a predicament lol.

    Moe.
  • [Deleted User][Deleted User] Posts: 0 ■■■□□□□□□□
    The user and all related content has been deleted.
  • SyntaxSyntax Member Posts: 61 ■■■□□□□□□□
    sabooher wrote: »
    Most of the infosec people at work put certs in their sigs. No disrespect but I think its a little silly. On a resume yes, but every day email does it really matter?

    I really dislike annoyingly long email signatures. People who do that just seem really full of themselves. This is what should be in your email signature:

    Your name
    Your job title
    Your contact info (company you're with, office phone or extension, address, etc)

    That's it. No inspiring quotes, no pictures, no Joe Blow A+, Network+, Security+, CCNA, CCNP, CISSP as it's all just annoying and distracting.
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,663 Admin
    Could get you a job or keep you from getting an interview at all, what a predicament lol.
    Flashing an arm-load of certs can certainly get your resume tossed in the trash. I've done exactly that because it gave me the impression that the person way over-qualified for the position I was hiring for, or would probably be disappointed with the (lack of) training program we had. Those people were probably better off that I didn't waste their time interviewing them, so maybe their mile-long cert listings served them well after all.
  • pinkydapimppinkydapimp Member Posts: 732 ■■■■■□□□□□
    Renewing this debate. I am planning to put this on my resume. Should i list it at the top next to my name, or in the certifications section, or both?

    Do you spell out the entire cert name or just put CISSP?
  • hustlin_moe20hustlin_moe20 Member Posts: 225
    Renewing this debate. I am planning to put this on my resume. Should i list it at the top next to my name, or in the certifications section, or both?

    Do you spell out the entire cert name or just put CISSP?

    I've seen people put it next to their name or in their cert list on their resume. I would say put it in the cert list. Just make sure it's not too far down the list. CISSP is fine. You don't have to spell it out unless you REALLY want to. Some applicants only put relevant certs on their resume. If you want an InfoSec role, no need to place MCDST on there.

    Moe.
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,663 Admin
    On my resume and CV I have a "Certifications" section where I list all my professional certs. I don't put any certs after my name as if they were part of my professional title.
  • RPGChaiRPGChai Member Posts: 15 ■□□□□□□□□□
    Just to comment, since this thread seems to have gotten renewed life...

    I happened to look up the professional designation letters and post-nominal designations for the USA, and CISSP was actually listed there (see the "Other" category). I know Wikipedia is far from the authority of all things, but I thought it was interesting enough to add here.

    http://en.wikipedia.org/wiki/List_of_post-nominal_letters_(USA)
  • beadsbeads Senior Member Member Posts: 1,502 ■■■■■■■■■□
    I have to agree with JDMurray on this one. On a business card, appropriate. Adding to every signature block, not appropriate. In some cases adding CISSP or other certification may be in order if the nature of the message specifically warrants extra consideration, i.e. a post on security when the board is say basic troubleshooting or some such. Then adding to the signature may indeed be warranted. Otherwise it will just take up space and generally be lost on the recipient who most likely wouldn't be impressed in the first place.

    - beads
  • paul78paul78 Member Posts: 3,016 ■■■■■■■■■■
    Theres also a certain level of professional courtesy involved too. I like to know if I get an email from a customer or vendor who I'm dealing with. If the person adds CISA, CIPP, or CISSP,or whatever it help me identify their role.
  • beadsbeads Senior Member Member Posts: 1,502 ■■■■■■■■■□
    Agreed, paul78. Its a matter of keeping things in context. Keeping a separate stack of business cards with and without the post nominals isn't practical for most folks. Corporate emails are most likely to be defined by culture or possibly policy/guidance.

    - beads
  • GoodBishopGoodBishop Member Posts: 359 ■■■■□□□□□□
    Also agree. When you do see a certain cert after a name, like CCIE, you can kind of figure that the person knows a bit about routing. The context helps a lot also when you respond to a question - how technical do you need to be. There are times I simplify things when I talk to folks in the business because they don't care about the technical details, but when I see someone with a technical cert, I can figure that they should have the skills that the cert tests on, and I can take the conversation more technical.
Sign In or Register to comment.