Work experience

Sueskai01 · ‎11-23-2021

Hello everybody,

I have a question about the work experience I need to take the CISSP exam. I worked from 2009 - 2012 for a company as a security admin, but since then I am working in another line of business. Is there a rule that says that I have to work the last five Years in the field of security?

Thanks a lot
Sueskai01

Kaity · ‎11-23-2021

Hello @Sueskai01!

Nope! No such requirement about WHEN the experience took place, only that it's relevant to the domains. More info can be found here - https://www.isc2.org/Certifications/CISSP/experience-requirements

Sueskai01 · ‎11-28-2021

Hello Kaity,

Thank you very much for this information. So I will start my training as a CISSP.

SBA · ‎12-28-2021

Hello all,

I am an IT auditor with around 4,5 years of external IT audit experience in big fours (ITGCs and IT dependencies audits) as well as nearly a year of IT internal audit experience. I would please like to ask if IT audit experience (i.e assessment of security risks and controls + recommendations and follow-up on associated action plans) qualifies as work experience towards CISSP or if hands-on design, implementation and operation of security controls is required ?

Thanks a lot in advance for your help

steampunk · ‎05-08-2022

You need to work in the industry. Not just security. Please keep in mind all domains really are part of security.

If you work in

help desk

project management

Apps

Sys Admin

Server work

Networking

Your job description for each job, should have a line in there saying you must protect network ,etc, etc,etc. You need to supply your job descriptions to show proof.

If you have a degree this also counts as a year.

I think the only way experience wouldn't count is if you were not in the IT industry.

Hope this helps.