Getting my Security Certs

freddy91761 · ‎12-04-2019

I got my Security+ in April and I would love to get my next security cert. I would like to focus on cloud security. I would like to know should I go for my CISSP or CCSP or SSCP.

Cyberconstlearn · ‎12-04-2019

Do you have the experience to get the CISSP? If so that first as it’s the biggest hurdle, followed by ccsp (CISSP in good standing counts for all experience requirements for CCSP as well). At least that is my track...as soon as my CISSP gets through doing it’s thing.

freddy91761 · ‎12-04-2019

I do have over 20 years of experience in different areas. If for some reason, they do not accept all the experience will the associate of isc2 be good enough?

Cyberconstlearn · ‎12-04-2019

If you have 20 years you’re good I’d imagine. If not yeah in most cases (depends especially if it’s DoD related) associate of counts the same. Again with 20 years of experience I’d be surprised if it didn’t count.

Kaity · ‎12-05-2019

Hello! The CISSP requires at least five years of experience related to the domains of the certifications, so sounds like you'll be just fine! We also waive one year of experience for a degree in a related field, or for holding the Security+ certification (among others - but you can only use that "waive" for one year).

Good luck in your preparation!

CISOScott · ‎12-05-2019

Just a friendly reminder, getting certs is one thing, but gaining experience is also important. In my years as a hiring official I have seen plenty of "cert warriors". People who were good at taking tests but lacked real world experience. I'm not saying do not continue your pursuit of certs, just don't only pursue certs. If you have some experience with cloud then CCSP would be good to go for after Security+.

My path was Network+, Security+, CISSP, CEH (because I liked hacking), ITIL (because it was free) and now CCSP (because I am performing more and venturing more into cloud work). I was also working in the IT field the whole time and volunteering for any security work my bosses would let me do or that I could convince them was going undone.

freddy91761 · ‎12-05-2019

I agree that gaining the experience is very important. I will follow this path: SSCP, CISSP, CCSP, maybe pentest+

Thanks for your reply.

nkeaton · ‎03-05-2020

I saw your question in our member magazine. I mentor a lot of people and have some thoughts to share with you. (ISC)2 certifications carry much more recognition in the career world. I have both kinds, (ISC)2 and CompTIA. You did not list your documentable work experience; so if you do not have a lot, I would focus on the SSCP. With both the CISSP and CCSP, you need a lot more experience than with the SSCP. You can get an Associate, but I have seen people have issues getting the amount of experience needed in the allotted amount of time. Since you mention the CCSP, you might want to step back and consider the Cloud+. As you know, CompTIA certifications do not require any documentable work experience. I have held one of those since 2013 (from the original beta test invitation), and it is a good start in cloud computing and was just added to the list for DoD 8570.01-M. I do think more highly of the CCSP and am studying for that, but it sounds like you are getting certified in the beginning stages. (ISC)2 and CompTIA testing and requirements are different from each other. I mentor a lot of people; so you are more than welcome to reach out to me.