Is CISSP experience only limits to OS/Network related?
As topic, is ISC2 only limits the jobs experiences to OS/Network related? I have few years of experience in procurement software, such as Peoplesoft and many in house applications. They all are web base and used by both in house and outside clients.
Some of my duties
- Configuration gathering (interview clients) and set up software configuration for the clients; including security policies and user access control/model
- Account administration and making sure all requests are SOX compliance
- Training clients
- Helpdesk lead, training analysts
I know Windows very well, just no job experiences to show it.
The area I wanted to go into is pen testing. So I will get the CEH and then the OSCP.
From what I have read, a CISSP associate mean very little if there is no experiences in security.
If none of my experience count, should I continuous to pursuit for the concept base CISSP or go the more hand on CEH, then get the CISSP at a later time?
Thank you.
CW
Some of my duties
- Configuration gathering (interview clients) and set up software configuration for the clients; including security policies and user access control/model
- Account administration and making sure all requests are SOX compliance
- Training clients
- Helpdesk lead, training analysts
I know Windows very well, just no job experiences to show it.
The area I wanted to go into is pen testing. So I will get the CEH and then the OSCP.
From what I have read, a CISSP associate mean very little if there is no experiences in security.
If none of my experience count, should I continuous to pursuit for the concept base CISSP or go the more hand on CEH, then get the CISSP at a later time?
Thank you.
CW
Comments
-
JDMurray
Admin Posts: 13,092 Admin
The professional work experience requirement is limited to the ten domains of the CISSP Common Body of Knowledge. Compare those to your resume and see where you are.You will waive one year of required experience for your Security+ certification.