Another "Am I Experienced Enough" for CISSP Thread

beantownmp · June 2013

Hello everyone. I've decided it's time to start looking into the CISSP. I work in the government sector and know the CISSP is very valued in that realm. I'm wondering about the experience though (as are many). I only have 2 years of IT (SysAd for the Air Force which has been in a classified/secure environment so that should help) experience but have 8 years of Military Police experience. I feel the MP experience should easily cover 2 of the 10 Domains (Physical Security & Legal, Regulations, Investigations and Compliance) but wasn't sure if it would matter since that wasn't IT experience? I also have Security+ but not a Bachelor's degree.

Thanks!

JDMurray · June 2013

First, to the DoD it doesn't matter if you have the experience to become fully CISSP-certified. Just passing the CISSP exam is enough for the DoD. Second, there is no prerequisite to just take the exam. You can sign up for the CISSP exam now and take it tomorrow if you are ready. Finally, once you have passed the exam then you can start thinking about how much more professional Information Security experience (not just IT experience) you need to acquire to meet the full requirements for CISSP certification.

Oh, to the (ISC)2, the Security+ cert and a 4-year bachelor's degree are worth the same one-year of experience waived from the requirements, so you are fine without the degree.

beantownmp · June 2013

JDMurray wrote: »

To the DoD, it doesn't matter if you have the experience to become fully CISSP-certified. Just passing the CISSP exam is enough for the DoD, and there is no prerequisite to only take the exam. You can sign up for the CISSP exam now and take it tomorrow if you are ready. Once you have passed the exam then you can start thinking about how much more professional Information Security experience (not just IT experience) you need to acquire to meet the full requirements for CISSP certification.

That is very interesting. I figured the DoD would be one to care more about being fully certified than other places. Ok, time to start studying then!

Do you think I'd have enough experience, or does the lacking Information Security specificness hinder me? I think those 2 domains i listed I easily have more than 4 or 5 years of experience in.

JDMurray · June 2013

The DoD published the certifications it requires for its Information Assurance workforce initiative in DoDD 8570.01-M (to be made DoDD 8140 by the end of 2013). The link for that doc is in multiple posts here at TechExams.net.

As for your experience, you will need to be interviewed by an endorser to make the final determination. It's a total of 4 years experience across two domains, so depending on what you did for the legal investigations aide you may have it now. I would just think about passing the CISSP exam now and worry about the endorsement later.

beantownmp · June 2013

JDMurray wrote: »

The DoD published the certifications it requires for its Information Assurance workforce initiative in DoDD 8570.01-M (to be made DoDD 8140 by the end of 2013). The link for that doc is in multiple posts here at TechExams.net.

As for your experience, you will need to be interviewed by an endorser to make the final determination. It's a total of 4 years experience across two domains, so depending on what you did for the legal investigations aide you may have it now. I would just think about passing the CISSP exam now and worry about the endorsement later.

Makes sense to do just that. So what would I put on my resume, for instance if I passed the CISSP but wasn't fully endorsed yet?

JDMurray · June 2013

"Associate of the (ISC)2 toward CISSP"

https://www.isc2.org/how-to-become-an-associate.aspx
https://www.isc2.org/associates/Default.aspx

Also read: https://www.isc2.org/uploadedFiles/(ISC)2_Public_Content/Exam_Outlines/CISSP-CIB.pdf

Another "Am I Experienced Enough" for CISSP Thread

Comments