CISSP Experience Requirement
Is there any way around the 5 year requirement for experience to take this exam? I have been working in the IT field for 4 years and feel I am ready for this test. How is your experience validated? Thanks!
A.S. - Computer Networking: Cisco
B.S. - Computer & Network Security
B.S. - Computer & Network Security
Comments
Blog: www.network-node.com
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
B.S. - Computer & Network Security
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
Have you current supervisor submit a letter of endorsement.
If you can have previous employers do same.
Don't be surprised if supervisor requests you to write the letter and then they will sign.
Have a CISSP vouch for you.
Forum Admin at www.techexams.net
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
Something similar happened to me but it was just an email from ISC2 saying that they needed better information. I spoke with someone who basically said that I needed to reformat the work experience documents that my endorser submitted to actually include the actual domain information.
Apparently, it's preferable to just submit a list employers, dates, title, and applicable domain instead of an actual resume or CV. About 1 hour after, I sent ISC2 my updated work experience document, I got the official email stating the acceptance.
I hope it works out for you. It doesn't sound based on your description that you have anything to worry about.
If you go into an interview and get hammered with technical security related questions by the security group you will only fooling yourself thinking that because you have a CISSP that you are qualified to make security recommendations in an organization and they will see right through you. Just my tidbit I guess, not looking to offend anyone who is going that route!
While I can see your point, technically the position I hold now doesn't have the word "Security" in my title either, but I still perform Nuclear Cyber Security. Having the word "security" in your title to be considered IT security experience is a little too narrow of a definition in my opinion.
As per https://www.isc2.org/cissp-how-to-certify.aspx,
Note the key word cumulative and the 1 year experience waiver which you can get once your pass your GIAC Security Essentials (Yes. I looked at your profile.
ISC2 does not stop you from taking the exam. You only get the CISSP title after passing both the exam and the work experience endorsement process. And if they deem your experience insufficient, they probably will award CISSP Associate title. After which, you have up to 5 years to fulfil experience requirement and convert from Associate to full CISSP.
Alternatively (and probably the better option), schedule the exam and check the "Yes, I am taking this exam as an Associate" check box. As there are no work experience requirements, you are CISSP Associate after passing. Apply for conversion later.
So go for it if you will be in infosec for the next 5 years