What next after CISSP?

MideMide Member Posts: 61 ■■□□□□□□□□
So I've seen a few postings that recommend getting a CISM after passing the CISSP since they are both similar with regards to most content. My question is...is the CISM really noticable to HR and/or recruiters? Usually most postings I see state only CISSP or (CISSP or CISM). Would going for the second not have the same "payout"?

Comments

  • lamont29lamont29 Member Posts: 27 ■■□□□□□□□□
    Getting the CISM after CISSP would be somewhat redundant. I am CISM & CISA, and as I study and prepare for the CISSP, I am seeing a lot of redundancy. I would recommend that you go for the CISA instead. On the other hand, it wouldn't hurt to have CISM with CISSP, depending upon what you want to do in your career. If you go to Indeed.com and search jobs using the key word "CISM," you'd be quite surprise at the litany of jobs requiring that credential... usually as an alternative to the CISSP.
  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    CISSP is the gold standard...some jobs do list "CISSP or CISM" but CISSP is usually the one that shows up most frequently. Honestly the CISM is a nice to have but you aren't likely to see a major boost from adding it to the CISSP.

    If you are looking for the greatest impact, the CISSP + CISA would provide better coverage than CISSP + CISM.
  • E Double UE Double U Member Posts: 2,228 ■■■■■■■■■■
    I see all three asked for in many job postings where I am so I am doing all three. I did CISSP in 2015, CISM last year, and currently studying for CISA. The overlap makes it easier to pass plus my employer pays for it so why not.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • mattster79mattster79 Member Posts: 135 ■■□□□□□□□□
    I see lots of posting asking for both.

    There is so much overlap between the two you may as well go for CISM. One extra string in your bow!
    CISSP
    CISM
  • Danielm7Danielm7 Member Posts: 2,310 ■■■■■■■■□□
    It depends on the type of roles you're going for. Lots of more technical positions ask for CISSP because they're written by HR, but if you're not going for a management type position I wouldn't bother with the CISM.
  • MideMide Member Posts: 61 ■■□□□□□□□□
    Thanks all for the advice. Yes I agree that it will be an extra feather as I'm already in management. The overlap will at least cover me past the HR filter.
  • Info_Sec_WannabeInfo_Sec_Wannabe Member Posts: 428 ■■■■□□□□□□
    E Double U wrote: »
    I see all three asked for in many job postings where I am so I am doing all three. I did CISSP in 2015, CISM last year, and currently studying for CISA. The overlap makes it easier to pass plus my employer pays for it so why not.

    Same here. Since my employer pays for it (including the membership), I don't mind sitting for the exams. icon_thumright.gif

    As to what to do after I pass the CISSP, I'll probably pursue pentesting (e.g., eJPT, CEH???, OSCP). icon_study.gif
    X year plan: (20XX) OSCP [ ], CCSP [ ]
Sign In or Register to comment.