I am a Senior Oracle DBA with 10+ years of experience in multiple Sectors including Telecommunications, Retail and Insurance. I have decided recently to fully transition into Security and currently studying for the CISSP exam. My question is, when I tried to book the exam earlier, I was faced with a question to whether I want to take the Associate route or if I have experience in two of the domains. Now as a Senior DBA, Security was a significant part my every day work, so I have covered Access control, encryption, patching, dealing with vulnerabilities, etc. from the Database Security prospective. My last role was a Database Security Manager responsible for the security of several database technologies and worked exclusively on patching, Policy and Vulnerability compliance. I implemented TDE (Transparent Data Encryption across all databases) and worked on SIEM products such as Arcsight.
I have all the paperwork from HR to prove my years of experiences but I do not know anyone who has CISSP who can vouch for me. So which route do I follow? I feel the Associate route is more designed for graduates with no experience but I am happy for you to correct me if my understanding is incorrect.
I appreciate any help you can offer with this!