Claiming CISSP

RanMicRanMic Member Posts: 57 ■■□□□□□□□□
I know someone claiming to be a CISSP on their resume and on LinkedIn and they are not. Should this person be ratted out? It irkes me becuase I studied for months and and am very proud and value my cert and this clown just adds it to his resume like it no problem or big deal.

Am I overracting? I think not.

Comments

  • BundimanBundiman Member Posts: 201
    It needs to be called out.

    [h=2]Code of Ethics Canons:[/h]
    • Protect society, the common good, necessary public trust and confidence, and the infrastructure.
    • Act honorably, honestly, justly, responsibly, and legally.
    • Provide diligent and competent service to principals.
    • Advance and protect the profession.
    ​Bachelor of Science, IT - Security Emphasis (Start Date: Apr 1st, 2013)
    ​Bachelor of Science, IT - Security Emphasis (Completed: Apr 25t, 2014)
  • emerald_octaneemerald_octane Member Posts: 613
    Absofreakinglutely. icon_cheers.gif You have to be beyond lazy/cheap to fake this stuff. Why bother?
  • --chris----chris-- Member Posts: 1,516 ■■■■■□□□□□
    Next question, when you see this how do you handle it? Contact the certification granting organization or confront them directly?


  • RanMicRanMic Member Posts: 57 ■■□□□□□□□□
    Roger that! Thanks guys. I just noticed it today and really pi$$ed me off when I saw it.
  • RanMicRanMic Member Posts: 57 ■■□□□□□□□□
    --chris-- wrote: »
    Next question, when you see this how do you handle it? Contact the certification granting organization or confront them directly?

    That was going to be my next question Chris. Thanks for asking.
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,665 Admin
    As a member of the (ISC)2 in good standing, you should report it to the (ISC)2 and let them decide how to proceed. This is assuming that you are 100% certain of your accusation.
  • BundimanBundiman Member Posts: 201
    If it was someone I knew I would handle it. If it was still not resolved then I was pass their information and proof that they claimed to be a CISSP on to ISC2.
    ​Bachelor of Science, IT - Security Emphasis (Start Date: Apr 1st, 2013)
    ​Bachelor of Science, IT - Security Emphasis (Completed: Apr 25t, 2014)
  • RanMicRanMic Member Posts: 57 ■■□□□□□□□□
    Thanks for the info and guidence everyone. I will proceed with caution.
  • cyberguyprcyberguypr Senior Member Mod Posts: 6,882 Mod
    I can't stand CISSPs. Oh wait... icon_smile.gif
  • GoodBishopGoodBishop Member Posts: 359 ■■■■□□□□□□
    Can't you find out whether or not someone is one on the member directory site for ISC2?
  • paul78paul78 Member Posts: 3,016 ■■■■■■■■■■
    GoodBishop wrote: »
    Can't you find out whether or not someone is one on the member directory site for ISC2?

    Yes - if a member is willing to be listed in the directory to be verified - you can verify certification status here - https://webportal.isc2.org/custom/certificationverification.aspx
  • RanMicRanMic Member Posts: 57 ■■□□□□□□□□
    I ran this by one of my other CISSP friends that knows the person and she pointed out that the person is not actually claiming CISSP on his resume or LinkedIn as a Cert, but does say he has "CISSP" skills. The person in question took and failed the test (not knocking that part) so they never got their cert. Maybe they are not technically breaking any rules, but I find it really misleading that he is doing that, and I did ask him about it over the weekend and he reiterated that he is claiming it as a skill. Not sure as a potential employer that I would be ok with that claim. If it was listed as IT security skills or something along those lines maybe I wouldn’t think much about it, but to list CISSP draws more attention. Then again like I said in my first post, maybe I'm overacting.
  • TechGuy215TechGuy215 CISSP, CEH, CHFI, CCNA: R&S, CCNA: Security, ITIL-F, LPIC-1, A+, Network+, Security+, Linux+, Projec Philadelphia, PAMember Posts: 404 ■■■■□□□□□□
    Any perspective employer can verify if someone is a CISSP or not by the verification code on the certificate. If they are trying to fraud someone, they will eventually be caught.
    * Currently pursuing: PhD: Information Security and Information Assurance
    * Certifications: CISSP, CEH, CHFI, CCNA:Sec, CCNA:R&S, CWNA, ITILv3, VCA-DCV, LPIC-1, A+, Network+, Security+, Linux+, Project+, and many more...
    * Degrees: MSc: Cybersecurity and Information Assurance; BSc: Information Technology - Security; AAS: IT Network Systems Administration
  • qwertyiopqwertyiop Member Posts: 725 ■■■□□□□□□□
    RanMic wrote: »
    I ran this by one of my other CISSP friends that knows the person and she pointed out that the person is not actually claiming CISSP on his resume or LinkedIn as a Cert, but does say he has "CISSP" skills. The person in question took and failed the test (not knocking that part) so they never got their cert. Maybe they are not technically breaking any rules, but I find it really misleading that he is doing that, and I did ask him about it over the weekend and he reiterated that he is claiming it as a skill. Not sure as a potential employer that I would be ok with that claim. If it was listed as IT security skills or something along those lines maybe I wouldn’t think much about it, but to list CISSP draws more attention. Then again like I said in my first post, maybe I'm overacting.

