cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
CraginS
Defender I

Listing Credentials on LinkedIn & Resumes

In a recent and very active thread over in Certifications, guarantee my life for cissp, Community members advised a novice in our field to remove the word CISSP from his LinkedIn profile, where he was actually showing completion of courses to study for the CISSP exam, but listing under the Certifications section of the profile, appearing to be claiming he held the CISSP. The advice was well placed, addressing both ethics and copyright aspects of appearing to claim CISSP without actually being certified.

 

To the original poster's credit, he understood and took the advice, changing his profile accordingly.

 

This note in the Career area is to point out broader advice on how to keep your LinkedIn profile and resumes as ethically sound and not subject to accusations of false claims.

 

Consider all forms of professional credentials commonly found on resumes: academic degrees, certifications, certificates (they are not the same), professional society memberships, awards & decorations, etc.

 

  • In every case, be sure the way you present your information does not give the impression of a claim you cannot support.
  • As in the above example, don't list a course you took such that it appears you are claiming a degree or credential you have not actually attained.  
  • Don't list courses you are planning to take but have not yet completed.
  • Don't list a degree you are currently pursuing such that it appears you are claiming (to a rapid reader) you actually have that degree. 

LinkedIn is a particular problem for current academic work and degrees. The form used for degree allows in-progress posting using the two date fields. However, using that form with simply the degree (e.g. MS, MA. PhD, etc.) makes it appear to claim the degree as completed, unless the reader carefully inspects all the details. I have observed a significant number of INFOSEC practitioners on LinkedIn who have made this error. I cannot tell if these errors were inadvertent of intentionally misleading, but in either case, they are a problem. If you want to show meaningful progress toward a degree, do so in an area other than the Degrees area. Also, list only courses successfully completed, not the complete degree plan you have in mind. I have seen that very misleading situation on LinkedIn, also. 

 

Next, never, ever, list degrees "awarded" by diploma mills or any school in the USA not accredited by one of the participating accrediting associations listed at CHEA.org. If you are not familiar with the existence of both diploma mills and their accompanying "accreditation mills" see the articles linked at this CHEA page.

 

The above advice is particularly important if you are seeking endorsement to (ISC)2 for certification after passing an exam. Most of us who are willing to endorse applicants really do review and confirm the key information on the resume we receive. A coworker in my company I did not know personally once asked me to endorse him for CISSP after passing the exam. His resume listed a degree from a school I had never hear of, one that was not listed in his official HR records. When I asked him for more information on the school he went mysteriously silent. I later confirmed the school as a clear fraudulent diploma mill. 

 

Good luck on your professional development and your job searches and career progress. Keep the ethical standards of (ISC)2 certifications in mind as you progress.

 

 

 

 

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts
27 Replies
Markonweb
Newcomer II

Thanks Bill. Yes, I have a picture of the stack of the documents... it was intimidating to say the least. I took an incremental approach where I studied for the CAP to get the NIST RMF and the core NIST docs and FIPS off the table. Then I studied for FITSI's (federal IT security institute) FITSP-Manager and FITSP-Auditor exams. These further chipped away at OMB circulars, memoranda etc. That left me with 3 of the 4 domains to focus on for the ISSEP. Susan Hansche's 2005 brilliantly detailed tome still has a lot of value. Especially the section that explains the ISSE activities and the IATF. I paid out of pocket for the official training just because I wanted the 'updated' ISC2 material. Kate Jackson did a fantastic job delivering the content over several weeks to remote attendees. 

If anyone is thinking about taking the ISSEP, I would wait until ISC2 puts out the updated version in September 2018. It is my understanding it will be less DoD/IC-centric and more focused on alignment with Systems Engineering out of NIST SP 800-160, the INCOSE body of knowledge, and ISO/IEC/IEEE 15288.  According to https://www.isc2.org/Certifications/CISSP-ISSEP/Domain-Refresh-FAQ , there are other changes planned for this concentration. 


Best, Mark
CISSP-ISSAP ISSEP ISSMP CAP CCSP CSSLP HCISPP SSCP CCISO CISM CRISC CISA FITSP-M FITSP-A FIP CIPP/G CIPP/US CIPM CIPT SCF CCSK ITIL-F Cloud+ Security+ AWS-SAA
Baechle
Advocate I


@billclancy wrote:
Kudos to you guys for wading through all that and passing the test!

