CISSP or SSCP

Hello everyone,

I'm new to the forums and have been reading around although I can't quite figure out which certification would be best for me. I have been in the field as a System Integration / Test Engineer for a little over two years now performing tasks such as system builds (physical and virtual), firewall setups, account management, GPO and Active Directory, networking, vulnerability / compliance upkeep, and software testing / implementation for data protection. Now i'm a pretty technical guy so the SSCP does align more with what I hope to obtain, but don't want to be cut short as I know (or think I know) that the CISSP has more visibility these days in the field. (Everyone keeps saying that I should go for the CISSP)

Do you guys think that I should go straight for the CISSP and become an associate of ISC2 for now and build up to the full certification, or should I go for the SSCP. Also, would it be considerable to get the SSCP and then shoot for the CISSP down the line? The tests as I understand it are very difficult, but that does not deter me as with proper studying and determination I will eventually get it. Just trying to figure out what the best route might be for the highest visibility. (Also I am going for my graduate degree in IT with a completion date of summer 2013 if that counts for anything)

Any input would be greatly appreciated.

Find more posts tagged with

Comments

emerald_octane

CISSP. 2 years current experience if full time + 1 year shaved off for degree or certs = 2 yrs required. Think of it this way, i've got 4 whole years to wait and I still thought it was worth it.

endure

Thanks for the input Emerald, it is much appreciated. I'm definitely thinking I should just go for it.

someslacker

Endure, I was in your situation about 3 months ago. Been in network engineering for decades and am burnt out. Security has always been a secondary job function and something I've always had a keen interest in. I dipped my toes in the infosec certification realm with the Security+ last winter. My next plan was to get the SSCP but work threw me a curve ball and asked what training I wanted this year...well...a 7-day CISSP bootcamp was my choice of course! I just sat the pbt on 8/19/12 and am patiently waiting for the results. While I wait I'm reading Darril's book on the SSCP as I still want to get that certification to round out the trifecta of what I wanted to accomplish. Guess my point is, if you have the time and diligence to study all 10 domains for the CISSP, why not. As Emerald said, it's worth it.

endure

Thanks for the input, I think I will go ahead for the CISSP and maybe thereafter I may also attempt the SSCP. Hope you did well on your exam!

emerald_octane

Keep in mind with the dual cert scenario, you will have to maintain the CPEs and AMF for both (85/yr for CISSP, 65/yr for SSCP). I too am contemplating going for the SSCP particularly so I can have some letters behind my name while I wait for my CISSP to vest, but honestly I think it may be easier to get the professional level certs (CISSP-ISSAP/ISSEP/ISSMP , CCNA -> CCNP).

Vik210

I had the same doubt few months ago. I like info sec and wanted to do CISSP but was not sure whether to do SSCP first or do CISSP directly. After having this discussion on another TE thread, I was suggested CISSP. Following are the comments from a Sr guy (JDMurray) on this forum and I think that helped. I am doing CISSP and planning to attempt by Dec12.

Vik210, if you have the work experience to get the full CISSP certification, go for that and forget about the SSCP. Having the CISSP brings with it the annual need to collect CPEs and pay the AMF. Having the SSCP will add more CPEs and AMF to your load and not give you any more value or recognition in the job market than having both the CISSP and CISA will. Once you have the InfoSec management experience, the CISM is an excellent complimentary certification to have with the other two.

endure

Thanks guys, I've already purchased some material to start my studies for the CISSP. Based on your recommendations I'll shoot for it and skip over the SSCP for now.

JDMurray

Yep, go for the CISSP if you can get it now. After you have the CISSP the SSCP probably won't buy you anything extra, but it will cost you more in the Annual Maintenance Fee you pay to the (ISC)2.