Career Advice Tuesday – “Is CISSP Training a Good Use of My Money”

July 10, 2012

Dear Infosecleaders:

I am about to transition from Military to the Civilian work force. I am a IT Support and Security Professional. I am currently working to gain the CISSP through the SANS Security S+ course. My question is will this class help with gaining the knowledge I “really need” to pass the CISSP and will this help with the progressing in the civilian work force? This course is expensive but it come highly recommended from some of the professionals that I work with. Need some guidance.

Sincerely,

Retiring Soldier

 

Dear Soldier:

First of all, let me say a big THANK YOU for your service to our country.

As a disclaimer – I am not familiar with the particular topics covered in the SANS Security S+ course – so my answer to your question will be a more general one.

The first thing that I want to say is that I question the concept that you actually “really need” to pass the CISSP to work as an information security professional in the civilian work force.   Most of the customers that we support, are more interested in the candidate’s talent – as opposed to their certifications.

I believe that the question that you should be asking yourself is, “Which training class will enable me to develop my skills and make a smoother transition to work in a commercial environment?” 

One of the best ways to determine this will be to first understand the foundation of your current skills and the strengths that you can be leverage.  Generally speaking, these skills will be more “technical “ in nature – centering on either networking, operating systems, software development, etc.  Once you are comfortable with this assessment, you may want to look at a training class that can help supplement these skills – possibly something in the area of incident response, security event management, penetration testing, etc.

In developing these skills and skill combinations, you should be able to place yourself in a professional information security environment that will provide you with some exposure to the “domains of knowledge” encompassed by the “CISSP Certification”.  In the context of the job, engaging your peers, the purchase of some relatively cheap study guides, and some initiative you should be able to pass the CISSP (at a substantially lower price point)– if you decide at that this is a worthwhile career investment as you aspire toward your ultimate career destination.

Hope this helps,

Lee Kushner

 

Posted by lee | Filed Under Advice, Career Advice Tuesday, Career Investments, Planning, Security Industry, Skills 

Comments

2 Responses to “Career Advice Tuesday – “Is CISSP Training a Good Use of My Money””

  1. bonvillain on July 11th, 2012 5:34 pm

    Sage advice from Mr. Kushner right there soldier, and I echo his sentiment of thanks for your service.

  2. Rybolov on July 23rd, 2012 2:44 pm

    If you’re transitioning from active duty into a civilian contractor job supporting .mil customers (a common occurrence for military folks) and doing security work, you need a credential: either ISC2, SANS, ISACA, or a handful of others. DoD Directive 8570.10-M lists positions and the mandatory certification requirements. Some positions will let you get the job, then get the certification within a period of time, but ultimately for a government contractor, folks that are certified are easier to place because of the way that the government does a process called “labor compliance”.