topic Re: Inquiry About Job History Requirements for CISSP Credential in Exams

Inquiry About Job History Requirements for CISSP Credential

Alparsalan — Sun, 25 Jan 2026 16:40:47 GMT

Hi everyone,

Good morning!

I have been with the same company since 2003 and have recently passed the CISSP certification. Throughout my career here, I’ve held various roles, and I am currently the Security Team Leader, a position I’ve held since 2016. Previously, I served as the Network Team Leader.

In my current role, I focus on Domain 1 of the CISSP framework, while in my previous position, I focused on Domain 4.

I have a question regarding the job history requirements for the CISSP credential:

Do I need to create a separate job history record for each role I’ve held within the same company to meet the work experience requirements?
Is a single job experience letter sufficient to cover both roles, or do I need to request two separate letters from my HR department?

I appreciate any guidance or insights you can provide!

Thank you!

Alparsalan Khan

Re: Inquiry About Job History Requirements for CISSP Credential

nkeaton — Sun, 25 Jan 2026 17:31:14 GMT

@Alparsalan What I always suggest to do is to print off the exam objectives (outline). Note your experience next to each. Then you can write your experience up from there and will find that you probably have more experience than you are thinking and can it up from there with more confidence. I wouldn’t break it down by domain or job role. I have a few ISC2 certifications and have done it that way. Of course everyone will do it their own way. I just type mine in, but others provide an attachment(s). Some follow strict resume format. The fact that you are asking probably means that you are thinking and will be fine.

Also congratulations.

Re: Inquiry About Job History Requirements for CISSP Credential

Alparsalan — Sun, 25 Jan 2026 17:50:38 GMT

@nkeaton ,

Good Morning!

Thank you, and thank you for your suggestion! I will definitely consider printing off the exam objectives and noting my experiences next to each to provide a comprehensive overview for my application.

Is it acceptable to mention more than two domains in the endorsement process? I have experience in additional domains as well. I have a query below and would appreciate your advice:

I have a CISSP endorser supporting my application, and I would like to know what documents are required to upload along with my resume. Is the resume sufficient, or do I need to include additional documents, such as proof of employment (experience letter)?

Additionally, here’s some context regarding my experience: I have been with the same company since 2003 and recently passed my CISSP certification. Throughout my career here, I’ve held various roles. I am currently the Security Team Leader, a position I’ve held since 2016, and I previously served as the

Network Team Leader.

In my current role, I focus on Domain 1 of the CISSP framework, while in my previous position, I focused on Domain 4.

Do I need to create a separate job history record for each role I’ve held within the same company to meet the work experience requirements for the CISSP credential?

Is a single job experience letter sufficient to cover both roles, or do I need to request two separate letters from my HR department?

Thank you!

Re: Inquiry About Job History Requirements for CISSP Credential

nkeaton — Sun, 25 Jan 2026 18:28:24 GMT

@Alparsalan I would definitely include anything related to major duties. That could certainly be more than 2 domains. I never include a separate document. I type my experience directly into the endorsement which I take from my exam objectives notes. I encourage people to do that analysis as a first step to insure that they have the required experience going in. If your endorser works with you, they will have the best idea of your experience. Others may need more detail. I have the people that I endorse send it to me in an E-mail first in case I see any weaknesses and can talk with them before submission. Then when I get the notification, it is easier to go through. If they have endorsed others, they know how this works.

Re: Inquiry About Job History Requirements for CISSP Credential

dcontesti — Mon, 26 Jan 2026 03:09:35 GMT

Your questions are best answered by someone on the management team as they know exactly what they want to see.

Try reaching out to Examadministration@isc2.org

Re: Inquiry About Job History Requirements for CISSP Credential

Alparsalan — Mon, 26 Jan 2026 10:33:42 GMT

Thank you!

Re: Inquiry About Job History Requirements for CISSP Credential

Alparsalan — Mon, 26 Jan 2026 14:35:59 GMT

Thank you!

Re: Inquiry About Job History Requirements for CISSP Credential

emb021 — Tue, 27 Jan 2026 14:54:03 GMT

@Alparsalan what I did and what I recommend is to provide an edited version of your resume, noting what domains you did in each role, going back a sufficient amount of time.

Keep in mind that while at job X it may have mainly been part of a specific domain, you may realize that the work ALSO falls into other domains.

Also having someone who knows you and your work who can endorse you who is also an ISC2 member is important.

Re: Inquiry About Job History Requirements for CISSP Credential

Alparsalan — Tue, 27 Jan 2026 15:54:26 GMT

Thank you for the advice!

Re: Inquiry About Job History Requirements for CISSP Credential

nkeaton — Tue, 27 Jan 2026 16:07:32 GMT

@emb01 Definitely an ISC2 member in good standing is important and makes it much easier. I did run across something really weird helping someone. He finally passed his CISSP on his 5th try. I met him after his 3rd fail. I really admired his spirit but was not sure if he could master it. Someone at his work told him that would endorse him. He kept getting an error on submission (not sure exactly what now). I gave him the link to check members. He gave me a screenshot. The person was not only just an Associate of ISC2 but also had been for 5 years (can only carry for 6). I did explain the seriousness of this misrepresentation as a CISSP. What he gave me did not include the name or member number or would’ve turned them in to ISC2 I have a definite issue with Associates of ISC2 misrepresenting themselves as CISSPs. I am told is very common on LinkedIn. One bragged in these forums and said passed with no experience. He included his LinkedIn where he also claimed to be a CISSP. I looked at it and was another Associate of ISC2. I gave ISC2 the information as part of our code of ethics.

