(ISC)2 Certified Information Systems Security Professional (CISSP)
Computer certification programs are setting the standards for the information technology (IT) industry worldwide. Although most careers in the IT and communications fields are lucrative and lead to rapid advancement, you can move ahead even more rapidly if you have been certified. In fact, you often can earn a salary increase of 20% or more once you become certified. Nowadays, having a degree in computer science just isn't enough. Companies are demanding that their IT professionals be certified as a way to measure their skills as well as to guarantee that they can perform their jobs successfully. In short, certification will help a computer professional get a good job and stay competitive in what is now a highly demanding IT environment.
This training would be beneficial for individuals looking for IT job positions such as: Network Security Specialist, Senior Security Engineer, Information Security Manager or a Chief Security Officer.
ISC2 certification validates the latest skills needed by today's computer security professionals. It is an international, vendor-neutral certification recognized by major hardware and software vendors, distributors and resellers. The CISSP course provides you with the knowledge and skills to pass the CISSP certification, after which youll have the ability to manage, operate, develop and plan an effective network security infrastructure.
CISSP® candidates must meet the following requirements prior to taking the CISSP examination.
Effective 1 October 2007, a new endorsement policy will be in effect, requiring anyone who passes a CISSP, CAP®, or SSCP® exam to have their qualifications endorsed by another (ISC)2 credential holder.
Applicants must have a minimum of five years of direct full-time security professional work experience in one or more of the ten domains of the (ISC)2 CISSP CBK.
CISSP professional experience includes:
- Work requiring special education or intellectual attainment, usually including a liberal education or college degree.
- Work requiring habitual memory of a body of knowledge shared with others doing similar work.
- Management of projects and/or other employees.
- Supervision of the work of others while working with a minimum of supervision of one's self.
- Work requiring the exercise of judgment, management decision-making, and discretion.
- Work requiring the exercise of ethical judgment (as opposed to ethical behavior).
- Creative writing and oral communication.
- Teaching, instructing, training and the mentoring of others.
- Research and development.
- The specification and selection of controls and mechanisms (i.e. identification and authentication technology) (does not include the mere operation of these controls).
- Applicable titles such as officer, director, manager, leader, supervisor, analyst, designer, cryptologist, cryptographer, cryptanalyst, architect, engineer, instructor, professor, investigator, consultant, salesman, representative, etc. Title may include programmer. It may include administrator, except where it applies to one who simply operates controls under the authority and supervision of others. Titles with the words "coder" or "operator" are likely excluded.
The applicant must meet the following requirements to qualify to sit for the examination:
- A. Subscribe to the (ISC)2 Code of Ethics
- B. Have a minimum five years* of direct full-time security professional work experience in
two or more of the ten domains of the information systems security CBK®. Waiver of Experience: If certain
circumstances apply and with appropriate documentation, candidates are eligible to waive a maximum of two
years of professional experience* as follows:
- One year waiver of the professional experience requirement for education. Candidates can substitute a maximum of one year of direct full-time security professional work experience described above if they have a four-year college degree OR Master’s Degree in information security from a U.S. National Center of Academic Excellence in information Security (CAEIAE) or regional equivalent. If you hold both a four-year degree and a Master’s degree, you may only apply for a one year waiver of experience.
- One-year waiver of the professional experience requirement for holding an additional credential on the (ISC)˛ approved list. Valid experience includes information systems (IS) security-related work performed as a practitioner, auditor, consultant, investigator or instructor, that requires IS security knowledge and involves the direct application of that knowledge. The five years of experience must be the equivalent of actual fulltime IS security work (not just IS security responsibilities for a five year* period); this requirement is cumulative, however, and may have been accrued over a much longer period of time.