After CISSP?

After CISSP? Register Help Remember Me? What's New Today's Posts Forum Actions Mark Forums Read Advanced Search Forum InfoSec Security Certifications After CISSP? + Reply to Thread Results 1 to 7 of 7 Thread: After CISSP? Thread Tools Show Printable Version Subscribe to this Thread… niall.nf Junior Member Join Date Jul 2013 Posts 6 11-29-2013 08:06 PM #1 After CISSP?

Hi guys,

I'm looking for your advice on a career decision I need to make. I recently passed CISSP and am looking for my next move. My contract is up where I'm currently working at the end of June 14, and I want to well prepared when the time comes.

My main questions: CISM or CRISC? I figure each would require 3 -4 months prep so I'm wondering which is the better move? Or does it make more sense to do one before the other?

Also how much would my recent CISSP help me with them?

My background is I'm working as a network technician for a large company for 6+ years. I have some experience in risk management and IT service management but not as much as i'd like. I'm more on the technical side of the house but TBH i'd like to eventually drift to a more managerial position.

I have a CCNP Security, ITIL foundation, CISSP and a bachelors degree in IT management.

Id love to hear some thoughts form those who have gone before me, or anybody with some insight into either CISM or CISA

Also what is G2700 like for somebody with limited experience with ISO 27001 ? Is it a good area to get into etc?

Thanks in advance for any help!!

Last edited by niall.nf; 11-30-2013 at 10:49 AM.

Quote  
Login/register to remove this advertisement. JDMurray Certification Invigilator Forum Admin Join Date Jul 2003 Location Surf City USA Posts 9,733 Blog Entries50
Certifications GSEC, EnCE, CISSP, SSCP, CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec (CNSS 4011, 4013) 12-02-2013 02:13 AM #2

Do you currently have the professional work experience required by the CISA, CISM, or CRISC certifications? You can take the exams without having the work experience, but that won't help you much in finding an InfoSec job. If you want to stay in network operations then I would suggest the CCIE Security would be a better choice than an InfoSec auditing or management cert. I would also suggest planning not to "drift" into management, but instead get with a large company that has a management training program.

Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
--
Blog: www.techexams.net/blogs/jdmurray
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray

Quote   paul78 Senior Member Join Date Feb 2012 Posts 1,735 12-02-2013 02:08 PM #3

Also to elaborate on what JD mentioned... Assuming that you have the requisite management experience, given the option of CISM or CRISC first - I would suggest the CISM. It's actually a very straight-forward body of knowledge. While there is more subjectivity based on perceived best-praactices in the CISM than in the CISSP, most people with the right experience would consider it mostly review.

While, I laud ISACA's attempt at developing a risk-based certification in the CRISC, my personal believe is that this certification has some opportunity to mature. A lot of the material is repetitive and lacks sufficient depth.

Also - CISM and CISA are ISO/IEC 17024:2003 compliant certifications - the CRISC is not.

Quote   niall.nf Junior Member Join Date Jul 2013 Posts 6 12-03-2013 06:53 PM #4

wow didn't realise CRISC was not compliant with SO/IEC 17024:2003. That fairly rules that out so.

Thanks for the help.

Anybody done G2700 exam??

Quote   dou2ble Junior Member Join Date Sep 2013 Location Southern California Posts 10
Certifications CISSP, CRISC, MCSA, S+, N+ Yesterday 06:15 PM #5

I grandfathered into CRISC and it hasn't done anything for me. Sounds like you're already going this route, but I'd recommend CISM instead.

Quote   niall.nf Junior Member Join Date Jul 2013 Posts 6 Yesterday 07:27 PM #6

Originally Posted by dou2ble Sounds like you're already going this route, but I'd recommend CISM instead. Thanks for the heads-up dou2ble. I've been doing a bit of research over the last number of days and am now sure i'll be staying away from CRISC this year.
Starting to also have second thoughts about CISM, correct me if i'm wrong but is it not slightly redundant doing CISM with a CISSP and bachelors degree in IT management. I might just take JDMurrys advice and start the CCIE..Either that or do something different like a PM cert.

Need to make up my mind soon..Thanks for your input guys

Quote   bobloblaw Senior Member Join Date Dec 2012 Location Memphis, TN Posts 131
Certifications CISSP, CEH, Sec+ Yesterday 07:31 PM #7

Do you qualify for PMP? That would hold much more value than an ISACA cert with your current credentials.

Quote   + Reply to Thread « Previous Thread|Next Thread »
Social Networking & Bookmarks Bookmarks Digg del.icio.us StumbleUpon Google Tweet CompTIA Cisco Microsoft CWNP InfoSec Practice Exams Forums Blogs

Subnet Calculator Netpict Online Degrees Exam Vouchers Free Magazines Topsites

Home Forum Rules Contact UsSupport Us Archive Privacy Statement Top TechExams.net ? 2002 - 2013 - All times are GMT. The time now is 05:10 AM. - CSS version TechExams.Net is not sponsored by, endorsed by or affiliated with Cisco Systems, Inc. Cisco®, Cisco Systems®, CCDA?, CCNA?, CCDP?, CCNP?, CCIE?, CCSI?; the Cisco Systems logo and the CCIE logo are trademarks or registered trademarks of Cisco Systems, Inc. in the United States and certain other countries. All other trademarks, including those of Microsoft, CompTIA, Juniper ISC(2), and CWNP are trademarks of their respective owners.

Powered by vBulletin® Version 4
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.6.0

View the original article here