CISSP: passed!

I've passed on 11 March. I've chosen to go for ISC2 Associate for CISSP bacause I don't have full 5 years of experience.

Very challenging exam, I used most of my time (3 minutes have left).

My background:

I worked one year as security engineer and three and a half years as software engineer.

Study materials:

0) Security Engineering by Ross Anderson (available for free here: Security Engineering - A Guide to Building Dependable Distributed Systems).

It's the book that I've read long before my CISSP exam, but for me it was the most important one - this was the book that truely shaped my security mind and taught me how to think like security professional. I recommend it for all wannabe (and current) CISSPs.

1) Paid account on https://www.freepracticetests.org/quiz/index.php - I've done about 3000 questions, achieving 85% at average
2) CISSP Study Guide, Second Edition by Eric Conrad
3) CISSP All-in-One Exam Guide, 6th Edition by Shon Harris

Drilling for the exam I've started from Shon's book, but soon I found it too detail oriented so I switched to Eric's book (which in my opinion is much better siuted for technical oriented persons), but still I ocasionally used Shon's book for studying (especially BCP/DRP and Network/Telco Security domains).

I have one question:

As "ISC2 Associate for CISSP" do I have to gain next five year of experience to become CISSP or can I combine my previous experience?

mzet

Find more posts tagged with

Comments

CoolAsAFan

Congratulations and welcome to TE!

I believe you can use your previous experience as long as it encompasses one of the CISSP domains, which your one year as a security engineer does. You can also knock off another year for certain certs and/or a degree I think.

cyberguypr

Congrats!

maharaliel

Congrats.

mzet

Thanks guys!

Actually I was wondering if my experience as software engineer also counts as CISSP experience - our team follows quite formalized software development methodology with security testing integrated into the process. We perform automated black-box testing of our software and do peers source code review. We also have security training (focusing on secure code development and testing techniques). But as I've already written my current official position is: Software engineer. Does it count? Guys what do you think?

mzet

zxbane

Mzet,

Congrats, and in regards to your question I think you have a solid case for your previous experience counting, and only needing to get another 1.5 years to reach the full five but I am sure others will chime in with their opinions as well. If I were you I would submit it once you reach the 5 year mark and describe it as you did above.

cgrimaldo

Congrats!

Meat

congrats

MSP-IT

Sounds like you don't have much time to go until you're able to qualify. I'd say that your time spent as a software engineer would most likely count towards the CISSP.

And as always, congrats!

Alamjan

Congrats !