cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Admarnelson
Newcomer III

guarantee my life for cissp

Hello Guys!

Friends, I really want to know if it is possible to change my destiny and my life having the CISSP certification?

first all; I want real life advice:

I finish my high school in 2013 in IT Security and Management speciality and I current just enroll certifications on cybrary.it webpage, i want to leave my country (Angola) because i don't see my position here, I don't feel good this country. I have deep knowledge about Security but no certifications official, i want get cissp certification after this leave but I'm afraid to leave and don't find work.

My plan is to get cissp, sscp, cisco cyberops, csa+, Linux+, ccna sec, and others

if i have only Cissp for a while can i Leave my country and find job? in EU, or Canadá or US

so my friend what you advice me.

remember i'm 34 years old

waiting for answer

37 Replies
fortean
Contributor III

Yes, they are in here, as the real name of a person is attached to the screen name / avatar and can be found easily by clicking the screen name. As I'm a EU resident and (ISC)² has a European HQ my personal data should be handled according to the rules in the GDPR, so in fact (ISC)² needs my explicit permission to publish my personal data. I can't remember having given that to (ISC)², but that's probably somewhere in the T&C. But it may become an issue if the GDPR will be enforced (May 25th 2018).

 

a.png

,

--
Heinrich W. Klöpping, MSc CISSP CCSP CIPP/E CTT+
Early_Adopter
Community Champion

I wa taknking more generally about screenames and avatars, just in terms of proving you could work back.

 

But even if isc2 didn’t have  any EU HQ they’ve still collected you’re personal data via whatever mechanism - limited exploit purpose with consent is needed to comply. That last  box might need a look.

Admarnelson
Newcomer III

Hi

Could you tell me what about? any problem with me?

Early_Adopter
Community Champion

No we’re just talking about the privacy implications of screennames and a last point around if processing EU resident data subjects personal data - what if say a US company with no enrich in the EU that does a big old data slurp and starts processing that persononal data as if there is no tomorrow. Does GDPR have provision for this or not? Is there legal recourse through international courts? Does it go diplomatic, are trade restrictions deployed by the EU?

fortean
Contributor III

 

You asked: "what if say a US company with no enrich in the EU that does a big old data slurp and starts processing that persononal data as if there is no tomorrow"

 

Usual caveats apply; I'm not a lawyer and this should not be considered legal advice etc.

 

That being said: the EU explicitly does not allow processing of my personal data without permission. Yes, (ISC)² would be held responsible if that happened (they are seen as the data controller) and I could even hold the data processor (the staff that runs this board) responsible. It would then be up to them to sue (ISC)²: no more trying to blame each other while I sit here waiting. And no, is is not sufficient if there is something vaguely worded in the T&C to allow it - the EU laws are very explicit: this needs to be made clear to me in clear, understandable (I'd say: at least 15 pt size font Smiley Very Happy ) wording.

 

I think that it would be wise - especially for (ISC)² - to ensure compliance with the GDPR ASAP. The GDPR will become effective on May 25th, 2018 and especially security related companies should ensure they have their act together before that date.

 

 

 

--
Heinrich W. Klöpping, MSc CISSP CCSP CIPP/E CTT+
Early_Adopter
Community Champion

Yeah, I think ISC2 has that covered there was a live chat on this. Agreed on all fronts for requirements for collection, controllers. 

 

However, let's say a company in a Third Country carries on allowing EU based Natural Persons to use their website for services, processes personal data, processes special categories of personal data, because  - why not? Could they do so with impunity? What would be the ramifications?

 

Tinder could be seen as a possible test case for this:

 

https://www.theguardian.com/technology/2017/sep/26/tinder-personal-data-dating-app-messages-hacked-s...

 

Not sure if they have offices in the EU/presence there but folks certainly use the service.

 

 

dkanugula
Viewer II

I think you can target the following : 

 

once you finish CISSP , you can  have  job trails and no need to wait to complete all certifications you mentioned.

 

2. Understanding on any cloud platform like AWS will be more  helpful , you can plan for certification( AWS security engineer etc)  in parallel.

 

3. Getting additional insight on Azure platform will give you more benefit  , I recommend you to go through Microsoft University i.e https://mva.microsoft.com/  which is  free platform to learn.

 

4. In Long term, you plan to groom as an Auditor after completion of CISA etc. 

 

5. Initially you can try  as  SOC engineering and Cloud Security Engineer 

 

6. Have a good understanding on Penetration and VAPT tools which will be very helpful to get the job rather waiting to complete too many certifications.

 

7. Explore more tools like  opensource SIEM , alertlogic , threndmicro ,FIM etc 

CraginS
Defender I

Please see added advice inspired by this thread over in the Career area, in Listing Credentials on LinkedIn & Resumes

 

 

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts