cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 
Contributor II

What was your favorite/most valuable cert?

So, this is a multi-part question.  For those with multiple (ISC)2 certs, which one do you think you got the most out of (either in terms of career advancement, applicability of material, general interest, whatever).  For those who have certifications from other sources (GIAC, ISACA, CompTIA, etc.), which one was the best for you (same general criteria).

 

Personally, I think I liked the CSSLP more than the CISSP. It's had the most direct applicability to my career and the things that I do. I had intended to get it before CISSP, but did the CISSP first because my employer wanted me to get it and paid for training (via SANS). In that same vein (engineering, secure development, validation, etc.), I am registered to take the ISSEP concentration for CISSP in May.

 

The only other active cert that I have outside of (ISC)2 right now is the GIAC Certified Incident Handler. I thought the SANS SEC504 (Hacker Tools, Techniques, Exploits and Incident Handling) was great. When I got the training, I was in an DFIR role. In my current position which is largely focused on efficacy testing of security products, I still use a lot of what I learned there.

 

Years ago I did Cisco Certified Network Associate (CCNA). That's long since expired, and while I may not be up to speed on what buttons to push on Cisco gear, the networking fundamentals that I drilled on doing that have been helpful at every step along the way.

-- wdf//CISSP, CSSLP
3 Replies
Community Champion

Re: What was your favorite/most valuable cert?

I have much fondness for my venerable (and no longer valid) MCSE 2003: Security. I took CompTIA Security+ as an elective and, helped put plenty of food on the table as I transitioned into Civvie  Strasse. I think it got a bad rep for paper milling, but in terms of looking after a Windows network, what all the bits were for and how to use them the official course, labs and the study guide were really quite good, and the number of exams certainly tested stamina and mental agility. Other vendor land honorable mentions would be the Secure Computing Sidewinder G2 certification - real-world exam, make me a working config was ace - the first thing you had to do was config everything, and the PGP Certified Technical was fun as it was digitally signed(maybe by Phil Z, I'd have to dig it out) .

 

Personally, I don't think of Certs themselves as loadbearing, more like a membership due to a certain club(a bit like standing in a vat of custard while reciting the pledge of eternal loyalty). However, all things being equal you could state that CISSP is probably the most generally applicable/bankable, but as an information protection specialist in this the year of GDPR the CIPP/E I hold from IAPP would probably trump it as most valuable if I cared to look for a new job.

 

I'm going to go for the CSSLP this year for some of the reasons you outlined, and our interactions on the forum - it fits my current experience/role well. It's also highly topical and it's a bit more interesting.

 

 

Community Champion

Re: What was your favorite/most valuable cert?

Favorite had to be CEH but that was because of who was doing the training. The instructor basically said study the books at night for the test, we are going to do actual hacking all week. So we did do some test prep during the week, but it was more of a hands on type of hacking experience. I learned some very critical skills that week and had lots of fun while learning. I did let my CEH lapse due to the difficulty with their CPE system. Kudos to ISC2 for having a very good and easy to use CPE system.

Most valuable would have to be the CISSP. I once landed a CIO position just because of it. Well I had the requisite experience and great interview, but I was not the desired candidate. The desired candidate did not have the CISSP. Since they had already collected job candidates and the job posting said the CISSP was a requirement, they went with me instead of cancelling the job and then reposting it without the CISSP requirement to get the other candidate. It amazed me that the desired candidate (a CIO in a different location) did not want to pursue it. They even told him, "We will hire you if you will get the CISSP in 6 months." and he refused the offer. Having the CISSP since 2009 has given me the opportunity to apply to many positions and I was able to move up the ladder into senior executive management (Cyber Division Director, CIO, CISO) with it.

Newcomer III

Re: What was your favorite/most valuable cert?

Cool topic.

 

I share some of the feelings of the original post and the replies. I took the CCNA many years back and like the original poster, have had very little hands-on use of it since so wouldn't feel good about having to do any Cisco heavy lifting, but the networking concepts covered in there are invaluable as part of your foundational knowledge.

 

I did the MCSE - Security path back in the day. I think it was 7 exams, including Security+ and Network Essentials. That held a lot of weight when looking for Windows network admin/manager gigs - despite the infamous 'Paper MCSE' tag that was justifiably applied to some folks who got the certification through less-than-legit means or had little to no experience. I encountered a few of those guys over the years, but they never lasted long in the organizations I worked for.

 

My CEH has also helped my resume stand out a few times I think, and has lead to some fun mini-projects at work, where a manager will say "Hey you're a CEH, can you help with testing ...?" kind of thing. 

 

I'm very happy to have the CISSP now and think it is a very valuable and useful one to hold as well.