Global Information Risk
Management Recruitment
Telephone: +44(0)20 7987 3838 Email:

What qualifications do I need for CISSP jobs?

Filed under: Features — Stephanie on September 28, 2013

Cyber security jobs can in some cases be highly specific and focused, usually requiring knowledge in a niche area. However, they can also sometimes be rather general, demanding an informed, experience-soaked knowledge of a range of security areas. The niche-based roles cover areas such as pen-testing (Penetration Testing), in which the employee simulates a breach of IT security in order to expose a company’s weaknesses, then recommends solutions.

There’s a different class of IT security job, however, which demands expertise in a range of fields, all of which will have a bearing on a company’s information security policy. These more general jobs tend to be more senior, sometimes carrying titles such as ‘Information Security Manager’ or CISO (Chief Information Security Officer). They are also sometimes known as CISSP (Certified Information Systems Security Professional) jobs. These positions are often perceived as the “crème de la crème” in the IT security industry, commanding an average salary of around 50K and sometimes considerably higher. They are widely sought after, and often considered as roles to be aspired to at the pinnacle of an IT security career.

Here, then, are some of the qualifications likely to make someone a suitable candidate for a CISSP job.

Certify yourself

First, and perhaps most obviously, there’s the professional certification lending itself to the phrase ‘CISSP job’. A CISSP certificate is a de facto requirement for a CISSP job, and is one of the most challenging of the IT professional qualifications to obtain, demanding considerable amounts of time, energy and even resources. To begin with, there’s an entry qualification of at least five years’ professional experience in information security (in certain cases, this can be mitigated by equivalent experience in academic study). A CISSP candidate also needs to be endorsed by a fellow CISSP professional who is in “good standing” with (ISC)² (International Information Systems Security Certification Consortium).

The candidate must then embark on a course of study covering curriculum areas such as Telecomms and Network Security, Cryptography, Security Architecture and Design, and Physical Security. Then there’s a six-hour exam, consisting of around 250 questions, which demands a circa 70% pass rate. The CISSP must also be periodically renewed. This can be can be achieved by re-taking the exam, though many prefer to submit CPE (Continuing Professional Education) credits, which are also accepted.

Part of a combo

However, a CISSP certificate is not necessarily a passport in itself to a CISSP job. Employers may be looking for it to be combined with other certifications, perhaps related to Risk Management, and which demonstrate a good knowledge of certain ISO standards. Academic qualifications may also be sought. It would therefore be a mistake to hold a “CISSP is all you need” philosophy when it comes to CISSP jobs.

No substitute for experience

Finally, of-course, nothing beats hard-won experience when it comes to working in a variety of information security roles. Many employers will see this as more than worth its weight in gold, and possibly trumping formal certification in terms of making a particular candidate stand out from the crowd.

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Leave a comment


Please register and browse our jobs so we can help you start a new career!




Acumin © 2006-12