Thanks, but I didn't study.  It just actually was my job for several years before I sat for the test.  Man Indifferent

Knarfster
Viewer III

What is the groups opinion on listing Certifications after your name? How many is too many? I could list CPA, CISSP, CISA, CISM, CIA and I work in the InfoSec, Risk and Compliance field.
Markonweb
Newcomer II

It really depends on how you feel about it. Given the field you're in, your CPA designation (for sure) and the balance of your certifications are relevant. I've collected a bunch and added the string of alphabet soup to my business card. It has been an icebreaker on many occasions that ended in the other person and me laughing. "I had a federal contract recompete in 2014 that required a CISSP... I got a little carried away"

You worked hard for your designation and your certs. Sure, having a certification doesn't mean you're an expert but it does demonstrate you had a desire to benchmark your knowledge against against a standard recognized in your industry. 


Best, Mark
CISSP-ISSAP ISSEP ISSMP CAP CCSP CSSLP HCISPP SSCP CCISO CISM CRISC CISA FITSP-M FITSP-A FIP CIPP/G CIPP/US CIPM CIPT SCF CCSK ITIL-F Cloud+ Security+ AWS-SAA
rslade
Influencer II

> Knarfster (Viewer) posted a new reply in Career on 10-10-2018 07:37 PM in the

> What is the groups opinion on listing Certifications after your name? How many
> is too many? I could list CPA, CISSP, CISA, CISM, CIA and I work in the InfoSec,
> Risk and Compliance.

There's another discussion/topic/thread that covered this at length:
https://community.isc2.org/t5/Career/Listing-Certifications-and-Degrees-in-
Signature-Blocks-or/m-p/9820

1) This probably isn't the place to get jobs, and nobody else is impressed.

2) Us real old dinosaurs are particularly unimpressed. We tend to figure out pretty
fast what you know (from what you say), and, knowing the convoluted paths that
*we* took to get here, we know it's mostly a matter of accident how you got here.
(If you got here.)

3) There's always the danger that a cert is going to trigger people the wrong way.
(Not the way you intended.) For example, I know a great many people who, if
they saw an MCSE on a resume, automatically round-filed it.

4) And then, a lot of people think that a string of certs after your name is
overcompensation (and start wondering what for ...)

 

Why not ask Daniel?

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
Ah, this is obviously some strange use of the word `safe' that I
wasn't previously aware of.
Arthur Dent in `The Hitchhiker's Guide to the Galaxy', Douglas Adams
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Knarfster
Viewer III

I am new to the community forum, and given the title of the original post I figured this was an appropriate place to ask this question.
Markonweb
Newcomer II

Knarfster, welcome to the forum and yes, it is an appropriate question (especially for a board hosted by a certification organization). I want to thank Rslade for the two links in his post. It certainly shows the wide range of opinions on listing certs and is important insight into the culture of this particular board. Given the amount of time it takes to study for most certifications, anyone who is using it to establish they are an expert is setting themselves up for a backlash.

Listing certifications somewhere on your linkedin profile will probably get you more profile views and inmail job offers (mine certainly did vs before I picked up my first cert in 2014). Interacting with your network (on and offline) is what will help you establish valuable lasting connections. Some people at my workplace and in my network have commented on how I inspired them to study for a cert. I don't really see the downside there. 

Certs in my experience, are simply gamification of learning and, like the geek code of the early 90's, it tells people a little bit about things you've focused on when you hit the books after a full day or work. 

I was excited to see another member who has at least dipped a toe in the SABSA world. I've seen heated exchanges on linkedin in the education vs experience vs certification arguments... I don't really understand the vitriol (or the vs). Enjoy Star Trek and Star Wars. Seriously, while people shouldn't brag about certs or claim expertise that certs do not support, I'll choose a lifelong learner who is passionate about the domain given the choice between two similar candidates. 


Best, Mark
CISSP-ISSAP ISSEP ISSMP CAP CCSP CSSLP HCISPP SSCP CCISO CISM CRISC CISA FITSP-M FITSP-A FIP CIPP/G CIPP/US CIPM CIPT SCF CCSK ITIL-F Cloud+ Security+ AWS-SAA
j_M007
Community Champion

Hi Knarfster,

 

Curmudgeons like Rob, I and others often reply "tongue in cheek" in our attempt at humor (or humour in Rob's case - 😉 )

 

The only questions that may tend to be inappropriate are the questions no one asks -- even if a question has been asked or answered, there is often a new take on it.

 

Besides, we curmudgeons are now old Dotards! It helps us immensely to answer such questions so we can remember the answers or invent new answers as the case may be.

 

Congratulations on your achievements, and best wishes on your continued successes.