CISSP/Career Advice Needed

Hello all:
I’m considering obtaining the CISSP Cert, and I'm trying to get ‘realistic’ advice concerning the opportunities/options that the CISSP would provide me.
I’m 48 years old, and I’m asking for any (brutally honest) advice concerning the realistic options that I have for securing a career in I.T. Security. (Probably Entry-Level)
(I’ve been with Comcast for eight years/Four of those on the Senior-Help Desk)
I currently have: Associates (IT) /Network +/Security +/Certified Ethical Hacker (CEH) and some experience with the OSCP. I found the OSCP to be very challenging.
Any thoughts/insight on the difficulty of CISSP compared to the OSCP or CEH?
I’m experiencing a sense of ‘urgency’ in securing a career, and am open to any/all options.
I’m willing to relocate/travel 100%/Contract/etc.
I’m looking into options such as: Incident Handler/Loss Prevention/Management/
I’m willing to spend a year (self-study) to obtain a CERT that will put me in the 50K to 70k range

If you have any advice/resources/etc., I would certainly appreciate it.
Thanks in advance,
Michael

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

powerfool

Well, certifications really are only a "golden ticket" when it comes to defense contractor work, including the CISSP. The certification is definitely not geared towards entry-level. It is MUCH more difficult than CEH, but I have no idea about the OSCP. Plus you have to document either five years of work within two or more domains of information security work, or a BS and four years of experience in information security work. I am not sure that you would be able to... but it isn't as daunting as one my expect.

Since you are looking into incident handling, maybe you will be more interested in the CHFI, and then focus on the SANS cert after that.

Also, you will probably be better served by finishing out your undergrad studies and get a BS. Take a look at WGU's BS in IT Security degree. You already have an associates' degree and the Security+. You should be able to blast through the A+, Project+, and Windows 7... Honestly, I have witnessed people with an existing associates' degree go to WGU and finish out their BS in one semester; it will probably take you more than that since you only have one fo the certifications in question, though.

Seriously, the BS is the new high school diploma... and that is especially true with this economy, the high unemployment, and so many people going back to school to get a degree, or even a masters' degree.

veritas_libertas

Look at the threads through out this sub-forum: Security Certifications - TechExams.net IT Certification Forums

Be sure to read this thread: http://www.techexams.net/forums/security-certifications/28593-security-certification-where-start.html#post205636

JDMurray

powerfool wrote: »

Well, certifications really are only a "golden ticket" when it comes to defense contractor work, including the CISSP.

I'd have to say certs are rarely a "golden ticket" to any type of job.

Having specific certs will only put a check in a box on a list of qualifications for a job, but there are a lot of boxes on that list for other things, such as work experience, project/program experience, familiarity with specific processes and procedures, and having the proper security clearances.

The only time you will see a report saying that "having the XYZ cert = $100K job" is from training provides that want to sell you cert study materials. Hiring manager don't think in terms of, "If I hire a CISSP I'll have to pay him $NNNK salary" when it comes to certs. They also factor in education and experience for the salary offer.

And finally, having certs on your resume may help you get an interview, but it's the interview that gets you the job.

grauwulf

So, here's the thing. Degrees and certifications are great but experience gets you a job. So when the question is "do you have experience?" you will have to find a way to say yes, and mean it. I would start by asking around at Comcast. You've been there for 8 years so you must know some folks. Find the boss of somebody who is doing the job you want to be doing and talk to them. Let them know that you're a CEH (and everything else) see if they can swing 5 or 10 hours a week for you to jump into the mix. It may not be much but it gets you into the department and that builds experience. If you do a good job you may be able to just take a step to the left. If not then you still have a job, you've also gained experience for your resume, AND you've had a chance to see if this is really what you want to do.

CISSP != CEH not by any stretch of the imagination. Totally different beasts.

In terms of money... I wouldn't focus on that. ... unless you have to. Do what drives you, and the rest will follow. Sounds trite, but it has proven true for me so that's what I have to offer

Good Luck!

securitytech123

Thanks everyone for the replies. Your advice is appreciated!!!!!