Re: Inquiry About Job History Requirements for CISSP Credential

nkeaton — Tue, 27 Jan 2026 16:25:11 GMT

@Alparsalan I saw your question on social media as well. I did not repeat what I put here. It is nice that you are being thorough. I had reached out to ISC2 several years ago because I was interested in taking the HCISPP because I am not in healthcare but have a task that relates somewhat to PHI. I outlined my thoughts. I was told that they cannot decide that for me. I decided to pursue other certifications instead. Apparently it was a good choice since ISC2 decided to drop the certification. With my local CS chapters and other CS work, I know a lot of people in some aspect of healthcare and was very interested in knowing more. I do have the CBK and plan to read it at some point. I understand that it wasn’t necessarily profitable, but I thought was a great bridge for those in healthcare that wanted to understand it better or wanted to transition. If I can help you, I will. I have had to fill out for ISC2 endorsement 5 times (2 did not require endorsement at the time). Although audits are supposed to be random, I have never been subject to one. I did have someone that I endorsed come up for audit on his SSCP. Unlike me he submits it as an attachment in resume style. He definitely had the experience. About a month later he took his CISSP and passed. I endorsed him for that and was exactly the same resume submission. It passed no problem that time. Hope that all goes smoothly for you.

Re: Inquiry About Job History Requirements for CISSP Credential

emb021 — Tue, 27 Jan 2026 20:21:44 GMT

@nkeaton Yeah, that's a problem. I've had to point out to many people that its "Associate of ISC2", NOT "Associate CISSP" or the like, and to be VERY carefully not to give the misimpression they have the CISSP, such as saying that passed the test to give the impression they have the cert.

Yes, other cert orgs have associate level for specific certs, but NOT ISC2.

Re: Inquiry About Job History Requirements for CISSP Credential

nkeaton — Tue, 27 Jan 2026 21:08:39 GMT

@emb021 I have had to explain too many times that an Associate of ISC2 is only a membership and not a certification. You are so correct in the permutations that they will use on LinkedIn and other places to misrepresent themselves. The example of the endorser offer is so very blatant. I almost prefer what ISACA or PMI does. As you know ISACA will not even allow submission of the application until have the required experience. PMI makes a person prove the experience up front before gives permission to sit for the exam. Neither brings in as much money for those methods but is definitely a bit insulting to those of us who actually earned certification.

Re: Inquiry About Job History Requirements for CISSP Credential

emb021 — Tue, 03 Feb 2026 19:50:31 GMT

@nkeaton" "Associate of ISC2" is a membership, not a certification."

That's a better way of explaining it. I'll have to remember that.

Am well aware of both ISACA and PMI's methods. PMI also allows for an associate level for PMP, but I think you still have to have some experience. At least with PMI, once you pass you got the cert automatically, but that's because you submitted everything before. ISACA allows you get the experience 5-6 years after passing.

But I'm bothered by ISACA rolling out more certs of late. We already got 3 AI related ones from them just in the last few months.... (and I'm an ISACA member)

Re: Inquiry About Job History Requirements for CISSP Credential

DJExamTeam — Tue, 03 Feb 2026 19:07:49 GMT

Thank you for contacting the ISC2 Community Board.

learn more about CISSP experience requirements, your experience requirement is reviewed after you've passed your exam, and at time of endorsement, should you not have enough experience you would become an Associate of ISC2 https://www.isc2.org/certifications/associate

Re: Inquiry About Job History Requirements for CISSP Credential

nkeaton — Tue, 03 Feb 2026 20:06:02 GMT

@emb021 It does change peoples’ perspectives when realize that it is just a membership, well, except those misrepresenting themselves. I help our folks on earning their PMPs (I work better in chaos apparently but respect project management) but was not aware of an option. I tell people that ask me that the CAPM is a good choice without the experience requirement. I can help them get certified but is definitely not my gig and not even on my long list. I am sure someone without experience would get frustrated with ISACA waiting to put in that application. Unfortunately the way that ISC2 does it, many more misrepresent themselves. I am grateful with the CC that it with the SSCP give a good path to the CISSP.

Re: Inquiry About Job History Requirements for CISSP Credential

DJExamTeam — Tue, 10 Feb 2026 13:25:32 GMT

Thank you for contacting the ISC2 Community Board.

I've provided link to work experience requirments

https://www.isc2.org/certifications/cissp/cissp-experience-requirements

A candidate who doesn't have the required experience to become a CISSP may become an Associate of ISC2 by successfully passing the CISSP examination. The Associate of ISC2 will then have six years to earn the five years required experience.

Work Experience

Your work experience must fall within two or more of the eight domains of the ISC2 CISSP Exam Outline:

Domain 1. Security and Risk Management
Domain 2. Asset Security
Domain 3. Security Architecture and Engineering
Domain 4. Communication and Network Security
Domain 5. Identity and Access Management (IAM)
Domain 6. Security Assessment and Testing
Domain 7. Security Operations
Domain 8. Software Development Security

Full-Time Experience: Your work experience is accrued monthly. Thus, you must have worked a minimum of 35 hours/week for four weeks in order to accrue one month of work experience.

Part-Time Experience: Your part-time experience cannot be less than 20 hours a week and no more than 34 hours a week.

1040 hours of part-time = 6 months of full time experience
2080 hours of part-time = 12 months of full time experience

Internship: Paid or unpaid internship is acceptable. You will need documentation on company/organization letterhead confirming your position as an intern. If you are interning at a school, the document can be on the registrar's stationery.