Passed my CC exam, next steps

freddy91761 · ‎04-12-2023

I passed my CC exam last week. I already have my Comptia Sec+. I was thinking of going for my SSCP so it can fill in the knowledge gaps or should I just try the CISSP and then CCSP . I would like to focus on Cloud Security. I am also trying to get some MS security certs like the sc-400, etc. I am between jobs and hoping that theses certs will help me land a cybersecurity job.

emb021 · ‎04-12-2023

So I don't know what your career plans are beyond "focus on Cloud Security", so I can only note this.

SSCP, CISSP, and CCSP all require experience to obtain. SSCP is the lowest as 2 years, CISSP & CCSP is 5 years unless you have a degree, then its 4 years. (actually, if you have the CCISP, that covers the experience for CCSP).

So if you don't have that experience, you'll have to obtain the "Associate of ISC2" status to "keep" the test score until you get the experience, but that lasts for only 5-6 years.

Thus if you're trying to land a job, Sec+ and CC would be the way to go, then when you have it, decide on SSCP or CISSP next.

Consider CCSK from the CSA instead of CCSP. No experience needed. And consider getting the AWS &/or Azure associate certs as well. There is Cloud+, but not sure how good or how respected.

Hope this helps.

---
Michael Brown, CISSP, HCISPP, CISA, CISM, CGEIT, CRISC, CDPSE, GSLC, GSTRT, GLEG, GSNA, CIST, CIGE, ISSA Fellow

denbesten · ‎04-12-2023

Neither SSCP, CISSP, nor CCSP are for those "new" to cybersecurity. Keep in mind that you can not actually be issued any of these certifications without experience, so you might as well use the experience as part of your studying. Here is my recommended study path:

Attain your CC
Get a job in cyber security and soak it all in for 1-2 years.
Study, write and attain your SSCP.
Spend another 3 years (for a total of 4-5) in the job interacting with all your colleagues, especially those that work in domains other than your own.
Spend a few months with "the books" so that you learn the terminology and fill in the missing gaps.
Write the CISSP.
Use the experience you gained to complete the endorsement process.
(optional) attain your CCSP, which requires no additional experience if you already are a CISSP.

freddy91761 · ‎04-13-2023

I have been in the IT field for 15+ years, mostly in a desktop support role. I did some networking, programming, security, etc. I also have the CCSK bundle, so I will be taking the exam soon. I already have some Azure certs like the AZ-900 and SC-900. I am looking to get the AZ-500 and MS-500. Any other suggestions?

emb021 · ‎04-13-2023

"I have been in the IT field for 15+ years, mostly in a desktop support role"

Ok, I don't know what exactly you've done in this desktop support role, tho am surprised you've been doing this for 15 years and not advanced in some way. BUT you MIGHT have the experience needed to get the SSCP. Even in a desktop support you may be doing infosec work. Get a copy of the SSCP domains and breakdown, and go over it. See if you feel the work you've already done matches what is looked for. If you're not sure, network with an ISC2 member. (if you're not networking with IT peers, you need to. Join local IT/infosec groups such as local chapters of ISSA, ISC2, ISACA, whatever CompTIA has, or any local groups, etc).

If you feel you already meet the requirements, go for it. SSCP will give you an edge over Sec+ or CC in jobs. Leverage what you'd done already to get your next role.

---
Michael Brown, CISSP, HCISPP, CISA, CISM, CGEIT, CRISC, CDPSE, GSLC, GSTRT, GLEG, GSNA, CIST, CIGE, ISSA Fellow

eddiechabbs · ‎06-13-2023

What job titles would one be targeting after obtaining a CC?

emb021 · ‎06-13-2023

@eddiechabbs wrote:

"What job titles would one be targeting after obtaining a CC?"

Well, basically entry-level roles. Roles that don't require much experience.

SOC analyst
Security analyst

security administrator

etc.

---
Michael Brown, CISSP, HCISPP, CISA, CISM, CGEIT, CRISC, CDPSE, GSLC, GSTRT, GLEG, GSNA, CIST, CIGE, ISSA Fellow

Anton_Dawson · ‎07-04-2023

Just a quick question, possibility a silly one at that. I too have been in a IT support role for about 15 years. Various IT tasks. Ive obtained my CC and also CYSA+. Where does one find these "entry level" positions? Ive search and applied to countless position on various platforms and continue to come up empty. Is there any insider posts or listings that i could search and apply to? I'm just not seeing the work force gap. Again, apologies for the long winded "question", but i just don't know which is the best foot forward for me.

freddy91761 · ‎07-05-2023

I am some what in the same boat as you. I have over 15 years experience, have my Sec+, CC and going for my CCSK. Where are all the jobs? Almost all "entry-level" require you have 3 years in a cybersecurity position. I just might look into cloud and give up on cybersecurity. ISC2 which Comptia and others that deal with CyberSecurity certs should have a job board just for security jobs. You get access after you pass certain certs.

koogen_govender · ‎11-17-2023

I provisionally passed the exams yesterday and from what I have seen online and heard through CISSP-qualified individuals, I would rather go for the CISSP as the CCSP will be attained after passing the CISSP.