Question about CISSP experience

ibcritnibcritn Member Posts: 340
Hi Guys,

My question is in regards to the experience required for CISSP. I worked at Best Buy for Business/Geek Squad for an extended period of time (enough to satisfy CISSP), 1 year as a Systems/Security Admin after that and now work solely in Information Assurance.

I am preparing for my CISSP certification and my experience from BB/GS was hitting several domains as I was focused on small business support/needs. I covered network security, malware analysis/eradication, and designed Backup and Disaster recovery solutions.

Do you think this will qualify for CISSP? I might be able to get a sponsor for it, but I do think I will have to have ISC2 audit me....and not sure if they will just blow me off because of the company (Best Buy/Geek Squad)

Thanks in advance for any responses.
CISSP | GCIH | CEH | CNDA | LPT | ECSA | CCENT | MCTS | A+ | Net+ | Sec+

Next Up: Linux+/RHCSA, GCIA

Comments

  • apr911apr911 Member Posts: 380 ■■■■□□□□□□
    Having worked for Best Buy Geeksquad in both the public and business facing portions, I can say, I would be hard pressed to endorse anyone asking me to endorse their CISSP on the grounds of Geeksquad experience.

    Additionally, within the ISC2 endorsement document, it states additional requirements to endorsement. One of which is that the position, regardless of whether it is in security, must be a professional position. It goes on to state that "Professional work is usually compensated by salary, retainer, fee, or commission rather than per hour. It is, by definition, exempt from the wage and hour laws."

    Something which, last time I checked, did not apply to geeksquad personel.

    So I guess the answer to your question is most likely no.
    Currently Working On: Openstack
    2020 Goals: AWS/Azure/GCP Certifications, F5 CSE Cloud, SCRUM, CISSP-ISSMP
  • ibcritnibcritn Member Posts: 340
    Hi Apr911,

    Thank you for your feedback. I agree that just Geeksquad experience would be quite questionable, but I should have specified this in my post I was a Business Consultant for Best Buy for Business...working only with Businesses not retail. I was paid salary, but I think just because the name people will assume what you have (Geeksquad Agent tinkering with PCs at a retail store) it will be difficult to sell.

    No worries I will just live out my time as an associate (when I pass) if they don't take my experience.

    Thanks again.
    CISSP | GCIH | CEH | CNDA | LPT | ECSA | CCENT | MCTS | A+ | Net+ | Sec+

    Next Up: Linux+/RHCSA, GCIA
  • hustlin_moe20hustlin_moe20 Member Posts: 225
    ibcritn wrote: »
    Hi Guys,

    My question is in regards to the experience required for CISSP. I worked at Best Buy for Business/Geek Squad for an extended period of time (enough to satisfy CISSP), 1 year as a Systems/Security Admin after that and now work solely in Information Assurance.

    I am preparing for my CISSP certification and my experience from BB/GS was hitting several domains as I was focused on small business support/needs. I covered network security, malware analysis/eradication, and designed Backup and Disaster recovery solutions.

    Do you think this will qualify for CISSP? I might be able to get a sponsor for it, but I do think I will have to have ISC2 audit me....and not sure if they will just blow me off because of the company (Best Buy/Geek Squad)

    Thanks in advance for any responses.

    I'm sure you'd be audited on the GS stuff. I've known many GS techs and I wouldn't endorse them solely on that experience. I'm sure working on the business side is different but still what would that have to do with Information Security/Assurance?

    Living out an Associate of ISC2 wouldn't be bad anyways.
  • ibcritnibcritn Member Posts: 340
    I'm sure you'd be audited on the GS stuff. I've known many GS techs and I wouldn't endorse them solely on that experience. I'm sure working on the business side is different but still what would that have to do with Information Security/Assurance?

    Living out an Associate of ISC2 wouldn't be bad anyways.

    Yes I concur...I wouldn't endorse a GS tech either....luckily I wasn't one.

    I designed BCP/DRP for small-Med. businesses, and did more advanced network security which included vulnerability assessments.

    I am not really too worried about it anymore....just going to be honest about what I did...have references, etc and see where it goes.
    CISSP | GCIH | CEH | CNDA | LPT | ECSA | CCENT | MCTS | A+ | Net+ | Sec+

    Next Up: Linux+/RHCSA, GCIA
  • -Foxer--Foxer- Member Posts: 151
    I also used to work for Geeksquad, and I personally would never use that as experience toward CISSP. I think you just need to wait it out.
  • ibcritnibcritn Member Posts: 340
    -Foxer- wrote: »
    I also used to work for Geeksquad, and I personally would never use that as experience toward CISSP. I think you just need to wait it out.

    I couldn't agree more...that someone who worked as a geek squad agent shouldn't attempt to have their experience validated.
    CISSP | GCIH | CEH | CNDA | LPT | ECSA | CCENT | MCTS | A+ | Net+ | Sec+

    Next Up: Linux+/RHCSA, GCIA
Sign In or Register to comment.