Query (ISC)2 for Experience?

CrazyAL · April 2012

Hi guys – I've recently finished CCNP and have started studying for CCNA Security. I’m currently researching CISSP and wondering if it’s attainable for me. I’ve worked for a major oil company for 6 years. 3 of those years I know will count towards the (ISC)2 domains – PCI compliance, DR/BCP, network security, and encryption (deployment/support of Thales HSM and HP Atalla). I have a four year business/IT degree as well as an MBA which would subtract 1 year from the 5 required. So, I have about 1.5 years of experience that I’m wondering if it “counts”. Those 1.5 years have been spent working in projects, coordinating builds of infrastructure platforms for an integrated application suite (automation tools). During that time, I’ve worked to coordinate DR/BCP solutions for the tools. I’ve also worked with risk assessments and penetration testing on the tools.

Here’s my question, I’ve read a thread or two on here that mentions querying (ISC)2 about your experience – how do you do that? I have a sponsor lined up, but I’d like to validate my last year of experience before I get too far into this. So, if I could get an (ISC)2 rep to say it sounds okay, then I think I would be happy to get started. Any advice on how to query (ISC)2 regarding experience would be much appreciated.

Thanks,

JDMurray · April 2012

Welcome to TE!

You can email the (ISC)2 your InfoSec work experience and they will give you their opinion if you currently qualify for the full CISSP certification or not. Anyone can take the CISSP exam at any time, but you need the work experience to get the full cert, otherwise you will be awarded the "Associate of the (ISC)2" designation and given up to six years to collect the requisite experience. Also, you do not need an endorser until after you have passed the exam and have the minimum necessary work experience.

The email address I always recommend is registrar@isc2.org.

CrazyAL · April 2012

That's what I needed to know - thanks very much. The person I plan to ultimatley use as an endorser seemed to think I should qualify, but I told him I would bounce it off an (ISC)2 rep. and let him know the response....

thanks again

JDMurray · April 2012

Even if you don't have the required experience now, you can still take and pass the CISSP exam, and then finish certifying when you have collected the experience. You have up to six years after passing the CISSP exam in which to do so.

Rick1 · April 2012

Sounds like you have it. Finagle your resume around the domains and it's a done deal. Hitting 2 domains is subjective. I hit 5 as an it guy in the army alone (8 after). Document experience in your resume and let the jury decide. There is no shame in being an isc2 associate -)

CrazyAL · April 2012

Got a repy back from (ISC)2 today after writing up a pretty detailed note to them:

Thank you for your email.
Unfortunately, we are unable to determine a candidate’s professional experience. As a professional, you must make this determination. If you would like further information on the experience requirements, please click on the following link which will take you to the professional experience section of the (ISC)2 website. http://www.isc2.org/cissp/default.aspx

Based on that, I'm going to start studying with the intent for full CISSP certification after passing the test. The endorser I have lined up is pretty familiar with my work exp. and he seemed to think I was qualified. So I guess the journey begins.

Cheers guys,

Query (ISC)2 for Experience?

Comments