Originally posted by moorfield
View Post
-
Yeah, that's what I did; you become an associate until you meet the experience requirements. -
Looking at doing this too, I'm thinking more about life after development in IBs now and this is a field that actually interests me. So you can do the exam first then before starting the experience? - that would be a handy to have on the CV for me.Originally posted by DieScum View PostLeave a comment:
-
I've got it, agree with whats said previously. I wouldn't say its easy but not that hard either.Leave a comment:
-
Thanks for the replies guys.
Talking to people it seems a well regarded cert from people who don't have it. Probably because the books look big and foreboding.
Can't hurt to get it.
I've certainly got experience across multiple domains but I don't kknow how hard I can spin things to get the five years.
I actually did about nine months working as a cryptography consultant... but it wasn't hardcore stuff just telling people how to implement a simple API for the product. Could probably shift the dates a bit to a year.
The last three years been working on various things touching some vaguely security stuff but not full time. So patch management, risk analysis. Also done a fair bit of ITIL stuff so done business continuity stuff.
Even if that counts I still need another year... I wonder if I could spin AD support as security related... anyway I can still sit the exam without the experience and become an associate and then get CISSP when the experience is done.Leave a comment:
-
Overated certification imho, but a necessary evil to get past dumbass pimps...Leave a comment:
-
Yep,
The requirements have recently changed, you now need 5 years direct experience across 2 domains.
It depends how security focussed your previous work was; it sounds like it wasn't full time direct work,I believe help-desk wouldn't count.
Dante's (fellow Egham(er)) right though they're not mega strict, look on the approved list for waivers etc too.
Leave a comment:
-
They are not mega strict on dates but they do contact employers to ask.
I had been working in associated fields for 10 years but never solely in security. i.e I was Infrastructure support in one contract where I looked after firewalls for 25% of the time - so that counted...
I told them about the relevant bits of the relevant jobs and it was approved with no problem.
The exam is easy but very long and boring. You'll meet some proper freaks on the day. I did mine in Egham and there were bods fro all over India with zero security experience who turned up just to 'write the exam'.
Madness.Leave a comment:
-
Do you have any other certs? (MCSE etc) Some of those knock a year off the required experience.Leave a comment:
-
CISSP Professional Experience Requirements
Anyone here a CISSP?
Do you know how the professional experience requirements are judged.
I've been in IT for about 7 years now. I've done direct security work for approximately 6 months as a cryptography consultant. Then I've done three years in general IT lifecycle management consultancy (with a wide specialization but including patching/security vulnerability analysis).
Rest of the time was made up with my first job on a help desk, then a AD rollout, then packaging.
So I don't know if I can really get the professional experience requirement. Depends how strict they are. I can show experience with some of the major companies in the security field.
So anyone done this? How strict are they on the requirements?
Leave a comment: