Options

CISSP down.. what's next? (Advice please)

emaupinemaupin Member Posts: 6 ■□□□□□□□□□
in SSCP
Been lurking on this forum for a couple of years now. I think I posted a long time ago when I started studying (although that might have been for Sec+). Anyway.. I took the CISSP CBT on Thursday and passed! I'll hit the experience requirement in February, so I just have to bide my time until then. Thanks to all of you that posted about your CISSP journeys. I only know one other CISSP, and it's not really a situation in which I could ask her a bunch of questions. So this forum was my primary source of information about the test, studying plans, etc.

I'm the type of person that always needs to have some kind of goal, even if I'm not pushing toward it quickly. I had a three year plan of doing A+ > Sec+ > CISSP, but now that's completed. I'm currently employed as the IT/IS Officer for a small bank, but I'm hoping to move toward something bigger and better in the near future. I would appreciate any advice about certifications that might extend my knowledge and marketability, especially certifications that would pair nicely with CISSP. I've been looking at CISA or maybe something like CEH.. or maybe get vendor-specific with the Cisco security certs. A project management cert might not look bad on the resume either. Any input is appreciated!

One other question: I see that I have 9 months to complete the endorsement process. I'm less than 5 months from hitting the experience requirement, so that's no problem. On the other hand, I could notify ISC2 and become an Associate in the meantime. It seems easier just to wait.. any reason to go Associate for the next few months?

Thanks!
· Share on FacebookShare on Twitter

Comments

  • Options
    sgtgormansgtgorman Member Posts: 6 ■□□□□□□□□□
    Congrats! Since you work in the Banking industries, I would recommend you for CISA next. Mostly, banking industries require auditing. If you want to steering for the technical side, you can start with CEH and Cisco Security path.
    · Share on FacebookShare on Twitter
  • Options
    bigdogzbigdogz Member Posts: 881 ■■■■■■■■□□
    emaupin,

    Congratulations!
    I don't know the years of experience that you have but remember that you can use the Sec+ to waive one year.
    I would wait once you have the correct amout of experience if I were you.
    A great deal of others go for the CISM since the domains are so close. You can go for the CEH afterwords. It is more technical in nature.
    · Share on FacebookShare on Twitter
  • Options
    paul78paul78 Member Posts: 3,016 ■■■■■■■■■■
    Congrats - as for next certification. As other mentioned - the ISACA certifications like CISA, CISM, and CRISC may be appropriate. It really depends on what you do at your job. Alternatively, you could just do whatever strikes your fancy as a good learning experience.

    Since you are in banking, if you deal with a lot of privacy issues - CIPP from www.privacyassociation.org may be useful for you. If your job includes dealing with card processing, check out PCI specific training.

    For generic security training - SANS offers well regarded training (depending on your point of view) for their GIAC certifications.

    As for your question about the endorsement process - personally - I would suggest waiting until the 5 months as up before applying.
    · Share on FacebookShare on Twitter
  • Options
    emaupinemaupin Member Posts: 6 ■□□□□□□□□□
    Thanks for the advice guys. I think I'm going to go the CISA route next. But not until after a break for two or three months to let my brain relax after the horrors of CISSP. :)
    · Share on FacebookShare on Twitter
  • Options
    beadsbeads Member Posts: 1,531 ■■■■■■■■■□
    Keep in mind that the ISACA exam only roll around twice a year: December and June. Final registration for the December exam is this Friday.

    - beads
    · Share on FacebookShare on Twitter
Sign In or Register to comment.