    Trust me I know that it can be very misleading. Currently I work for a staffing/recruiting firm and I find that many recruiters will put that they are CISSP, CCNA, VCP and whatever other certifications on-there to attract attention and find potential hires. I've even hears other recruiting companies all some of our recruiters to offer tham a tech job because their LinkedIn profile said they were a CISSP. Mind you my recruiters have no real tech backround.
  • joebannyjoebanny Member Posts: 84 ■■□□□□□□□□
    If all they are saying is that they know "CISSP" like on their Linked in page or any such portal or even on resume, I don't think that is a violation, anyone familiar with the certification process or studying for the exam, boot camping etc should be able to say that, it will be a different story if they are saying they are certified, (a clear violation). So it all depends on what they are claiming- my opinion.
  • thegoodbyethegoodbye Member Posts: 94 ■■□□□□□□□□
    RanMic wrote: »
    I ran this by one of my other CISSP friends that knows the person and she pointed out that the person is not actually claiming CISSP on his resume or LinkedIn as a Cert, but does say he has "CISSP" skills. The person in question took and failed the test (not knocking that part) so they never got their cert. Maybe they are not technically breaking any rules, but I find it really misleading that he is doing that, and I did ask him about it over the weekend and he reiterated that he is claiming it as a skill. Not sure as a potential employer that I would be ok with that claim. If it was listed as IT security skills or something along those lines maybe I wouldn’t think much about it, but to list CISSP draws more attention. Then again like I said in my first post, maybe I'm overacting.
    The person may not be aware it has listed the CISSP as one of his skills. For example, I have CEH as one of my certifications on Linkedin, but it also shows up as one of my skills, even though I never put it there. Ever notice when using LinkedIn that it asks you if, "Does John Doe know about ?" If enough people select endorse for this skill, it will show up on their page.
  • Joel GoldsteinJoel Goldstein Banned Posts: 32 ■■□□□□□□□□
    If you do find that you need to report someone for fraudulently claiming to be a CISSP or simply need clarification as to how to proceed, contact (ISC)2 Member Services at 866-331-4722 ext. 4.
  • NetworkVeteranNetworkVeteran Member Posts: 2,338 ■■■■■■■■□□
    RanMic wrote: »
    the person is not actually claiming CISSP on his resume or LinkedIn as a Cert, but does say he has "CISSP" skills. The person in question took and failed the test (not knocking that part) so they never got their cert. Maybe they are not technically breaking any rules, but I find it really misleading that he is doing that
    He is not making any false claims, so there's likely little you can do. His job is to impress future employers--not make his competition happy. If an employer needs a CISSP, he will be disqualified. If they just need a CISSP skill-set, game on. The same occurs in networking. Resumes will freely list accomplishing portions of certifications, such as "CCIE Written". If the "CCIE" can't prove they know more than the "CCIE Written", that's not such a good thing. ;)
  • emerald_octaneemerald_octane Member Posts: 613
    RanMic wrote: »
    but does say he has "CISSP" skills. The person in question took and failed the test (not knocking that part) so they never got their cert.

    A much more elegant way to say that is "Familiarity with the CISSP CBK", but as far away from the "Certified" column as possible. Too much of a slippery slope for me. Someone could say "Completed CISSP Examination" when they failed it, and have it glossed over by a dreary eyed recruiter.
Sign In or Register to comment.