Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
shahrukhyasin
Newcomer I
‎08-05-2019 06:28 AM
‎08-05-2019 06:28 AM

IS CISSP GOOD FOR DATABASE ADMINISTRATORS

Hi Everyone

 

I am an Oracle Database administrator having more than 14 yrs of experience, worked on Oracle Databases, Oracle E-Business Suite, Business Intelligence, Hyperion. I have extensive experience in High availability, Business Continuity Plan / DRP, Identity Management, SSL, Encryption of data, fully involved in software and Hardware assets / licenses / and everything goes with the planning and procuring the hardware and software. Linux / Unix administrator and security of Databases, Applications, and Linux OS, BUT I AM NOT A NETWORK PROFESSIONAL, i do not manage Exchange, networks, routers and switches of our environment but i do know about the basics of all of these. 

 

I am looking for a role as CISO in future and because of this i have started my cyber security journey from CISSP, and i am quite confident that i will clear it and will get the endorsement plus the certification from ISC2 because i can easily fall in any two domains of the course

 

My only concern is, the job roles that i can see in the market for security specialist are for those who have extensive networking background, like Firewall(Palo Alto), Network Traffic monitoring, identify rogue packets, patch update, antivirus alerts etc, these jobs are mainly for SOC and security analyst

 

My question to all the experts here is

 

Is this a right certification for me? Do i need to go to the network management if i chose this field?

 

It will be great if i can get some suggestions / answers / advice

 

Thank You

 

Regards

Shahrukh

Reply
0 Kudos
4 Replies
Steve-Wilme
Advocate II
‎08-05-2019 08:11 AM
‎08-05-2019 08:11 AM

No you're good with your background.  There is some networking related material in the CISSP but it isn't at the level of detail you'd find in a CCNA for example, so a lack of networking experience isn't an issue.  There are many paths into InfoSec.  Also a number of the jobs you've seen may actually be network/firewall admins (the IT security end of the spectrum) or SOC positions.  It's broader fields than that.

 

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS
Reply
0 Kudos
shahrukhyasin
Newcomer I
‎08-05-2019 08:20 AM
‎08-05-2019 08:20 AM

Hi Steve

Thank you for the reply. You are correct that these jobs are mainly for Network background. I am preparing for my CISSP exam, hopefully i can clear it our by oct-19

thanks
regards
shahrukh
Reply
0 Kudos
CraginS
Defender I
‎08-05-2019 09:38 AM
‎08-05-2019 09:38 AM

@shahrukhyasin  Sharhukh asked 'As a high experience Oracle DBA, do I need a CISSP?'

 

@Steve-Wilme wrote:

No you're good with your background.  ...

And both noted that most job adverts stating a CISSP requirement seem to be in the network management arena.

 

I must respectfully but vociferously disagree with Steve's advice on this one (rare; I usually agree with Steve's analysis and advice). The CISSP is high value for anyone with infosec responsibilities, without regard to the type or level of technology they may encounter in their jobs. Specifically for senior DBA's, please note that EVERY MAJOR DATA BREACH has been the breach of databases, not simply network breaches. Also, compliance with privacy laws, whether or not including GDPR, are paramount to setting access control protocols and data classification, encryption, and exfil limitations on databases. DBAs should be very aware of all of these aspects. 

 

As noted in another recent thread, the CISSP is a management certification, not a technical certification . Awareness of the breadth of infosec responsibilities, as shown by familiarity with all of the CISSP CBK domains, enables managers to determine what infosec aspects of their jobs they are already smart in, need to become smart, or need to hire smart. I can think of no specialty this applies to more thn DBAs. 

 

 

Just because HR weenies have not yet begun using the CISSP as an artificial filter for job applicants does not mean you should not bother learning and earning the CISSP to be est at your job.

 

Best regards,

 

 

 

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts
Reply
0 Kudos
shahrukhyasin
Newcomer I
‎08-06-2019 01:13 AM
‎08-06-2019 01:13 AM

Dear Cragin

Thank you so much for you detail explanation, i am more confident then ever that this is the right field for me. I am preparing this certification and i am hopeful that i will clear it in Oct-19
I want to clarify the question again...the original question i had asked was related to the jobs that were posted in sites for CISSPs which you and Steve has answered and i am already studying the CISSP, secondly, steve was referring to my DBA background that i do not need to worry about the background and continue the CISSP certification...

But thank you so much for the reply

regards
shahrukh
Reply
0 Kudos