A little confusion as to the requirements for SSCP

Says 1 year of relevant work experience. Does someone need to verify said year? Does it have to be SECURITY related, full time for a year? Reason I ask is because I'm a helpdesk technician at my current job that is in charge of making sure servers are properly running, files get imported properly and put into a workflow for production purposes, and occasionally I have to edit items in several databases. I Was wondering if I ask to be included in the security side a little, and work in it every once in a while, if they would accept that as experience or if it needs to be full time security.

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

webgeek

One year experience in one of the 7 domains....look up what each domain includes and see if your work experience qualifies.

Jasiono

Oh ok!
I was being redirected to the main site for some reason and I didnt see the domains. I thought I was missing something.

Time to ask my employer if I could be included in one of the domains.

JDMurray

What is your professional work experience in Information Security?

Jasiono

Zero experience. I work in a very large company as a help desk technician. The company is a part of Lexis Nexis.

JDMurray

What do you do as part of your help desk duties? Anything to do with security, such as resetting passwords, unlocking accounts, run anti-virus scans, anything to do with diagnostics or logging, etc. Just one year of security-related work experience is what you are trying to scrape up from what you do at work.

Jasiono

Ok I see your logic now.
I update and manipulate data in multiple databases
I unlock user accounts in the active directory, reset their passwords
I do hourly checkups on 60+ servers
Verify that data has been successfully transferred into our building via an ftp program by comparing hash values. I have to pay attention to roughly 6-10 files a day coming in

Jasiono

I can also jam some access control into that since I assign multiple users proxy access to other peoples inboxes for the programs we use to produce documents.

Ill write up a list of exactly what I do and try to match it up with things in the domains.

I was under the impression that I needed to be full time in the securty field for a year.

JDMurray

Jasiono wrote: »

I was under the impression that I needed to be full time in the securty field for a year.

The SSCP profession experience requirements page states that, "You must have a minimum of one year of direct full-time information security work experience in one or more of these seven domains of the (ISC)² SSCP CBK..." The use of the term "work experience" would imply that it is not necessary to actually employed as an InfoSec professional to qualify. It looks like the bulk of your experience so far is in the access control domain.

Have you read through the SSCP Candidate Information Bulletin yet? That's the first thing anyone contemplating the SSCP exam and certification should do.

Jasiono

Yep. I printed it out earlier today with the intent on reading it when I get back home. I plan on creating a binder for my studies and im organizing it the way the bulletin is organized.