SSCP or CISSP?

kanecainkanecain Member Posts: 186 ■■■□□□□□□□
Hello all. Since October, I've been in a Information Security Specialist role, doing/reporting Nessus scans, processing stolen equipment, least privilege enforcement, and running a Information Security Advisor program (with 150 or so members). This is my first InfoSec job, and I currently love it. With my experience level in InfoSec (3 1/2 months), my boss has required me to get the SSCP. Do you all think it's smarter to pursue the CISSP instead? I have my Security+ and CCNA: Security certs currently, and think the SSCP may not be truly beneficial to my career. Thoughts?
WGU - Bachelors of Science - Information Security
Start Date: Jan. 1st, 2012
Courses:
Done!!!

Comments

  • 5ekurity5ekurity Member Posts: 346 ■■■□□□□□□□
    Well, for your current job, the SSCP seems more appropriate. It's more focused on the operational side of the security house. The CISSP is a more senior / management type certification, and would be a good certification to pursue once you get some additional experience under your belt. Just my $.02 as I've never dealt with the SSCP; I've personally seen guys with several years of dedicated security experience fail the CISSP the first time around.
  • joebannyjoebanny Member Posts: 84 ■■□□□□□□□□
    Agreed with @5ecurity, it is not so much about passing the CISSP or which one will be more beneficial, your experience at this level will not allow you to get the CISSP designation as you have a limited # of years. Taking the SSCP will be more appropriate. Even if you take and pass CISSP, you will have to wait for about 5 yrs to be able to use that designation. So take the SSCP and keep growing in your career, before you know it the 5 yrs will come. All the best.
  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    If your boss is requiring you to get the SSCP as part of your job, have him/her send you to an SSCP training course, pay for the exam, and pay the SSCP's annual maintenance free (currently $65/yr). Next, have him/her do the same for you next year for the CISSP. You won't have the professional work experience for the full CISSP cert, but what you will learn will make you much more useful to your security group. If you are indeed a manager in your group, start eyeballing the CISM as the cert-to-get after the CISSP.
  • kanecainkanecain Member Posts: 186 ■■■□□□□□□□
    Thanks for the responses everyone. I knew those were the answers I wanted to hear. I just needed to hear them.

    @JDMurray Any good recommendations on learning? My boss is more than willing to pay for it.
    WGU - Bachelors of Science - Information Security
    Start Date: Jan. 1st, 2012
    Courses:
    Done!!!
  • MSP-ITMSP-IT Member Posts: 752 ■■■□□□□□□□
    Just a heads up, you'll still have to hit 12 months in InfoSec before you'll qualify for the SSCP.
  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    You can take the SSCP and CISSP exams at any time. The professional work requirement is only for full certification.

    I don't have a specific course in mind. SSCP courses are hard enough to find, so you might end up taking a CISSP course instead. If you like 5-day concentrated learning, have a look at SANS CISSP course. Courses lasting weeks can be found at major colleges.
  • kanecainkanecain Member Posts: 186 ■■■□□□□□□□
    Thanks for the advice. ISC2 offers an 5 day online class for $2,700. We'll see if the boss will pay for that.
    WGU - Bachelors of Science - Information Security
    Start Date: Jan. 1st, 2012
    Courses:
    Done!!!
  • 5ekurity5ekurity Member Posts: 346 ■■■□□□□□□□
  • kanecainkanecain Member Posts: 186 ■■■□□□□□□□
    Well Hell's Bells! Thanks man!
    WGU - Bachelors of Science - Information Security
    Start Date: Jan. 1st, 2012
    Courses:
    Done!!!
  • 5ekurity5ekurity Member Posts: 346 ■■■□□□□□□□
    No problem, good luck!
Sign In or Register to comment.