.

CISSP/Career Advice Needed

<<

xcircusmusician

Newbie
Newbie

Posts: 7

Joined: Thu May 27, 2010 10:45 pm

Post Sun Aug 21, 2011 2:48 pm

CISSP/Career Advice Needed

Hello all:
I’m considering obtaining the CISSP Cert, and I'm trying to get ‘realistic’ advice concerning the opportunities/options that the CISSP would provide me.
I’m 48 years old, and I’m asking for any (brutally honest) advice concerning the realistic options that I have for securing a career in I.T. Security. (Probably Entry-Level)
(I’ve been with Comcast for eight years/Four of those on the Senior-Help Desk)
I currently have: Associates (IT) /Network +/Security +/Certified Ethical Hacker (CEH) and some experience with the OSCP. I found the OSCP to be very challenging.
Any thoughts/insight on the difficulty of CISSP compared to the OSCP or CEH?
I’m experiencing a sense of ‘urgency’ in securing a career, and am open to any/all options.
I’m willing to relocate/travel 100%/Contract/etc.
I’m looking into options such as: Incident Handler/Loss Prevention/Management/
I’m willing to spend a year (self-study) to obtain a CERT that will put me in the 50K to 70k range

If you have any advice/resources/etc., I would certainly appreciate it.
Thanks in advance,
Michael
        And yes, I really am an Ex-Circus Musician (Bass Guitar)
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Sun Aug 21, 2011 3:12 pm

Re: CISSP/Career Advice Needed

CISSP is a totally different animal than CEH or OSCP. CISSP has a management spin and is less technical, however you're expected to know technical details in some areas.

I actually just took the CISSP exam 2 days ago. Do NOT underestimate this cert. I always looked at it as a "read a book and pass the exam" type of cert. The reality is that there is a lot of information to remember for that exam. Quite frankly, if you don't have a decent amount of practical work experience in more than a few of the domains, its going to be even harder. Dedicate serious time to CISSP if you're going to do it because you really have to understand all the concepts and how they fit together. That test was a bitch. Then again.....our buddy H1t M0nkey cranked out CISSP in 17 days which is pretty amazing.

CISSP is beloved by HR and hiring people. I just did a quick search on dice.com and there were 1361 jobs across the country. This is a valuable cert for your career. In comparison, there were 6 jobs for OSCP and 92 for CEH

I wont get into the debate on which is more valuable for your brain....we'll leave that for another thread.

Look at the 10 common bodies of knowledge for CISSP, do you have at least 5 years experience in at least 2 of them? Another CISSP will have to vouch for that experience. If you don't have that, you'll be put into CISSP purgatory until you satisfy the practical work experience. If you do, I would say go for it because as you can see by the job numbers, there are plenty of them.
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Mon Aug 22, 2011 7:48 am

Re: CISSP/Career Advice Needed

Then again.....our buddy H1t M0nkey cranked out CISSP in 17 days which is pretty amazing.

Yes, but I did GSEC a year before CISSP and they both cover similar material.  I didn't have any life in this 17 days: Waking up at 4:30am to study before work then studying again on every single evenings until 11:00pm (so about 5 hours a day, more on weekends). It took me a full month to recover from this crazy pace. 

Oh, I forgot to mention I have 2 daughters...

So don't do that! Take 2-3 months to study this beast...

Good luck cd1zz!!!  ;)
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

WCNA

User avatar

Full Member
Full Member

Posts: 187

Joined: Wed Mar 02, 2011 8:05 am

Location: Florida

Post Mon Aug 22, 2011 3:48 pm

Re: CISSP/Career Advice Needed

Take 2-3 months


Yes, at least. The test is a bear. If you don't have the FULL time experience required, at least you'll have the ISC2 Associate and that is....well, it's something.  :)
ISC2 Associate, WCNA, CWNA, OSCP, Network+
<<

maxpeck

User avatar

Newbie
Newbie

Posts: 21

Joined: Mon Sep 28, 2009 11:27 am

Post Mon Aug 22, 2011 8:47 pm

Re: CISSP/Career Advice Needed

I'm in a similar situation to the OP. Mid 40's, multiple certs and a good bit of computer experience just not in the domains I want to work in.

I decided to go for the CISSP now because almost every juicy position I see has that same 5 letter certification either required or recommended. I would MUCH rather work on my OSCP or take Joe McCrays Advanced CAST class but the CISSP looks to open more doors for me than almost anything else right now.

To give you perspective on my current study habits - I read a domain in both Kurtz/Vines and Conrads newest 11th hour guide to get a general feel for the topics. Then hit the AIOv5 and OSG2 to fill in the gaps, then take a 250 question quiz on just that domain on cccure to see what I didn't pick up.
So far so good - been doing this since late June for maybe 10-15 hours a week. Its really opened my eyes to what I didn't know existed in the security realm.

