What Path Should I Take?
Hi all.
I am torn as to which path I should take. I believe I meet the experience requirements to pursue the CISSP but I am not sure if I should go for it immediately or use the SSCP as a stepping stone.
Cumulatively, I have about 6.5 years of IT experience. Based on the domains listed by ISC^2, I estimate my experience in each of the domains to be the following (in months):
(1
Access Control
(3) Application Development Security
(2) Business Continuity and Disaster Recovery Planning
(3) Cryptography
( ) Information Security Governance and Risk Management
(3) Legal, Regulations, Investigations and Compliance
(12) Operations Security
(6) Physical (Environmental) Security
( ) Security Architecture and Design
(6) Telecommunications and Network Security
(53) TOTAL
I need 5 years of experience minus 1 year for having a CompTIA Security+ certification. Four (4) years is 48 months.
What my question is
My experience is between the following year(s):
2001-2005
2005-2007
2011-Present
As you can see there is a gap in the experience I have and the larger numbers 12+ months come from the 2001-2005 years. I am a bit separated from this but it is still something I use today and in much greater amounts (2011-Present). I also recently passed the Security+ exam and received a score of 842/900. Do you think I should go for the CISSP and try to study a bit harder to concepts I don't fully understand from practice exams, and lectures, or should I build my experience with the SSCP first?
Any thoughts?
Thanks.
I am torn as to which path I should take. I believe I meet the experience requirements to pursue the CISSP but I am not sure if I should go for it immediately or use the SSCP as a stepping stone.
Cumulatively, I have about 6.5 years of IT experience. Based on the domains listed by ISC^2, I estimate my experience in each of the domains to be the following (in months):
(1
Access Control(3) Application Development Security
(2) Business Continuity and Disaster Recovery Planning
(3) Cryptography
( ) Information Security Governance and Risk Management
(3) Legal, Regulations, Investigations and Compliance
(12) Operations Security
(6) Physical (Environmental) Security
( ) Security Architecture and Design
(6) Telecommunications and Network Security
(53) TOTAL
I need 5 years of experience minus 1 year for having a CompTIA Security+ certification. Four (4) years is 48 months.
What my question is
My experience is between the following year(s):
2001-2005
2005-2007
2011-Present
As you can see there is a gap in the experience I have and the larger numbers 12+ months come from the 2001-2005 years. I am a bit separated from this but it is still something I use today and in much greater amounts (2011-Present). I also recently passed the Security+ exam and received a score of 842/900. Do you think I should go for the CISSP and try to study a bit harder to concepts I don't fully understand from practice exams, and lectures, or should I build my experience with the SSCP first?
Any thoughts?
Thanks.
Comments
-
xenodamus
Member Posts: 758
Edit: I was commenting to tell you that the Security+ knocks off one year, but then realized you already said that.
If you've been in IT for a number of years I think you could handle the CISSP. I've just accepted a job that requires it within 6 months. Jump on the wagon and we'll race for it!
CISSP | CCNA:R&S/Security | MCSA 2003 | A+ S+ | VCP6-DTM | CCA-V CCP-V -
Jinuyr
Member Posts: 251 ■■□□□□□□□□
haha, would be a cool thought, but alas I'm studying for 2 other certifications at the same time. Busy busy...