Penetration Testing mailing list archives
Re: Re: CISSP
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Wed, 27 Dec 2006 21:24:03 +0000 (UTC)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 27 Dec 2006, Rob Meijer wrote:
On Tue, 19 Dec 2006, R. DuFresne wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 4 Dec 2006, dfullerton () mantor org wrote:Then I wonder if this certification should really have this kind of notoriety. Looks like it's not technical and if an 11 years old boy can complete this cert ...it's not about security management experience either. Anyone can give me some good reason to acquire CISSP while not being related to money and the wannabe marketing-made notoriety?To get hired. It's a requirement for most companies seeking security folks, some companies will hire you without, if you can show experience in the field, and require you get one shortly after being employed., and for any of the agencies that assist with those seeking employment in the field. If you are seeking experience in the field by hiring thru agencies that will market you for security type work, a CISSP is a most, in most cases upfront to get a foot in the door.To me it sounds like you got it backwards. It is large quantities of 'skill and experience' that is a requirement, and some companies will hire you without if you have certifications like CISSP and they are on a tight budget. I would sugest to use the folowing rules of thumb with respect to certifications: * less 5 years relevant experience: get certified, if not for the knowledge, get them to get payed more ! * more than 10 years of relevant experience: certification is completely useless, don't bother. * 5 to 10 years relevant experience and an empty or not fully verifiable resume: get certified, it compensates. * 5 to 10 years relevant experience and a verifyable resume with some highlights in it: if you realy want a specific job that requires it, than get certified, otherwise, find a employer that does apreciate your skills and experience.
which might well work, if one could get around HR weinies and the pre-screening agencies that many companies rely upon these days. but yes, this was a valid route to consider back about 10-15 years ago. Times change and sometimes not for the better....
Thanks, Ron Dufresne- -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com http://sysinfo.com Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629 ...We waste time looking for the perfect lover instead of creating the perfect love. -Tom Robbins <Still Life With Woodpecker> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFFkuR3st+vzJSwZikRAomNAKCFejZP3BDnYs2I13hkVFcRwPik3gCgqD/u aEIshz1o81j5G89tiDC0i5c= =E4lF -----END PGP SIGNATURE-----
Current thread:
- RE: CISSP, (continued)
- RE: CISSP Craig Wright (Dec 04)
- Re: RE: CISSP mr . nasty (Dec 04)
- RE: RE: CISSP Bates, Chris (Dec 05)
- Re: RE: CISSP Tim Shea (Dec 05)
- Re: Re: Re: CISSP mr . nasty (Dec 05)
- Re: CISSP Michael Krzeszkowski (Dec 05)
- Re: CISSP Michael Mooney (Dec 10)
- Re: Re: CISSP shyaam (Dec 20)
- Re: Re: CISSP R. DuFresne (Dec 27)