cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Coldspring84
Newcomer I

After SSCP should I try the CCSP or go diretly for CISSP?

Hi!

 

I am holding an SSCP certification and my plan was originally to try the CISSP next.  My idea was to took the SSCP as a "warm-up" then after 1-2 years go for CISSP. But currently I am working on a long-term project at my company which heavily cloud computing related, so I think maybe the CCSP would fit perfectly to this career path...

 

I do not have the the 5 time full time security experience for CISSP: only 2 years full-time security engineer + 4 as system administrator / level 2 IT help desk. As far as know my current experience would be enough otherwise for the CCSP...

 

What do you think? Should I have to go for the CISSP or based on the fact currently I am working within a SaaS project should I have to take the CCSP first?

 

Furthermore according to you how long does it take to prepare for the CCSP after just few months of a successful SSCP exam? Maybe 1-3 hours of studying for 2-3 months or even less could be enough, because there are a lots of similarities in the topics as I just checked the CCSP CBK. 

 

CISSP, SSCP, ISO27K LA
4 Replies
AlecTrevelyan
Community Champion

The CCSP still requires 5 years of experience, at least 1 of which must be cloud focused, so you might not meet the requirements yet.

 

However, someone holding the CISSP can waive all of the CCSP experience although this should no longer be the case in my opinion.

 

You probably have more security experience than you think if you've been working as a sys admin / helpdesk for 4+ years, with 2 years as a security engineer. Throw in a 1-year waiver for your SSCP and you might well already meet the CISSP requirements, which if you do qualify as a CISSP instantly means you can qualify as a CCSP.

 

Check out the exam outlines for both the CISSP and CCSP, review the tasks/subtasks in each domain, and think back if your previous experience involved any of those tasks/subtasks. This will help you gauge your experience level and help you identify any knowledge gaps which you'll need to concentrate on during your studies.

 

I can't comment on how long it will take to prepare for either exam - that entirely depends on your current level of knowledge and how fast you can learn what you don't know already.

 

Good luck!

 

Coldspring84
Newcomer I

Thank you for the quick and precise answer.

 

I have tried to read after how the waiver system works because above the SSCP certification I am currently writing my thesis for MSc. in Information Security and Safety Engineering. Do they accept his also as and additional 1 year waiver or the 1 year is the maximum that I could “jump through”  ?

 

To be honest I am a bit scared of CISSP because my former manager has failed in the exam 3 times in row despite the fact he was an IT security manager for more than 10 years…However I did not find the SSCP too difficult, and when I studied for it I used a lot of CISSP materials (Udemy and Linkedin Learning courses, and even the CISSP all in one guide by Simon Harris).  As the matter of fact the CISSP domains doesn`t seem to be as hard for me as I thought for the first time, but the share fact that I personally know someone who failed multiple times it is a bit frightening.

 

CISSP, SSCP, ISO27K LA
Craftyfellow
Newcomer II

The simple answer is to go for the one most in line with both your personal and professional goals. Beyond that, decide which one is most likely to have an immediate impact on your day-to-day job.

AlecTrevelyan
Community Champion


@Coldspring84 wrote:

Thank you for the quick and precise answer.

 

I have tried to read after how the waiver system works because above the SSCP certification I am currently writing my thesis for MSc. in Information Security and Safety Engineering. Do they accept his also as and additional 1 year waiver or the 1 year is the maximum that I could “jump through”  ?

 

To be honest I am a bit scared of CISSP because my former manager has failed in the exam 3 times in row despite the fact he was an IT security manager for more than 10 years…However I did not find the SSCP too difficult, and when I studied for it I used a lot of CISSP materials (Udemy and Linkedin Learning courses, and even the CISSP all in one guide by Simon Harris).  As the matter of fact the CISSP domains doesn`t seem to be as hard for me as I thought for the first time, but the share fact that I personally know someone who failed multiple times it is a bit frightening.

 


You can only waive a total of 1 year, so you would use either your SSCP or an appropriate degree - typically a bachelor's degree would be used, as there are some strange restrictions on the master's degrees that are accepted.

 

Don't be scared of any ISC2 test. As long as you prepare properly and keep your head on the day they are all passable. I would just say, don't underestimate the CCSP, it's made a monkey out of many people - including many existing CISSP holders.