I'm going to try and take the test in either October or November depending on how much of my time has to go to projects at work.

BTW - any advice on tweaks to my study habits from you CISSP'ers would be great!
Max
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Mon Aug 22, 2011 8:56 pm

Re: CISSP/Career Advice Needed

max

The only thing I would recommend is making sure that you don't rely on the cccure tests. This may seem obvious, but understand the CONCEPTS behind the questions because none of the practice tests you'll take are like the real exam. Those tests DO help to a certain degree, but by no means the end all be all. The exam requires you to understand concepts for the most part. Of course they sprinkle in some specific/granular stuff just to make you crazy.

I think you're being smart by reading multiple sources and being methodical and diligent. That is a recipe for success.
<<

caissyd

User avatar

Hero Member
Hero Member

Posts: 894

Joined: Thu Dec 31, 2009 11:20 am

Location: Ottawa, Canada

Post Tue Aug 23, 2011 6:45 am

Re: CISSP/Career Advice Needed

cd1zz is right, no practice questions is like the real exam and that is a real shame. I bought practices questions from cccure.org, did the ones that came from Shon Harris book (even bought the extra questions from her), did more on another book and above all, I bought the expensive questions from ISC2! All in all, I did answered about 1600 practice questions from 4 different sources.

I was pissed to see the exam is different. Most questions (about 70%) are in the type: "Which answer is the BEST", "What would you do FIRST", etc. It means more than one answer is correct, you need to find the best one...

The other difference was that in the exam, they will sometime use different wording that you are use to. I think their goal is to see if you can talk to an executive who knows nothing about security and describe concepts in his own words. So for example, expect to see "pre-shared key" or "secret key" instead of "symmetric key". This drove my crazy in the exam...

I'm going to try and take the test in either October or November depending on how much of my time has to go to projects at work.

@maxpeck: Don't forget you cannot take the exam when you want like SANS. Where I leave, they only give it 3 times a year. That's why I did it quickly, I didn't want to wait an extra 6 months to write it...
OSCP, GPEN, GWAPT, GSEC, CEH, CISSP
(aka H1t.M0nk3y)
<<

WCNA

User avatar

Full Member
Full Member

Posts: 187

Joined: Wed Mar 02, 2011 8:05 am

Location: Florida

Post Tue Aug 23, 2011 11:21 am

Re: CISSP/Career Advice Needed

Benefits of becoming a CISSP
http://www.youtube.com/watch?v=8DZkpynFhak
:)
ISC2 Associate, WCNA, CWNA, OSCP, Network+
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Tue Aug 23, 2011 2:44 pm

Re: CISSP/Career Advice Needed

AHAHAHAHAH that is effing awesome.
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Tue Aug 23, 2011 3:22 pm

Re: CISSP/Career Advice Needed

WCNA wrote:Benefits of becoming a CISSP
http://www.youtube.com/watch?v=8DZkpynFhak
:)


LOL!
GSEC, eCPPT, Sec+
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Tue Aug 23, 2011 5:54 pm

Re: CISSP/Career Advice Needed

LOL ++1!  Saw that one the other day!
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

maxpeck

User avatar

Newbie
Newbie

Posts: 21

Joined: Mon Sep 28, 2009 11:27 am

Post Mon Aug 29, 2011 9:00 pm

Re: CISSP/Career Advice Needed

LOL - nice video - funny thing is he looks like my lawn guy :)

Thanks for all the pointers guys! The biggest reason I'm not rushing to get this cert it to make bloody sure I get the concepts as well as I can. I know this isn't a Micro$oft exam...

I have 3 testing areas relatively close so I'm good on the test dates, the one available in November should work out well.

I'm using the various practice tests to help me round out the subject matter more than anything else. Taking the end of chapter test from each book is nice but they ask alot of specifics I know I won't be seeing in the same form on the big 6-hour hell-grind. That's one thing I'm dreading a lot - the LONG sit and sweat. I was uncomfortable when I took the CCNA for that very reason. After almost 3 hours sitting there and I so stressed I would have punched a nun in the face just to end it!  Poor little nun...

Anyhow - thanks again for the help! Back to the joys of telcom...

Max
Max
<<

l33t5h@rk

Post Mon Oct 10, 2011 1:38 pm

Re: CISSP/Career Advice Needed

A little late to the party but I think a couple items are illustrated that sum things up. I have been studying for the CISSP for about a year and the breadth is just unreal. I'd say most people, and this even means full time InfoSec types like us, only deal with 3-4 of the CISSP domains on a monthly basis. Even when you get roped in to random things, you may hit 5 or 6 of the domains. It's a bit odd to think that one exam contains a section on a question on how an s-box works in an encryption algorithm and then the next question is what type of fire prevention methods should be used in scenario A in a datacenter. The key point though as pointed out by cd1zz, if you want a resume booster, I can't think of much better than CISSP.

Return to Career Central

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software