I’ve passed the CISSP exam, few months back…Now what?

Career Development
I have passed the CISSP exam few month back. I have almost 14 years experience in the IT field, support, networking, and routing. I thought that adding security to this profile will be cool. I prepared for it just like any other exam; I read the right books, studied well and passed. The problem is that now few months later I feel that I have forgot everything. I want to apply for a security consultant position, but I feel that I lack the confidence to fulfill this position. What went wrong? I am willing to devote time and effort to bridge the gap and rebuild this. Security skill set? But I don't know where to start or what book to read. Please guys advice!

Answer Wiki

Thanks. We'll let you know when a new response is added.

To some extent, doing leads to learning like no other approach. The lack of confidence can probably be addressed by reading, visiting key security related Web sites and online forums, and keeping up with news, trends, and events in the security industry. You might want to address this same query to the great community online at Clement DuPuis’s outstanding CISSP-focused site www.cccure.org.

Look at job postings that mention CISSP online (dice, hotjobs, etc.) and see what skill sets they’re seeking. This will help you decide what subjects to bone up on, and lead you toward books and online materials to help supplement your knowledge base.



Discuss This Question: 4  Replies

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Wolfeee
    Also, if you are currently a System Administrator, try looking at everything with your CISSP hat on. Begin to examine your current company's policies and procedures, take a look at your server room, how secure is it, what about disaster recovery? Look a the server and desktop configs for vulnerabilities, will your current company allow you to perform vulnerability scans and assessments on the network? Perhaps you can become a go-to person within your own organization! It there are already CISSPs in your organization maybe you can assist them on some of their work. Another idea to get really immersed, is take a job where you would be assisting on a team that does vulnerability assessments. I hope some of these suggestions help...best of luck and congrats!
    0 pointsBadges:
  • Bobkberg
    Congratulations. What helps in terms of confidence (for me anyway) is a constantly paranoid attitude, combined with curiousity. I've encountered lots of situations where I didn't know the answer to the problem - it's never completely possible. What IS possible is to keep up on your news feeds, participate in forums like this one, go around and talk to people where you work, find out what they do, what problems they encounter, and compare and contrast those things you learn in one place with things you learn in another. Learn to perform audits - starting with many of the freeware tools. Look at auditing firms websites and literature and see what they are offering to find for you. Knowing what other people in the field are looking for, and looking at, will do a lot to expand your awareness of what needs to be done. Learn to set up an IDS and tune it. Snort is a good place to start. The biggest obstacle for confidence is to not let go of a problem - instead, look for different ways to approach it. Key question here: Are there already people in your current organization who do security stuff? If NOT, then this may be your golden opportunity. Even when I've just been a sysadmin or netadmin, I've made a point of focusing on security to whatever extent I've been able to. In every job interview, I've made sure that they understand that I expect security to be at the least a good portion of my attitude toward the job. And then I make it so. HTH, Bob
    1,070 pointsBadges:
  • Sbarner
    You might try subscribing to the Homeland Security listserv at http://www.dhs.gov/iaipdailyreport and become involved in your local Infragard chapter. Having a local context for security concerns can add relevance that can help you retain the information. Steve Barner South Burlington Schools, Vermont
    0 pointsBadges:
  • Kevin Beaver
    Your career success is largely defined by two things:
    1. your level of networking and who knows you
    2. the value you bring to the market

    It's really as simple as that. You have to focus on these things like mad until you have more opportunities than you have time. This formula works if you make it so.

    Here's a recent piece I wrote that may help:


    Also, check out my other IT and security career articles I've written.

    27,550 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: