SAP security background = CCSP prerequisiste work experience for endorsement ?
I have been a SAP Technical administrator for over 23 years, I have been working for several IT companies, in France, UK, Canada. I am now seriously considering the CSSP certification, but I am concerned that my work experience would ''not count'' for the endorsement by (ISC)2 .
As a sap technical analyst, I have been not only involved in managing the SAP technical infrastructure but also in securing it:
Implementing and managing SAP Identity MAnagement tools
Defining and granting the technical and business roles
Generate access review documents for internal and external audit
Maintain SAP security policies and documentation
Defining and implementing SSO policies
I have wo SAP security certifications.
Now that SAP is moving from a On-Premises model, to an IaaS model to a Saas model, I have been more involved over the past 5 years in Securing SAP Landscapes in the Cloud, so I also hold the AWS security and Microsoft Certified: Identity and Access Administrator Associate.
I do not know any CSSP consultant, so I could potentially only be endorsed by (ISC)2.
So what do you think ? Any hope of endoresement by (ISC)2 ?
Sit down and map and document your experience to the domains for CCSP, starting with the latest a year first. You need to be able to satisfy the requirements for part time experience to count what you have done so you’ll need to do some accounting. You might find that in given month it changes as to whether you feel you can count it in or not, however a really large portion of IT is security work. You should join a local chapter and try to find a CCSP to mentor you on this. Frankly with over twenty years of experience certifications are probably less important to you now unless you have a specific goal that needs CCSP. You might consider CC, SSCP, CCSK, Security+ , Cloud+ etc as well as just going as an associate till you meet the requirement.
Alternatively, take a security focused role, and accrue the experience in this way.