Security Basics mailing list archives
RE: CISSP experience Question
From: "David Harley" <david.a.harley () gmail com>
Date: Fri, 1 Jun 2007 10:26:24 +0100
I have passed the CISSP examination 19 months ago. I believe that now have the required security experience but not 100% sure because some of my work was security related but mixed with other duties such as system and network administration.
Well, you might be able to argue that those other duties are security related: the requirements seem a little fuzzy on that.
I estimated my pure security experience to now be accurate, but how and with who should I confirm before applying the endorsement form to (ISC)2?
There's a form and email address at https://www.isc2.org/cgi-bin/contact.cgi. Might be best to go to the horse's mouth. :)
My second question is: I prefer to apply my endorsement through a certified CISSP, but I currently do not know any. I also will start a new job and my employer does not know me that much at all to endorse me.
I'd have thought that if they knew enough about you to employ you for a security job, they've had to research you to some extent, though your former employer would be the obvious choice, if they're willing to. If you did the CBK review, the person who ran the course might be prepared to sponsor you, if they remember you.
Should any CISSP know me for a certain amount of time before endorsing me, or can any CISSP that I could contact through the internet do so as long as they think my experience is enough through examining my CV?
I wouldn't endorse someone I didn't know, certainly not on the basis of examining their CV, and wouldn't feel that constituted a review of "the work history and experience, reputation, and criminal history" of the individual. I might endorse someone I hadn't met personally, depending on the context in which I knew them. Via an open list like this wouldn't be enough. Mileage may vary, but there is an ethical issue about best endeavours. Sorry if this sounds elitist: it's not. I'm more than happy to endorse people I know well enough to be reasonably sure they're Good Eggs. :) -- David Harley CISSP, Small Blue-Green World Security Author/Editor/Consultant/Researcher AVIEN Guide to Malware: http://www.smallblue-greenworld.co.uk/pages/avienguide.html Security Bibliography: http://www.smallblue-greenworld.co.uk/pages/bibliography.html
Current thread:
- RE: CISSP experience Question David Harley (Jun 01)
- <Possible follow-ups>
- RE: CISSP experience Question David Harley (Jun 01)
- Re: RE: CISSP experience Question bruce_mcculley (Jun 04)
- RE: RE: CISSP experience Question David Harley (Jun 04)
- Re: CISSP experience Question Sajed Naseem (Jun 04)
- RE: RE: CISSP experience Question David Harley (Jun 04)