CISSP from (ISC)² is the most globally recognized certification in the information security market. Required by the world’s most security-conscious organizations, CISSP is the gold standard credential that assures you possess the deep technical knowledge and experience to effectively design, engineer, and manage the overall security posture of an organization.
As trusted advisors, you are the information security leaders within your organizations and serve as role models for aspiring information security professionals. Your technical expertise, experience, and business acumen play a critical role in helping organizations integrate stronger security protocols in an increasingly complex cyber world.
Candidates must have a minimum of 5 years of paid full-time work experience in 2 of the 8 domains of the CISSP CBK, which covers critical topics in security today including risk management, cloud computing, mobile security, application development security, and more.
What job title do you have?
CISSPs hold titles ranging from chief information security officer and director of security to network architect and security consultant. They are responsible for all aspects of information security in an organization – from setting the overall strategy to building and maintaing a secure business environment.
What's a typical day like for a CISSP?
A typical day involves liaising between different interest groups. CISSPs not only spend time providing direction to their teams, they also meet with senior executives and other stakeholders to offer guidance on how to maintain a strong security posture or respond to critical issues. As the security leaders of their organization, CISSPs also devote time to developing the policies and procedures required to ensure the right systems, processes, and technologies are in place to protect information assets. Depending on the size or type of organization, CISSPs may also take a more hand-on role in implementing and managing day-to-day security operations.
What's your job setting like?
CISSPs operate in companies of all sizes, from multi-national corporations and government agencies to small businesses. From wherever they work – whether it is in a cube, office, secure facility, or virtually – they are always on call to provide strategic advice and guidance for managing information security infrastructure and overall information assurance.
What skill sets are most important to your job?
CISSPs must have a wide breadth of knowledge across information security technologies and trends in order to ensure the right systems and processes are in place to protect their organization. Equally as important, if not more, are the managerial skills they've developed as security leaders to effectively communicate with different groups across the organization, including end users, management, and other key stakeholders. CISSPs often must convey the need for a security initiative while also providing strong leadership and support in the event of a crisis.
If a security breach were to take place, what is your role in handling remediation and/or prevention?
CISSPs are the go-to leaders. They bridge the gap between upper management and IT security staff to ensure the organization can respond swiftly and successfully to a security breach. CISSPs also lead the investigation to identify what happened and who might be responsible. They manage the remediation efforts and establish the guidelines and policies needed to prevent similar breaches in the future.