Why the CISSP Changed My Cyber Security Career Forever
Рет қаралды 31,249
Күн бұрынI have the CISSP, but do I think it’s worth it today?
Looking to start a career in Information Security, Cyber Security, or Information Assurance? Check out all these resources to Get Started! ⏩ www.jongood.co...
Are you interested in Cyber Security training or Career Services? ⏩ www.CyberTrain...
Join this channel to get access to perks ⏩ / @jongoodcyber
Listen to Cyber Security TLDR for Threat Intel and Cyber Security News on Podcast! ⏩ www.cybersecur...
Everybody has their own journey to not only get into the Cyber Security workforce, but also to land the highly sought after jobs that pay the big bucks. There is no question that certifications come up when discussing the ideal career journey, but what does a current CISSP holder think looking back?
Join me for this video as we talk about my thoughts on the CISSP and how it either positively or negatively impacted my career in Cyber Security. After this video, you will know my honest opinion of the certification and then you will know if I would pursue it if I had to start all over.
Blog Post: jongood.com/ci...
#CISSP #cybersecurity #infosec
📱Social Media📱 - www.jongood.co...
⚡️Lab & KZbin Gear⚡️ - www.jongood.co...
👕Merch👕 - www.jongood.co...
📇Affiliates Links📇 - www.jongood.co...
DISCLAIMER: I am an ambassador or affiliate for many of the brands referenced on the channel. As an Amazon Associate, I earn a commission from qualifying purchases.
DISCLAIMER (MUSIC): I only use royalty free music and sound effects.
@mattsionkowski Жыл бұрын
My idea is that all certifications are being passed by humans, not some special creatures from other planets. So we should never think that some kind if cert is "too high" or "too hard". Grab a book, pass an exam. We all did this when we were kids at school with far less interesting classes and topics. We just got lazy - but we still have that skill within us.
@JonGoodCyber Жыл бұрын
In general, regardless of what people claim, most certification exams are passable. Now with that being said, there are certain vendors who have a history of creating a hostile environment and not giving enough structure but that's pretty rare.
@anthonyomisorecanfixit Жыл бұрын
Big facts
@majorkuso6720 Жыл бұрын
That is correct, if one person can do something then many are able to as well. I was able to pass my cissp after 2.5 weeks of studying. I figured if others can do it then I can too.
@f1y_str8 10 ай бұрын
Would the CISSP actually get me a job without a degree?
@memento4940 5 ай бұрын
@@majorkuso6720 liar
@donnylee9897 Жыл бұрын
I work for Northrop now, what a great company!
@JonGoodCyber Жыл бұрын
Awesome! Definitely a solid company regardless of the stage of your career.
@kaizentruth8098 Жыл бұрын
I just got my GSEC (my job paid for it) I was considering going for the CISSP next but I’m 6 months into my current position so I might take a beat before I take it and build up my technical knowledge
@JonGoodCyber Жыл бұрын
Thank you for sharing! I also have the GSEC and really enjoyed the course. I recommend checking out my free eBook ( jongood.com/getstarted/ ) for some ideas on skills and certifications. Also if you don't quite have the experience for the CISSP, I would highly recommend watching my video on the Associate path ( kzbin.info/www/bejne/fX-5c5Z9r86Gb6s ) before you decide to attempt it.
@kaizentruth8098 Жыл бұрын
@@JonGoodCyber thank you! Checking both out now
@AnthonyGee-pn5wf Ай бұрын
How did you get a job that paid for it? Did you have previous certs or degree in IT? Thanks
@Venom-r4z 5 ай бұрын
Currently working for DOD and my job offered a CISSP training camp. I currently hold a Sec+ and just passed my CISSP last week on my second attempt. I don't have the required experience but will have it and the end of the year. IMO being an associate isn't that great unless you have a similar position (someone else pays for cert). If you're coming out of pocket its probably best to just wait until you have required experience. Luckily i have a degree and a cert so I can short a year. Best of luck to everyone that are studying to get theirs.
@JonGoodCyber 5 ай бұрын
The DOD is definitely an industry where you can get them to cover the costs so they have another CISSP certified professional. Being an Associate of ISC2 (i.e., passing the exam before you have the experience) is generally worthless because you can't claim the certification yet. That said, the DOD or defense industry in general is unique in some ways when it comes to certifications, so I understand why it might make sense at times because I've been there myself.
@marvin8038 8 күн бұрын
DoD directive 8570 was replaced by DoD directive 8140. if im not wrong.
@JonGoodCyber 7 күн бұрын
You are correct in that the 8140 replaced the 8570. You will still hear the 8570 used interchangeably with the 8140. From a certification standpoint, they are very similar, so I wouldn't get too hung up on that fact as long as you understand that they are basically the same thing.
