WHAT IS CISSP AND HOW WILL IT BENEFIT MY CAREER?
Becoming a Certified Information Systems Security Professional (CISSP) should be a top goal for all experienced information security practitioners. The certification is approved by the US Department of Defense, which has some of the highest standards in the world. CISSP is also one of the most frequently used filter criteria used by hiring managers on many job sites. This means having the credential next to your name puts you at the top of the list.
The CISSP certification demonstrates your ability to design, implement, and support information security systems. It goes without saying, but the field of cyber or information security has exploded in recent years. The increase in focus and investment for companies is fueled by a large number of cyber attacks in recent years. Many have been on big-name companies like Sony, Marriott, Equifax, Anthem, and several others.
The skills you learn with CISSP positions you for higher earning potential and validates your ability to implement cybersecurity solutions. It will establish you as a leader and most importantly demonstrate you are able to secure your company’s systems and data.
We created this guide to be your path to CISSP certification. Our goal is to help you understand what becoming a Certified Information Systems Security Professional (CISSP) means and how to earn it. We want to make sure you have the information you need, so please let us know in the comments if you have any questions on other CISSP topics.
WHO SHOULD GET CISSP CERTIFIED AND WHAT POSITIONS WILL IT BENEFIT?
The CISSP certification is geared towards information security professionals. However, it is highly recommended if you are a leader in technology since security is the responsibility of every employee. Understanding the CISSP domains and how they apply to system security will make you a more effective IT leader.
- Information Security Management Professionals
- Chief Information Security Officers
- Chief Information Officers
- IT Systems Directors and Managers
- Information Security Consultants and Architects
- Information Security Analysts and Auditors
- Information Security Engineers
- Network Architects and Engineers
WHAT DOES A CISSP DO?
While the answer to this varies by company and position, the responsibilities of a CISSP associate include:
- Engineers overall cybersecurity architecture for company systems and networks
- Maintains security technology and infrastructure operations
- Establishes appropriate Identify & Access Management (IAM) procedures and controls
- Executes security assessments and testing initiatives
- Oversees security and risk management programs
- Ensures information security systems and policies comply with applicable requirements and regulations
WHAT CAN I EXPECT ON THE CISSP EXAM?
Pearson VUE facilitates the exam at their widely available testing centers across the US and other countries. You must have at least five (5) years of relevant work experience. This experience must be in at least some of the CISSP domains covered on the exam.
You will have three (3) hours to complete the ~150 multiple choice questions on the exam covering the eight (8) domains below. To successfully pass the exam, you must score at least 700 points on the 1,000 point scale.
CISSP DOMAINS & PERCENT OF EXAM
- Domain 1 – Security and Risk Management (15%)
- Domain 2 – Asset Security (10%)
- Domain 3 – Security Architecture and Engineering (13%)
- Domain 4 – Communication and Network Security (14%)
- Domain 5 – Identity and Access Management (13%)
- Domain 6 – Security Assessment and Testing (12%)
- Domain 7 – Security Operations (13%)
- Domain 8 – Software Development Security (10%)
After you pass the exam and have met all the prerequisites, you may apply for certification. Your CISSP certification will be valid for three years before you will need to re-certify.
WHERE CAN I FIND CISSP EXAM PREP TRAINING OR PRACTICE EXAMS?
We’ve analyzed many CISSP certification courses and have identified the top recommended online courses and instructor-led training for you. With either learning path, you will be well prepared since the courses are all designed based on the exam questions.
BEST ONLINE COURSE FOR CISSP CERTIFICATION TRAINING:
- CISSP Certification Course by Simplilearn: This course provides 32 hours of online instructor-led training videos to prepare you for the CISSP exam. It covers each of the eight (8) CISSP domains in detail to give you a deep understanding no matter your level of experience. The course also provides access to five practice exams with 150 questions each to get you familiar with the types of questions that will be on the certification exam. Following this course, you will be well prepared to successfully pass the CISSP certification exam.
- CISSP Training by Cybrary: While it’s not as comprehensive as the above course, Cybrary’s online training provides a good introduction to the CISSP domains. The course is a great place to start for those that may not be familiar with concepts covered by a CISSP certification. To be fair, the course is free. However, it may not provide the deep knowledge, practice exams, or expertise you need to successfully pass the exam.
HOW MUCH DOES CISSP CERTIFICATION COST?
The CISSP certification cost will depend on whether you are a pursuing the full certification or a CISSP Concentration. The concentrations focus on becoming a specialized information security professional in either Architecture (CISSP-ISSAP), Engineering (CISSP-ISSEP), or Management (CISSP-ISSMP).
CISSP Certification Cost: $699
CISSP ISSAP/ISSEP/ISSMP Concentration Cost: $599
HOW DO I GET CISSP CERTIFIED?
First, you must have a minimum of at least five (5) years of work experience demonstrating and performing the responsibilities across at least two (2) of the eight (8) CISSP domains.
Once you’ve met the work experience requirements, the next step will be to register and sit for the CISSP exam at a Pearson VUE testing site.
After you pass the exam, you’ll need to submit an application for endorsement. This is the process for (ISC)² to confirm you have the minimum necessary experience and are in good standing with the broader information security industry. You’ll have nine (9) months to have either (ISC)² or an (ISC)² certified professional in your network attest to your experience following the exam.
Before heading down this path, it is highly recommended to take CISSP exam preparation courses, training, and practice exams. No matter your experience level. These resources help you learn the terminology and content from each CISSP exam domain.
WHAT IS THE AVERAGE SALARY FOR CISSP PROFESSIONALS IN 2019?
Based on a sample of data from PayScale, the average annual salary for a CISSP professional in 2019 is $108,000. The top cities that pay well above average for this certification include New York, Washington D.C., Dallas, and Chicago.
However, you’ll be able to find companies of all sizes hiring CISSP professional in almost every state. CISSP certified professionals are the highest valued and sought after in the cybersecurity industry.
WHAT ARE OTHER RELATED INFORMATION AND CYBER SECURITY CERTIFICATIONS?
You may also be interested in the following related certifications which will further build your expertise in risk and information security management:
- Certified in Risk and Information Systems Control (CRISC) is a certification for those interested in identifying security risks in order to develop the strategies and plans for mitigation.
- Certified Information Security Manager (CISM) is one of the most sought-after certifications for those who manage, design, and assess an organization’s information security.
We hope you have found this collection of resources useful to get you on the right track to become a Certified Information Systems Security Professional (CISSP). Please share your thoughts in the comments and contact us with any questions.