Can a person with no security experience become cissp?

lukingluking Banned Posts: 46 ■■□□□□□□□□
I have BE (Mechanical Engg.) and MSCE. I have also worked in help desk for 15 years with a fortune 500 company.
ut I have no experience in info security at all. If I start accumulating certs such as ccna cisa ad so forth, w/o picking up a job in info sec, will never be able to get cissp?

Comments

  • da_vatoda_vato Member Posts: 445
    You need to have at least 5 years experience in at least two of the domains covered by CISSP

    https://www.isc2.org/cissp/default.aspx
  • LeifAlireLeifAlire Member Posts: 106
    You can get the associates of CISSP with less than the required exp. Same test though.
    2015 Goals: VCP-550 - CISA - 70-417
  • lukingluking Banned Posts: 46 ■■□□□□□□□□
    Thanks, that link was exactly what I needed.
    da_vato wrote: »
    You need to have at least 5 years experience in at least two of the domains covered by CISSP

    https://www.isc2.org/cissp/default.aspx
  • lukingluking Banned Posts: 46 ■■□□□□□□□□
    OK, I did find the following on becoming associate:
    "Don't have the experience? Become an Associate of (ISC)² by successfully passing the CISSP exam. You'll have six years to earn your experience to become a CISSP"
    However I am not sure what it really means. Does it mean that one can take cissp exam without experience and if cleared, will become as associate? And will still need to gain experience in next 6 years in order to retain the cert?
    Can someone please clarify?
    LeifAlire wrote: »
    You can get the associates of CISSP with less than the required exp. Same test though.
  • stryder144stryder144 Member Posts: 1,684 ■■■■■■■■□□
    Once you've passed the CISSP test, you become an associate until you accumulate the necessary experience. They give you a generous six years to obtain that experience. You only need experience in two of the ten domains to qualify. One area you may have experience in is the Business Continuity one. Check out what each domain requires and line it up with your experience. You may be closer than you think to the full-on CISSP certification.
    The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia

    Connect With Me || My Blog Site || Follow Me
  • JasminLandryJasminLandry Member Posts: 601 ■■■□□□□□□□
    You've never done anything security related? Like resetting passwords, troubleshooting VPN, anti-virus...?
  • 5ekurity5ekurity Member Posts: 346 ■■■□□□□□□□
    Perhaps the OP meant dedicated security experience, such as an InfoSec Analyst type role. The CISSP is 10 miles wide and a few inches deep as far as the material is concerned, so there is a lot of work involved in it. Any reason for the sudden jump into the CISSP certification?
  • lukingluking Banned Posts: 46 ■■□□□□□□□□
    I see. With my degree I will need 4 years experience.
    stryder144 wrote: »
    Once you've passed the CISSP test, you become an associate until you accumulate the necessary experience. They give you a generous six years to obtain that experience. You only need experience in two of the ten domains to qualify. One area you may have experience in is the Business Continuity one. Check out what each domain requires and line it up with your experience. You may be closer than you think to the full-on CISSP certification.
  • lukingluking Banned Posts: 46 ■■□□□□□□□□
    Yes a lot of reset password/ check anti virus settings etc. but all in help desk environment, not as a designated security specialist. Not sure how my help desk work will be looked upon by the powers that have the ultimate authority to evaluate.
    You've never done anything security related? Like resetting passwords, troubleshooting VPN, anti-virus...?
  • lukingluking Banned Posts: 46 ■■□□□□□□□□
    [QUOTE=5ekurity;840515 Any reason for the sudden jump into the CISSP certification?[/QUOTE]

    Yes, if you can dream then why not dream the biggest one?
    I am in mid 40s o don't think I will be in able switch track later on. Info/Cyber security interests me because it is sill relatively new, demand is rising, salaries are excellent, there is quite a bit of challenge in it. When I looked at the paid security profs, CISSPs and CCIEs seem to be getting above 100K offers. So CISSP is my ultimate.
    I still plan to continue in present job for some more time so want to collect certs and some overview of security concepts meanwhile.
    Looks like I can start with security+ and move on to ccna later on.
  • NovaHaxNovaHax Member Posts: 502 ■■■■□□□□□□
    I would highly discourage getting the Associate of ISC2 (CISSP) if you are not currently working in a security role. You have a limited time, after passing the exam...to get the required experience. I want to say its like 6 years total (but don't quote me on it). If you don't land a security job soon enough, you will have taken the test (and a particularly brutal test) for nothing.
  • TechGuru80TechGuru80 Member Posts: 1,539 ■■■■■■□□□□
    NovaHax wrote: »
    I would highly discourage getting the Associate of ISC2 (CISSP) if you are not currently working in a security role. You have a limited time, after passing the exam...to get the required experience. I want to say its like 6 years total (but don't quote me on it).
    6 years from the passing date. A college degree (related to security) or I believe security+ both waive one year so you would need 4. It would definitely be a risk if you aren't in a security role because you have a limited time to break in.
  • Danielm7Danielm7 Member Posts: 2,310 ■■■■■■■■□□
    How do they validate the experience? By that I mean I haven't had a security specific role yet, but I've had a number of Systems Admin positions where I'm responsible for a number of things in their required domains. I'll also finish my BS in IT- Security concentration @ WGU soon with the Security+ and CCNA: Security.
  • 5ekurity5ekurity Member Posts: 346 ■■■□□□□□□□
    Danielm7 wrote: »
    How do they validate the experience? By that I mean I haven't had a security specific role yet, but I've had a number of Systems Admin positions where I'm responsible for a number of things in their required domains. I'll also finish my BS in IT- Security concentration @ WGU soon with the Security+ and CCNA: Security.
    You'll need to submit a resume outlining the domains of which you have experience in, the functions you performed, and have another CISSP sign off on your years of experience. Alternatively, you can submit this documentation to ISC2 and they will audit / sign off for you.
  • Danielm7Danielm7 Member Posts: 2,310 ■■■■■■■■□□
    Good to know, thanks. I've always worked for smaller shops so I don't have a coworker CISSP but if they can audit it that'll work too when the time comes.
Sign In or Register to comment.