Global Information Risk
Management Recruitment
Telephone: +44(0)20 7987 3838 Email:

What are CISSP jobs?

Filed under: Features — Mark on August 26, 2013

One aspect of the modern IT profession which can be frustrating for some is the ritual use of jargon and acronyms. From CCDP (Cisco Certified Design Professional) and RHCA (Red Hat Certified Software Architect) to CWNA (Certified Wireless Network Administrators), the initially baffling words and phrases keep on coming. Then there is CISSP.

CISSP stands for Certified Information Systems Security Professional. Whilst this term also may come across as daunting, it in-fact signifies a highly respected qualification within the IT security business.

A CISSP certificate will signify to an employer a number of things about a candidate before they even meet them.

A bit more about CISSP

First, a CISSP certificate indicates staying power and determination; the CISSP certificate is no easy option, covering a vast syllabus and requiring the candidate to grasp information at a granular level. The exam itself is quite a test of stamina, lasting a whopping six hours. Meanwhile, the pass threshold, at around 70%, is somewhat unforgiving.

Moreover, once qualified a candidate will need to renew their certification every three years, usually choosing to do so through Continuing Professional Education certificates. An annual fee is also payable.

Meanwhile, an employer will be aware that the potential job candidate is well versed in the topics covered by the CISSP curriculum. Almost all aspects of the cyber security world are embraced – from access control (physical and online), network security, cryptography, legal aspects of information security (including compliance with international standards), and physical security (ensuring locations are well protected).

A CISSP certificate also demands least five years’ experience in the security industry (there is some leeway for academic candidates) as a pre-qualification. Another requirement for embarking on the CISSP is an endorsement from an established security professional.

All in all, a CISSP is not a lightweight or fleeting qualification. It demands a considerable investment of time and money, and is designed to sort the wheat from the chaff in the security industry.

The kind of jobs requiring a CISSP

The kind of jobs that require a CISSP professional will most likely be at the higher end of the scale, usually at a senior level in companies, sometimes at the executive level. Whilst there is no one typical “CISSP job”, here are some of the key tasks that a CISSP professional may be found doing within an enterprise:

IT Risk management

Performing a vulnerability analysis of the current security setup, and recommending changes, if necessary.


Ensuring compliance to ISO standards for information security – for example, ISO 27001, which demands that an organisation thoroughly integrates IT security into its overall governance.

Creating security policies and procedures

Developing a culture of Information technology security in an organisation through the authoring and distribution of clear policies and processes. Sometimes, a team is hired to help write these.

Common Job titles, where a CISSP is required, range from “IT Security Consultant” to “Security analyst” and “Information Architect”.

These titles indeed confirm that a CISSP professional will be a knowledgeable and experienced individual who takes an over-arching view of a company’s IT setup, with an aim to making it more robust and resilient in to the future.

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Leave a comment


Please register and browse our jobs so we can help you start a new career!




Acumin © 2006-12