CISSP questions on studying and career path

TheFORCETheFORCE Member Posts: 2,297 ■■■■■■■■□□
Hello All,
I'm considering taking the CISSP exam (again, for the first time) and just wanted to ask a few simple questions.

1. I haven't registered yet, how long in advance do people usually register? Is it better do register and start studying or is it better to study first, get prepared and then register for the exam?
I feel like i have gaps in some of the domains even though I'm working directly in 2-3 of the domains and have had exposure in some of the other ones and no experience whatsoever in maybe 2-3 of them. I'm afraid that if i register i will feel pressured and it will hurt my progress.

2. My company is offering to pay for the training which from what I've heard costs about 3K (not sure if it includes the exam fee or just the lessons). If i was to take the offer, i would have to agree to a clause, basically, if i take the exam and the company pays for it i will have to stay with the company for 1 year before i consider leaving. If i leave before the 1 year, then i have to pay the money back. I'm approaching 2 years with the company so staying for 1 more isn't an issue but if something better comes along maybe i will have to think about it, considering from where I'm standing right now, there doesn't seem to be room for me for movement because of #4 below. So, maybe it would be better if i don't involved the company at all and just take it on my own?

3 Would you register for training once you have studied on your own for maybe 2-3 months or would you go for the training and then study on your own for 2-3 months?

4. This question is somewhat a career path question and compensation question. The lead of my team and my manager they have been with the company for about 12-15 years each, however, they don't have a CISSP, they are around the same age as me (mid 30s), give or take 2-3 years. If I was to pass the exam, I would have one of the most in demand certifications but i wont be able to become a manager/supervisor or lead because they have been there longer and already hold the position, so this ties with my 2nd question above. At some point i would have to move somewhere else. In the meantime though, could i go to HR and say "I'm CISSP certified, I need to a raise". Does any one have experience on similar situations?

Thanks in advance for the feedback.


  • cyberguyprcyberguypr Mod Posts: 6,927 Mod
    1. Some people register months in advance. Paying for the test solidifies the commitment. I personally started studying in June 2012 and paid the test in October. Took it mid-December that year. I didn't want to pay too early in case life threw a curve ball.

    2. At my previous job I had to sign a 3 year (prorated) agreement for some $3k training, so yours is not that bad. What happens if you are stuck there for 2 or more years? I say take their money now and sign, but plan ahead for repaying if the situation presents itself further down the road. I know guys who were under this agreement and since they left in good terms the company told them not to pay. Can't lose either way.

    That training I signed for was something the company needed, so I took their offer. On the other hand, I did my MCITP:EA and CISSP on my own through self-study. You may want to consider that.

    3. YES! I've seen so way too many people lost at training. I always prepare ahead of time by reading topics related to the course.

    4. You can ask for a raise any given day. However, you must make an intelligent, strategic move, and a few things need to be in place. First, you need to understand how your company promotes or advances pay grades. Do they actually value certs? Know the industry. Do you know what other professionals are making? Can you justify the amount that you'll ask for? How much is it? What benefit will the company see by raisign your salary? How's your performance? An honest assessment here is key. Can you back it up with concrete, tangible examples that show how the company obtained a benefit?

    Finally, be prepared for objections and have a plan to handle those. Come up with creative solutions. If you ask for 20k and they complain, maybe request 10k followed by a revision 6-9 months down the road. Hopefully then you can bring more of those tangible achievements to the table.

    Known fact: the biggest salary bumps normally happen when you switch employers. So everything else above may be a moot point. My pay rises while jumping have been 45% and 38%. Biggest same employer raise I've gotten has been 8%.
  • 5ekurity5ekurity Member Posts: 346 ■■■□□□□□□□
    cyberguypr brings up a lot of excellent points. I'd be surprised if you didn't get some kind of pay bump or other recognition by having the CISSP; obviously they value the cert if they are willing to pay for it, and they value you which is why they are offering to pay for it.

    I'd definitely take the opportunity, and then invest the knowledge you have gained back into the organization to really show them that their investment in you has paid off, which should ultimately lead to nice bump in pay come end of year. Looks good for everyone involved.

    Lastly, if your dream job were to come along and you had to get out of your agreement with your current company, you could always negotiate with your prospective new employer for a signing bonus to help offset or cover the cost of your training.
Sign In or Register to comment.