I am taking classes through Bellevue University to farther my career in Information Security. I have also been working toward certifications that I know will make me more marketable in this field. I recently read an article on ClearanceJobs.com that listed the top 10 certifications held by Cleared Professionals. The top 5 of that list were Security +, Network +, A+, ITIL, and CISSP. This list got me thinking about what I need to do to make myself more marketable and what others can do as well.
These certifications listed are important and I think many companies and contractors like to see these certifications. The process for these certifications can be quite involved and it takes a lot of work to achieve these certifications and stay on top in the Information Security world. I am currently certified in Security +, Network +, and ITIL. The next big certification I would like to get is CISSP (Certified Information Systems Security Professional). This certification is a long and involved process. You must have five years of professional experience to be considered for the certification. There is also a code of ethics and ongoing education that you must adhere to keep “in good standing” and keep the certification current. The most difficult part of the certification process is obviously the test itself.
The test covers ten main points. These main points include:
1. Access Control
2. Application Development Security
3. Business Continuity and Disaster Recovery Planning
4. Cryptography
5. Information Security Governance and Risk Management
6. Legal, Regulations, Investigations and Compliance
7. Operations Security
8. Physical (Environmental) Security
9. Security Architecture and Design
10. Telecommunications and Network Security
For six hours you are rigorously questioned with 250-question test on your knowledge of the above-mentioned topics. Even after passing the exam you must maintain the certification with accruing 120 credits toward continuing education every three years and also pay a maintenance fee yearly.
As you can see, CISSP requires you to jump through a lot of hoops. Not only must you prove your knowledge on the test and show that you have a working knowledge of the information by your work experience; you must maintain the certification through continuing education. I think that this is a good time for me to try to obtain the CISSP certification. The topics on the test are also being covered in the classes that I am currently enrolled in at Bellevue University. In Information Security Management 608, we have already discussed disaster recovery plans and security policies that are covered in the CISSP under topics bullet 3 and 6. Ahead in the book will be developing the security program and risk management and analysis. I think that these classes will really help me to prepare for the certification and have other resources for the studying process. I am also hoping that the classes I am enrolled in will count toward the continuing education credits that you must attain. The website is not very specific about the requirements for this. The website states that after certification, you will receive information about the maintenance of the certification.
To others who are also in pursuit of advancing their career in information security, I hope that you have found this information helpful. Thanks for reading and good luck on the tasks ahead!
References:
ClearanceJobs.com
https://www.isc2.org/cissp/Default.aspx
Thanks for sharing, I will bookmark and be back again
ReplyDeleteCISSP Certification Exam