cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
ldmvcd
Viewer II

Given my position, sscp or cissp, thoughts?

Hello!

 

Your thoughts/advise are very much appreciated!

 

My background: 

M.Sc. Computer Science (IT Sec. focussed). 6 years of experience in the QA industry, testing IT Sec. products. Took a break of 3 years to pursue a degree in psychology (with a part-time IT Helpdesk gig on the side)

 

Location:

Sweden

 

Goal:

Want to go back to IT and specifically IT Security. Either management or more hands-on.

 

Why did I chose to certify myself:

To get a foot into the door. Validate my skills and knowledge. To show employers that regardless of the break in my career I am still employable in the IT Sec. industry.

 

Current Investments:

I have already spent 2 months (average 3 hours a day) studying towards the CISSP CBK. (didn't consider SSCP or Security+ or other beginner/mid-level certifications when I started studying)

Been studying on my own time and the certifications will be self-funded, so cost is an important consideration.

 

Others:
Lacking the required experience so will get only the CISSP Associate. I am hoping this is equivalent to an actual CISSP (?).

 

My thoughts:

CISSP is difficult but will open the most doors. It is however more expensive than SSCP and the fact that I will be an Associate and not a full holder. SSCP is cheaper, but also a lower ranked than the CISSP but since I have already put in 2 months studying for CISSP, the chances are higher I will pass the SSCP anyway. SSCP is cheaper and with my experience/studies I should be able to be a full-member rather than a CISSP Associate.

 

Future:

I plan to do CompTIA Pentest+ after to get more hands-on knowledge. I have always enjoyed the idea of Penetration Testing and Vulnerability Assessment. Lower cost is a major factor here compared to, say, CEH.

 

Your thoughts/advise?

Given my situation, would the experienced community members recommend a SSCP for me or a CISSP. Or in general, what recommendations would you have for me? Maybe Security+ to consider?

 

Best wishes!

3 Replies
Steve-Wilme
Advocate II

CISSP is the most widely asked for certification in many markets.  See https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/8695... for example.  I think the report also details what percentage of job ads ask for other qualifications too in section 7.6.

 

Whilst you could take the Security+ or SSCP, it might be worth consider also vendor specific exams or something cloud orientated as a way of re-entering the field.  Hands on skills are still in demand within the sector so be sure not to undersell yourself on that front.

 

 

 

 

 

 

 

 

 

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS
denbesten
Community Champion


@ldmvcd wrote:


Lacking the required experience so will get only the CISSP Associate. I am hoping this is equivalent to an actual CISSP (?).


This is the flaw in your reasoning.  There is no such thing as "CISSP Associate".  Instead, you are "Associate of the (ISC)²", which demonstrates that you have passed an exam, but not which one.  If there are other certifications, such as SSCP for which you can meet the experience requirement, I would go for that first so that you have an effective resume item.  

ldmvcd
Viewer II

This is the flaw in your reasoning.  There is no such thing as "CISSP Associate".  Instead, you are "Associate of the (ISC)²", which demonstrates that you have passed an exam, but not which one.  If there are other certifications, such as SSCP for which you can meet the experience requirement, I would go for that first so that you have an effective resume item.  


 

Very good point! Thank you!