Hi, I began my career in Financial Services as an IT auditor before moving to Information Security (IS) as a CISO. 10 years ago I switched to a software development contractor, first as an engineer and later on as a Scrummaster and Project/Programme manager.
I would now like to return to IS, however I'm finding it hard to make that career change without some kind of recent track record. So I am thinking of taking the CISSP to demonstrate to potential employers that I still have what it takes.
My question: For the CISSP certification, does the requirement for five years paid work in two out of the eight domains have to be the last five years or can I use the CISO experience gained before I switched to software engineering, recognising that this was more than 10 years ago.
There is no text that says the experience has to have been acquired within any time frame, so assuming you have the contact information and all that, required to show said experience is truth and factual, you should be good to go.