Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CISSP experience Question

From: krymson () gmail com
Date: 31 May 2007 18:23:24 -0000
I think that because you're asking this question here, you kinda already know deep down what the more "right" answers 
are. :) And yes, I know a few people will disagree with some of my feelings on your questions...all of whom I bet 
already have CISSP...oddly. :)

If you are not sure you have the work experience, we need you. I really don't care about the semantics and zealous 
specifics of CISSP enough to have that outweigh the fact that we need more security professionals with real experience. 
If you think you have it, that's likely good enough for me.

Do you live in an area with a local Infragard or ISSA chapter? If so, join up and network a bit. Even if you don't find 
many CISSPs there, they likely know some in their own workforces.

If your employer has employed you, they are showing at least some sort of commitment and backing for you. Yeah, 
everyone is different, but I would hope your manager changes his/her opinion and backs you. Until the rules for 
endorsement change, there's really nothing to lose for your manager if you do turn out to be a dud. I'd totally back 
one of my workers even if I had my doubts (despite that I hired him!).

Lastly, if you want a current CISSP to endorse you, you might want to stick to meeting someone in person or having 
extended contact with one online (even up to Skype/phone contact). A current CISSP does have something to lose if you 
are playing him...

FYI, grats on passing the test and sticking this out! Good luck!


<- snip ->
I have passed the CISSP examination 19 months ago. I believe that now have the required security experience but not 
100% sure because some of my work was security related but mixed with other duties such as system and network 
administration.

I estimated my pure security experience to now be accurate, but how and with who should I confirm before applying the 
endorsement form to (ISC)2?

My second question is: I prefer to apply my endorsement through a certified CISSP, but I currently do not know any. I 
also will start a new job and my employer does not know me that much at all to endorse me. Should any CISSP know me for 
a certain amount of time before endorsing me, or can any CISSP that I could contact through the internet do so as long 
as they think my experience is enough through examining my CV?

Any suggestions are appreciated. thanks
Previous By Date Next
Previous By Thread Next

Current thread: