cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
tvishnumolakala
Newcomer I

CISSP experience requirements for endorsement

Hi all, 

 

I'm an Associate of ISC2 with over two years of work experience as a software engineer. I also have my master's in cybersecurity and planning to do my security+ in a few months. As per the requirements mentioned in this page https://www.isc2.org/Certifications/CISSP/experience-requirements, it says that Security+ is considered as one year of experience and one year for my master's???

If I'm counting it correct do I already have 4 years of experience or can I only claim for one ??  

4 Replies
dcontesti
Community Champion


@tvishnumolakala wrote:

Hi all, 

 

I'm an Associate of ISC2 with over two years of work experience as a software engineer. I also have my master's in cybersecurity and planning to do my security+ in a few months. As per the requirements mentioned in this page https://www.isc2.org/Certifications/CISSP/experience-requirements, it says that Security+ is considered as one year of experience and one year for my master's???

If I'm counting it correct do I already have 4 years of experience or can I only claim for one ??  


From the page you listed:

 

Relevant Education or Certifications Held

You may satisfy one year of required experience through holding one of the following below (you will then need four years of relevant work experience):

  • Four-Year College Degree or Regional Equivalent
    You can substitute a maximum of one year work experience if you hold a four-year college degree or regional equivalent or an advanced degree in information security from the U.S. National Center of Academic Excellence in Information Assurance Education (CAE/IAE).

OR

  • Approved Credential on the (ISC)² Approved List
    You can satisfy one year work experience if you hold one of the approved credentials on the below (ISC)² approved list.

So you would only get one year experience.  It is an either or situation.

 

As to your experience, I would say based on the brevity of your note that you do not yet have the experience (five years) to gain the full certification.

 

Good luck on taking the Security+ exam.

 

Regards,

 

d

 

BrianF
Newcomer III

Security+ is a good cert but unless you are required to get that specifically and you are set on taking the CISSP at some point, I would suggest you go for your SSCP instead?

 

I have taken both the Security+ and SSCP. The SSCP was a bit harder but similar in what knowledge is expected as a practitioner. Security+ may require slightly more challenging network knowledge but I took it within 2 weeks of passing and getting my Network+ certification and recall that being near critical. However, the SSCP requires at least 1 year experience so may carry more weight to it for hiring managers that are aware. 

 

I also think the SSCP is less expensive than Sec+ (249 vs 349?) and will help you get accustomed to the ISC2 format and become a member (after being endorsed and accepted). ISC2 membership is expensive though so may be a wash. CompTia exams IMO are very different from ISC2 exams. Not to belittle the CompTia exams but IME, they require you to just know the answers (quickly) while the ISC2 exams require you to think a little more critically about best answer selection. The latter infers experience and knowing beyond the memorization of facts from the domains.

 

The time you are given is also a big difference as CompTia gives you about a minute per question (90 questions in 90 minutes) and they have some simulation questions ("performance based" is what they call it) that do require you to think through and process lab like scenarios (usually 4-5 questions). SSCP gives you 3 hours for 125 questions and will be more focussed on how you would solve for problems with the skills you have as a practitioner that understands the domains from the SSCP. 

 

Not trying to talk you out of Security+ but just trying to provide some hopefully helpful insight into the SSCP. 

 

Good luck!

amandavanceISC2
Moderator

@tvishnumolakala Thank you for your post. To confirm, you may only waive one year in total, so you would pick either the certificate or the degree to waive the one-year.

 

Best Regards, 

Amanda

tvishnumolakala
Newcomer I

Thanks to everyone who took their time to answer my question. I'll have to wait and gain more experience before I get my certification.