Job Outlook

I am an Army officer and I retire next year in January. Last year I passed the Security+ exam and last month I passed the SSCP exam. Next week I will take the CISSP exam. I have some experience in IT as I was in the System Engineering Development Program at EDS (1989-1991) and I worked in system administration and information security for The Associates (1995-2001). I have an A.S. in Computer Science, B.A. in Latin American Studies and an Executive MBA. Does anyone have any idea of the level of job that I can reasonably expect when going back into Information Security and a possible salary range?

Find more posts tagged with

Comments

mjsinhsv

Hard to answer that question without reading your resume.

I think the bottom of the scale for CISSP's is around 58k and goes up pass 100k depending on experience of course.
Not a HR person but I think employers look at your last salary and then give you a small bump on that to see if you will jump at it.

I think employers are finally taking security seriously and ramping up hiring for all fields in security.
The CISSP cert is worth its weight in gold right now.

If you are interested in staying in defense and working as a contractor , you won't have any problems finding a job.

Good luck and thanks for your service.

krucial85

Any idea of the defense companies that I might look at?

MrAgent

This should probably be posted into the IT Jobs/Degrees section.
If you are cleared, and have a CISSP, I am pretty certain you'll make a good salary, at least in the DC area, when you get out.

SephStorm

I wouldn't hold your breath at any of the big Defense Contractors.

You said "I worked in system administration and information security for The Associates"

Did you work, or did you study?

What do you want to do? If you want to get into compliance work, you are probably on the right track. Though it seems worthless to take SSCP and CISSP back to back...

If you want to do anything else, i'm not seeing anything that would make you viable.

krucial85

Thanks for your reply. You're the first and only person to paint that picture. Can you elaborate why it is "worthless" to get certified in SSCP and CISSP back to back? I don't understand that. I want to get back into information security, which in my mind means, applying the latest technology to protect information system resources. That's what I was involved with when I worked at the Associates. We deployed new sofware, applied software updates and used tools such as Siteminder and Webtrends.

mjsinhsv

Most of the large defense contractors grant preference to Vets now days.
If you are retired officer with CISSP, you will have no problem finding a job.

Northrop Grumman is hiring all the CISSP's they can find so they can position theirselves as the choice Cyber Security contractor.
In addition, as a retired officer, you are more the managmenet material type.
Go to dice dot com and search for CISSP. That will give you an idea of what employers are looking for.

krucial85

Thanks so much. I've heard of Dice dot com so I think I'll check it out now.

JDMurray

Let me throw in that salary range is stongly tied to geographical area, and the more your are able to move your location the greater the chance of finding acceptable work. If you want to stay in the Austin area, try Cisco Systems first.

BlackBeret

krucial85 wrote: »

Can you elaborate why it is "worthless" to get certified in SSCP and CISSP back to back? I don't understand that.

Someone will correct me if I'm wrong, but SSCP is basically Jr. CISSP. Also on the 8570 chart if you're going in to the DoD job realm the SSCP is equivalent to Security+. For DoD roles you will meet the 8570 requirements for any position with CISSP and CEH.

BlackBeret

I wouldn't say any cert if worthless, but more like unnecessary and why pay for the lower level cert when the higher level cert covers it?

JDMurray

The common advice is if you have the professional work experience to qualify for the full CISSP certification then go for CISSP, otherwise Security+ and SSCP are very good certs to get while you are earning the experience. SSCP is also good to get for people wanting to study specifically for the CISSP (this is what I did). I would also point out that there are no prerequisites to take the SSCP or CISSP exam. Anyone can take and pass either exam at any time, but will not be awarded the full certification until the experience requirements are also met.

MrAgent

You also want to check indeed.com
Ive had success with it.

krucial85

JDMurray wrote: »

The common advice is if you have the professional work experience to qualify for the full CISSP certification then go for CISSP, otherwise Security+ and SSCP are very good certs to get while you are earning the experience. SSCP is also good to get for people wanting to study specifically for the CISSP (this is what I did). I would also point out that there are no prerequisites to take the SSCP or CISSP exam. Anyone can take and pass either exam at any time, but will not be awarded the full certification until the experience requirements are also met.

Thanks JD. I'm taking the CISSP today so it looks like I'm doing what you did. Any suggestions on what certification I should take next? I'm going to take the ITIL exam next but after that I'm not really sure.

krucial85

Well I'm fortunate that I get reimbursed for my classes so it's worth it because the Security+ and SSCP certifications have been building blocks to prepare me for the CISSP exam.

chickenlicken09

do you feel the sscp has helped you with the cissp?

krucial85

I do. I'll know after I take the test today. I do know the that the SSCP only tests on 7 of the 10 security domains that the CISSP tests on, so it appears that this is a logical progression. I've also been told that the Security+ is, in essence, the equivalent to SSCP.

chickenlicken09

yes i am going to follow the same track as yourself hence the question. sscp next. how long did you study for sscp and how did it compare to sec+.
Did the sec+ not help with cissp? Because i have read sec+ and sscp are VERY similar?

krucial85

REMOVED UNNECESSARY QUOTED REPLY FROM PREVIOUS POST

I believe the SSCP and the Security+ have helped me in preparing for the CISSP. I have been studying for the CISSP for a total of about a month. I bought the book and once I completed it (including the study exams) I decided that I needed to complete my SSCP certification. After I passed the SSCP I started studying for about 3 weeks for the CISSP. I do that exam in about an hour. We'll see if I'm prepared but I think I am.

fuz1on

krucial85 wrote: »

I do that exam in about an hour. We'll see if I'm prepared but I think I am.

Good luck!!!

chickenlicken09

best of luck!

Burnsie

Good luck and definitely give us a recap when you finish. I will be working on the CISSP this fall, but are following along in a similar progression or certifications. I would be interested to know how you feel about and do on the exam.

B

krucial85

Well I passed the exam! I just enrolled in the ITILv3 Foundation certification course. After that I'll probably take the CCNA, CEH and VCP-Cloud certs.

MrAgent

Congrats!

chickenlicken09

well done!

JoJoCal19

krucial85 wrote: »

Well I passed the exam! I just enrolled in the ITILv3 Foundation certification course. After that I'll probably take the CCNA, CEH and VCP-Cloud certs.

Congrats on the pass! Question on the certs you listed here. What direction is it that you actually want to go in? With your background and the CISSP, a more management or even Governance/Risk/Compliance role might be a better fit. The CCNA, CEH, and VCP certs are all highly technical and not a particularly good fit if you're wanting to go down the management or GRC route.

krucial85

Thanks a lot.

chickenlicken09

JoJoCal19 wrote: »

Congrats on the pass! Question on the certs you listed here. What direction is it that you actually want to go in? With your background and the CISSP, a more management or even Governance/Risk/Compliance role might be a better fit. The CCNA, CEH, and VCP certs are all highly technical and not a particularly good fit if you're wanting to go down the management or GRC route.

What direction are you looking to go in?

krucial85

To be honest with you I'm not really sure if I want to go technical or pursue management or Governance/Risk/Compliance. The latter sounds good but I'm not sure how to get in that arena without getting the certifications and experience first.

chickenlicken09

well i imagine the certs you currently have would be a good door opener for you.

MrAgent

You never mentioned if you are cleared or not.
If you are, I would suggest looking in Northern VA.
Cissp Jobs, Employment in Chantilly, VA | Indeed.com