RE: certification for engineers/developers?

[Jeremy Epstein <jeremy.epstein () webmethods com>]

The Great Australian Ice Creamery might be as effective as CISSP for
software engineers.  I was wondering whether it was accidental or
intentional that Ed Rohwer suggested "defiantly" looking at CISSP.
Defiantly: "in a rebellious manner" or "boldly resisting".

[Ed. Thanks for the laugh, Jeremy! KRvW]

> -----Original Message-----
> From: [EMAIL PROTECTED] 
> [mailto:[EMAIL PROTECTED] On Behalf Of Andrew Rucker Jones
> Sent: Tuesday, March 22, 2005 11:11 PM
> To: [EMAIL PROTECTED]
> Subject: RE: [SC-L] certification for engineers/developers?
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> You mean of course GIAC (www.giac.org and www.sans.org), not 
> GAIC. That is, unless You really want a security 
> certification from the Great Australian Ice Creamery 
> (www.gaic.com.au).
>
>   -&
>
>
> - -------- Original Message --------
> Subject: RE: [SC-L] certification for engineers/developers?
> Date: Tue, 22 Mar 2005 13:43:54 -0700
> From: Edward Rohwer <[EMAIL PROTECTED]>
> Reply-To: Edward Rohwer <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>
>
> Depending on where you want to go, defiantly look at the 
> CISSP, or one of the GAIC cert.'s Software "engineering" is 
> another subject entirely. Some people (a lot actually) would 
> argue that SE's are not engineers at all, since they are not 
> licensed by states or other governmental agencies like EE's 
> or other professional engineers.
>
> Ed. Rohwer CISSP
>
> - -----Original Message-----
> From: [EMAIL PROTECTED] 
> [mailto:[EMAIL PROTECTED] On Behalf Of j eric townsend
> Sent: Tuesday, March 22, 2005 12:18 PM
> To: [EMAIL PROTECTED]
> Subject: [SC-L] certification for engineers/developers?
>
> A lot of people I know in IT are picking up certifications 
> and I'm wondering if there's any equivalent for software 
> engineers or product security
> engineers.    I have vague memories of  QE/QA certifications for ISO
> compliance, but a quick perusal of google and yahoo turns up 
> nothing for security engineers.
>
> The main reason I'm looking at certification is defensive -- 
> I've been in one too many meetings where someone's opinion 
> was given more weight because
> of industry certification or advanced degree.      As product 
> security and
> secure development gets more visibility in organizations, 
> conflicts with IT (and other groups) start to happen over 
> things like trusted development
> environments and product vulnerability escalation paths.     
> It seems like
> everyone in IT  has some sort of certification these days, 
> and the certifications are sold to upper management as a 
> method of knowing your employees have a certain level of knowledge.
>
> Of course, none of us in engineering have certifications.   
> Those of us with
> formal education have degrees from a long time ago in an 
> academic world very far away.
>
> Being the sort who'd rather not bring a knife to a gun fight, 
> I figure I
> should start getting myself some walllpaper as well.   Maybe 
> I should just
> sit for the CISSP, or maybe get something like Sun's JCP or 
> the IEEE CSDP
> and be done with it?   Or maybe go the academic route and get 
> a MS in CS?
> - --
> [EMAIL PROTECTED]
>
> pgp: 0xF5F84C8F, 7405 0143 B665 303D D2E8  4257 95AD F02F F5F8 4C8F
>
>
>
>
> - --
> GPG key / Schlüssel -- http://simultan.dyndns.org/~arjones/gpgkey.txt
> Encrypt everything. / Alles verschlüsseln.
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.6 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFCQOw2oI7tqy5bNGMRAn9xAKDSjlw0TMxYlkam3K9Ke8n0YnlX9gCfd1nM
> vuVX94hrJPFnyB174BnyuX4=
> =vHL/
> -----END PGP SIGNATURE-----