Is CISSP for me?

I took a brief look at the requirements for CISSP and I am not sure if I qualify. I have been a UNIX sys admin since '88. I spent the last five years of of previous job backing up huge amounts of satelite data, over 80 terabytes. I now have an SA job that requires security scans, and fixes, in addition to the typical SA work. I saw a job with the company, in a location I would prefer to be in, but it required a CISSP. I had thought about cets in Linux and Solaris, but maybe this is the route to go. Thanks.

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

JDMurray

You should have several years of solid work experience in several of the CISSP CBK domains before taking the CISSP exam. The CISSP is more to the business and management side of InfoSec than technical. Look at the SSCP cert for technical InfoSec. But a lot of job reqs only recognize the CISSP, so many technical people are stuck having to go for it.

hustlin_moe20

brownwrap wrote: »

I took a brief look at the requirements for CISSP and I am not sure if I qualify. I have been a UNIX sys admin since '88. I spent the last five years of of previous job backing up huge amounts of satelite data, over 80 terabytes. I now have an SA job that requires security scans, and fixes, in addition to the typical SA work. I saw a job with the company, in a location I would prefer to be in, but it required a CISSP. I had thought about cets in Linux and Solaris, but maybe this is the route to go. Thanks.

CISSP could be the way to go depending on if you're moving towards InfoSec as a career. If it's just a good IT job you're looking for, then it may not be what you want. It requires lots of upkeep to maintain the cert also. Not to mention the focus it takes to pass the exam.

Moe.

brownwrap

JDMurray wrote: »

You should have several years of solid work experience in several of the CISSP CBK domains before taking the CISSP exam. The CISSP is more to the business and management side of InfoSec than technical. Look at the SSCP cert for technical InfoSec. But a lot of job reqs only recognize the CISSP, so many technical people are stuck having to go for it.

I'd like to stay on the tech side, but I had to register on a site for my job last week, and in order to not be required to HAVE a CISSP, I had to dumb down my qualifications. There didn't seem to be any rhyme or reason to what it was looking for, but in the end I was required to only have a Security+ certification, which I just passed. Unfortunately a couple of jobs I have been eyeing, which are system admin positions, require the CISSP.

hustlin_moe20

@Brownwrap,

Doesn't really make sense does it? I ran into the same problem when looking for really intriguing roles so I went ahead and took the CISSP. If you can't beat 'em join 'em.

JDMurray

I really wouldn't worry about the "technical vs. business" orientation of security certs. Many hiring managers do not understand the details and nuances of specific certifications; they are only looking for some indication of good knowledge, experience, and initiative in a job candidate. And just studying for the CISSP is an excellent opportunity to learn a lot of great InfoSec information that you wouldn't have picked up otherwise.

ibcritn

Many require the CISSP because of the Hype for sure, but also because it meets some of the higher DDoD 8570 requirements for both technical and managerial roles.