Can a person with no security experience become cissp?

I have BE (Mechanical Engg.) and MSCE. I have also worked in help desk for 15 years with a fortune 500 company.
ut I have no experience in info security at all. If I start accumulating certs such as ccna cisa ad so forth, w/o picking up a job in info sec, will never be able to get cissp?

Find more posts tagged with

Comments

da_vato

You need to have at least 5 years experience in at least two of the domains covered by CISSP

https://www.isc2.org/cissp/default.aspx

LeifAlire

You can get the associates of CISSP with less than the required exp. Same test though.

luking

Thanks, that link was exactly what I needed.

da_vato wrote: »

You need to have at least 5 years experience in at least two of the domains covered by CISSP

https://www.isc2.org/cissp/default.aspx

luking

OK, I did find the following on becoming associate:
"Don't have the experience? Become an Associate of (ISC)² by successfully passing the CISSP exam. You'll have six years to earn your experience to become a CISSP"
However I am not sure what it really means. Does it mean that one can take cissp exam without experience and if cleared, will become as associate? And will still need to gain experience in next 6 years in order to retain the cert?
Can someone please clarify?

LeifAlire wrote: »

You can get the associates of CISSP with less than the required exp. Same test though.

stryder144

Once you've passed the CISSP test, you become an associate until you accumulate the necessary experience. They give you a generous six years to obtain that experience. You only need experience in two of the ten domains to qualify. One area you may have experience in is the Business Continuity one. Check out what each domain requires and line it up with your experience. You may be closer than you think to the full-on CISSP certification.

JasminLandry

You've never done anything security related? Like resetting passwords, troubleshooting VPN, anti-virus...?

5ekurity

Perhaps the OP meant dedicated security experience, such as an InfoSec Analyst type role. The CISSP is 10 miles wide and a few inches deep as far as the material is concerned, so there is a lot of work involved in it. Any reason for the sudden jump into the CISSP certification?

luking

I see. With my degree I will need 4 years experience.

stryder144 wrote: »

Once you've passed the CISSP test, you become an associate until you accumulate the necessary experience. They give you a generous six years to obtain that experience. You only need experience in two of the ten domains to qualify. One area you may have experience in is the Business Continuity one. Check out what each domain requires and line it up with your experience. You may be closer than you think to the full-on CISSP certification.

luking

Yes a lot of reset password/ check anti virus settings etc. but all in help desk environment, not as a designated security specialist. Not sure how my help desk work will be looked upon by the powers that have the ultimate authority to evaluate.

JasminLandry wrote: »

You've never done anything security related? Like resetting passwords, troubleshooting VPN, anti-virus...?

luking

[QUOTE=5ekurity;840515 Any reason for the sudden jump into the CISSP certification?[/QUOTE]

Yes, if you can dream then why not dream the biggest one?
I am in mid 40s o don't think I will be in able switch track later on. Info/Cyber security interests me because it is sill relatively new, demand is rising, salaries are excellent, there is quite a bit of challenge in it. When I looked at the paid security profs, CISSPs and CCIEs seem to be getting above 100K offers. So CISSP is my ultimate.
I still plan to continue in present job for some more time so want to collect certs and some overview of security concepts meanwhile.
Looks like I can start with security+ and move on to ccna later on.

NovaHax

I would highly discourage getting the Associate of ISC2 (CISSP) if you are not currently working in a security role. You have a limited time, after passing the exam...to get the required experience. I want to say its like 6 years total (but don't quote me on it). If you don't land a security job soon enough, you will have taken the test (and a particularly brutal test) for nothing.

TechGuru80

NovaHax wrote: »

I would highly discourage getting the Associate of ISC2 (CISSP) if you are not currently working in a security role. You have a limited time, after passing the exam...to get the required experience. I want to say its like 6 years total (but don't quote me on it).

6 years from the passing date. A college degree (related to security) or I believe security+ both waive one year so you would need 4. It would definitely be a risk if you aren't in a security role because you have a limited time to break in.

Danielm7

How do they validate the experience? By that I mean I haven't had a security specific role yet, but I've had a number of Systems Admin positions where I'm responsible for a number of things in their required domains. I'll also finish my BS in IT- Security concentration @ WGU soon with the Security+ and CCNA: Security.

5ekurity

Danielm7 wrote: »

How do they validate the experience? By that I mean I haven't had a security specific role yet, but I've had a number of Systems Admin positions where I'm responsible for a number of things in their required domains. I'll also finish my BS in IT- Security concentration @ WGU soon with the Security+ and CCNA: Security.

You'll need to submit a resume outlining the domains of which you have experience in, the functions you performed, and have another CISSP sign off on your years of experience. Alternatively, you can submit this documentation to ISC2 and they will audit / sign off for you.

Danielm7

Good to know, thanks. I've always worked for smaller shops so I don't have a coworker CISSP but if they can audit it that'll work too when the time comes.