@unicaller1 11 ай бұрын
If you can't take advantage of the CISSP cert right now, especially because of lack of required experience. I would wait, the test and annual fee are quite expensive and the CPE requirements are also pretty high. It is a lot of investment for something if you can't use it yet.
@JonGoodCyber 11 ай бұрын
Thanks for sharing! For anybody in that situation, I recommend checking out my video on the Associate of ISC2 ( kzbin.info/www/bejne/fX-5c5Z9r86Gb6s ), where I give my thoughts.
@tundeanimashaun8021 Жыл бұрын
I passed the CISSP with no technical experience and am yet to get a job. Still looking for a job here in Nigeria
@JonGoodCyber Жыл бұрын
Based on what you have said, It's unclear if you are fully CISSP certified or if you simply passed the exam because there is a huge difference between the two. Do you have experience? Which types of jobs are you applying to? Are you getting interviews? These are all important factors in landing jobs. Also, being able to pass the CISSP exam in no way implies that you have significant technical experience because it actually tests how broad your knowledge is across the domains, not how deep. There are certainly people that pass the exam who come from a non-technical background such as GRC, but that doesn't mean you can pass without knowing fundamental things.
@strategygalactic 6 ай бұрын
Come to the States. Get a work VISA and a sponsor.
@tundeanimashaun8021 6 ай бұрын
@@strategygalactic can u give me direction on that
@strategygalactic 6 ай бұрын
@@tundeanimashaun8021 www.uscis.gov/working-in-the-united-states
@strategygalactic 6 ай бұрын
@@tundeanimashaun8021 Be forewarned, you may NEVER get a federal government job due to being a non-citizen, especially if you come from an "unfriendly" country. It's always possible though.
@GhostLyricist 8 ай бұрын
Wouldn't you need to be endorsed to even try to go for the CISSP anyways, since it requires 4+ or 5+ years of relevant experience? I don't really get why this is even a discussion of it being a downside since you shouldn't be able to try for it in the first place.
@JonGoodCyber 8 ай бұрын
The endorsement process comes after passing the CISSP exam to become certified but you don't need it in order to sit for the exam. If your interested in learning more about the Associate of (ISC)2, I recommend checking out my video talking about it: kzbin.info/www/bejne/fX-5c5Z9r86Gb6s
@hassan-ix-vii8126 Жыл бұрын
Do you think experience in a technical support role for a firewall would count as experiance towards the CISSP?
@TheUballe Жыл бұрын
Yes -- that's network security.
@JonGoodCyber Жыл бұрын
Anything IT or Cyber Security will almost always count. Keep in mind that your experience must fall within at least two of the domains. You can find the domains and experience requirements on the ISC2 website ( www.isc2.org/Certifications/CISSP/experience-requirements ) if you need to verify.
@jjandre7032 Жыл бұрын
@@JonGoodCyber Wow! That was actually very helpful. Good to know it's only 4 years if you have any of the certs they listed. I'm much closer than I originally thought when I combine certs+ my other support roles 👀👀. Does this usually apply for other certs that require 5+ years of experience? (GIAC, CISM)
@JonGoodCyber Жыл бұрын
I'm not aware of any GIAC certifications that have experience requirements attached to them but most of the certifications that require experience, do have some type of waiver that can reduce the requirement. Each certification and/or vendor has different requirements so you have to look at each one individually to see what they list.
@Jesse_Johnson 3 ай бұрын
I finally have the time accrued. Is the CISSP still worth it in 2024? Do you think it is still a separator? Cheers @Jon Good
@JonGoodCyber 3 ай бұрын
Congratulations as that's an important career experience milestone for many reasons! The industry opinion and my personal opinion hasn't changed on the CISSP. If you work in the government or government contract space you will be very limited without it as it's the norm, and if you work outside of that space it's a differentiator because it's not that common until leadership positions. Honestly, when I left the DoD space for the first time, I was shocked at how few CISSPs existed in other industries but you absolutely stand out when you have it.
@gabrielmunoz5292 Жыл бұрын
Hi Jon, I am trying to get into the cybersecurity field. Fresh out of boot camp but nobody is really recognizing the it, so I signed up for a grant and got accepted into a CompTIA certification program. Taking the Security+ in May and when I pass that I’m eligible to sign up for the CySa+ in June. Is there anything else you’d recommend that I add to this to help my chances? Thank you for your time.
@JonGoodCyber Жыл бұрын
I recommend grabbing my free eBook ( jongood.com/getstarted/ ) and checking out the roadmap of skills and certifications. Most people that I've worked with out of bootcamps lack fundamental IT knowledge in at least one area of the roadmap and that lack of knowledge will hold you back until you learn it.
