I stumbled across ISC2 searching for ways to leverage my past military service and masters in computer science toward a new career. The biggest obstacle as I see it, is the time that has passed while I was supporting my spouse's career and raising kids since I obtained my MS in 2002 - I have not utilized the degree as we chose to focus on my spouse's career and family. Now I am ready to move forward and I am wondering if I need to get another degree in cybersecurity or if certification in cybersecurity will be a step toward getting my foot in the door as it relates to becoming a government cybersecurity professional. Thanks to you if you have read this and have a chance to give me some thoughts/feedback!
Per the (ISC)2 website, you can claim one year experience on certifications for your Masters degree (note: it does not say that the degree has to be earned withing x years, just that you have the degree).
For the CISSP:
https://www.isc2.org/certifications/cissp/cissp-experience-requirements
Based on that you would need to show four years experience in two of the eight domains.
Hoping that this assists you.
d
@nmaxwell as you already have a masters in computer science, I'm not sure another degree even in cybersecurity would be time & money well spent.
Getting cybersecurity training that may lead to certifications like CISSP, or take a look at the SANS Institute, would be better. They do stuff for veterans, I think. At most I would say getting a graduate certificate in cybersecurity may be something to consider.
ALSO, if you haven't already, be sure to network with local professionals. Join your local chapters of ISSA, ISACA, ISC2, maybe also Infragard. Go attend local BSides conferences, which often have a jobs or career track. There are also groups that look for veterans for cybersecurity roles.
Thank you, @emb021. This is a very helpful response. It has been a bit overwhelming with all the various certs and trying to navigate which way to go after so many years out of tech. I appreciate you taking time to give me some direction. Best, ~Norma
@nmaxwell
When it comes to certs, I recommend people take a look at the main cert orgs: CompTIA, ISC2, ISACA, SANS/GIAC and maybe EC-Council. There are others out there, but these are the main ones, with several certs on the DOD approved list (if you want to work for the DOD, you'll need certain certs for certain roles, and most other government agencies follow this as well).
Then I recommend people get a general infosec cert. CC, Sec+, CASP+, SSCP, GISF, GSEC, CISSP. If you can the more expert level ones (CISSP, GSEC) then the entry level ones (CC, Sec+), do so.
Then get certs tied to the specific areas in infosec that you are interested in. There are certs aimed at pentesters, forensics, incident response, BC/DR, GRC, Audit, management, etc.
This helps get pass the gatekeepers and shows you have the fundamentals AND you know your area(s) of expertise.
The chart at https://pauljerimy.com/security-certification-roadmap/ may also help. CompTIA and SANS also have roadmaps at their sites.
Hope this helps you and others.