It's been 4 months now since I passed the CISSP, "provisionally".
I've been rather "lazy" these past few months and put off doing anything about the CPE requirement because I was dead-sure I'd find an employment opportunity within a month of passing the CISSP.
Unfortunately, and as most would agree, life isn't always according to plan. It's been 4 months now and I'm still unemployed. Time is ticking and I'm finding that perhaps I will need to maintain this Associate designation after all.
Here's the problem:
Associate of (ISC)² working toward CISSP
The Associate of (ISC)² working toward CISSP designation can be maintained for up to 6 years while obtaining the required 5 years of direct full-time work experience in 2 or more of the 8 domains of (ISC)² CISSP CBK®. Candidates may receive a one year experience waiver with a four-year college degree or regional equivalent, OR an approved credential from the (ISC)² approved list.
The above states that I can get the 6-year grace-period watered down to 5 years if I have a degree---which I did obtain only 2 months prior to passing the CISSP.
The follow-up question would then be: does the fact that I have a degree still allow me to only need 5 years of direct experience or was I supposed to obtain the degree after having taken the CISSP exam?
Assuming that I now only need 5 years to obtain experience with a total of 6 years to get it:
Can I simply take 3 MindEdge courses to obtain my CPE requirement of 15 for the year or is there a limit?
Put simply, I don't have access to research groups, the funds to travel for events, or much budget at the moment. These online self-paced courses seem like the most reliable and cut-throat way to obtain what I'm looking for but I'm worried they'll call for something I can't do.
The way I see it, if I only need 5 years experience, I technically still have a year since I passed the exam to at least find a job and maintain my CPE credits.
Does that logic make sense or is that not how it works?
I'd rather not waste money on a lost cause at this point. I already paid ~$800 out of pocket for this one exam.
I would recommend getting your CPE credits as you can. Look and see if there is a local (ISC)2 or ISSA chapter in your area and attend their monthly meetings. This is normally good for 1-2 hours of CPEs. It also has the added benefit of networking with folks in your area that may know of opportunities.
You can also login to the member area of the website and read the bi-monthly InfoSecurity Professional magazine and then take the quiz and you will get 2 CPEs per quiz that is passed.
Another resource in the member area https://www.isc2.org/Member-Resources/CPE-Opportunities has a listing of on-line as well as live events. A lot of the events are free and provide an easy way to maintain your CPEs.
The last thing in regards to your degree, it actually reduces the number of years that are required for the certification down to 4. I am not sure if that means you have 6 years to get 4 years of experience but I would bet that is the case. I would reach out to Member support at membersupport@isc2.org.
Do you have a background in IT, or new to IT and security?
Before paying for any classes strictly to get CPE credit, look at that link I sent to you. There are plenty of free resources to get CPE credits, I don't think I have ever paid for any of mine unless it was related to conference travel costs or an additional certification.
Just reading the magazine and doing the quizzes will net you ~12 CPEs a year, and you can read back issues and take the quizzes on those as well for CPEs.
Here is the link for the local chapter locator: https://www.isc2.org/chapters/chapter-directory. Not sure where you are located, but the local chapters are a great resource for continuing ed, CPEs, networking, and getting involved with the local IT Security community. I know almost every meeting I went to at least one person mentioned knowing of an opening in the area.
Another place to look to get experience, although it won't help pay the bills, is volunteering with local charities and non-profits to assist with their IT needs. It is another great way to start getting experience and to network.