@pankaj5080 Жыл бұрын
Hi Jon, I am 40 years old. I have 13 years experience of Microsoft Exchange, Unified Communication and Microsoft Teams as a Tech support and then senior system administrator.. I am interested in switching my career towards Cybersecurity but be in the Microsoft products pool. Could you please guide which cybersecurity roles should I target given my experience and age.
@JonGoodCyber Жыл бұрын
If you want to be specifically working with Microsoft products, I would look at Azure roles and certifications (Microsoft's Cloud). You can find roles that wear dual hats (IT and Cyber) or roles that are more specifically focused on Cloud Security.
@rom_4938 Жыл бұрын
The first certification you can consider is the sc-900. Then look at all the sc-100-200-300-400, see what you like and what you want to achieve. But the 900 is the base, I recommend you start there.
@VicMansaMusa 2 ай бұрын
Sc200 then ez500 you ll be in a great position especially with your experience.
@sesanpaul8378 11 күн бұрын
I have 6 years experience a software engineer ( with secure coding training and mindset ) would I met the criteria for endorsement ?
@JonGoodCyber 11 күн бұрын
Secure coding certainly falls within the domains, but you need experience in at least two domains. So the real question is, do you have experience in other domains? You can find the list here: www.isc2.org/certifications/cissp/cissp-experience-requirements
@sesanpaul8378 11 күн бұрын
I was hoping my experience in AWS ( especially on IAM ) could count for IAM domain in CISSP
@JonGoodCyber 11 күн бұрын
@@sesanpaul8378 IAM certainly is covered within the CISSP domains, but of course, it isn't guaranteed experience that a software engineer would have. You must also know what you are signing up for by pursuing the certification, so you should look at the requirements.
@sesanpaul8378 11 күн бұрын
Thank you
@supersmart671 3 ай бұрын
How did you get certified when you don't have the enough experience? How did you qualify?
@JonGoodCyber 3 ай бұрын
If you go back, you'll see that I said you aren't certified just by passing the exam because taking the exam and getting certified are two separate processes. You don't have to meet the experience requirement to take the exam, however you aren't considered "certified" until you meet all the requirements and go through the endorsement process.
@pathankhan6552 8 ай бұрын
I have experience in to Operational risk, Incidence management, credit risk management, change management. do they count for experience? I have basic knowledge from technical point of view and recently cleared Certified in cybersecurity certification.
@JonGoodCyber 8 ай бұрын
You've listed a few topics that are things we deal with in Cybersecurity but it's unclear based on your statement if that's the context of your experience. Most career fields can help you develop some type of transferrable professional skills to help you be a better employee but are they going to directly relate to your ability to do the required tasks in a Cybersecurity job? Most of the time the answer is no and you still need to develop an entirely different set of job-specific skills. Start working through the roadmap in my free eBook ( jongood.com/getstarted/ ) and continue building your skills and knowledge!
@williamjohnson1668 6 ай бұрын
Do you have to renew this certificate? If yes, then how?
@JonGoodCyber 6 ай бұрын
Nearly all certifications, especially the ones worth having, require either ongoing education or retaking the exam. For the CISSP (and all other ISC2 certifications), you can find the requirements on their website: www.isc2.org/members/cpe-opportunities
@awarepenguin3376 7 ай бұрын
Liked and subscribed.
@JonGoodCyber 7 ай бұрын
Awesome, thank you!
@nabhanyuhalgeri8083 Жыл бұрын
Hello jon, I am preparing for CISSP and have 3+ yrs of experience is cyber sec with a Bachelors and Masters in cyber sec. Do you recommend I take CompTIA security+ or Cysa+ prior to CISSP?
@JonGoodCyber Жыл бұрын
Unfortunately degrees, training and experience don't always lead to developing the appropiate level of knowledge or skill that professionals should have. You can find all of my certification and skill recommendations in my free eBook's roadmap ( jongood.com/getstarted/ ), which will make sure that you have what you need. It's entirely possible that you have some of what I list but if not, you need to resolve those gaps first. The CISSP could certainly be a next step once you've established that you have what I've listed.
@rolandbrown856 7 ай бұрын
I would suggest doing the “CC” from ics2, it’s a very slimed down CISSP exam and free to sit (for now). You can use it as a good base, then work on the study from there. It helped me massively
@TheRabbittz 9 ай бұрын
I am fully endorsed CISSP and have never used it. I found the test super easy and it wasn't very valuable.
@JonGoodCyber 9 ай бұрын
If you didn't actually learn anything from studying for the CISSP, then you didn't do it right and did yourself a disservice. Nobody has experience in all the domains that the CISSP CBK covers but also I can't imagine spending time studying for a certification and not taking away at least something.