Destination Reached: CISSP
Friday, July 2nd, 2010
I am happy to report that I have been awarded the Certified Information Systems Security Professional (CISSP) by the International Information Systems Security Certification Consortium [(ISC)2]a.
I started pursuing the certification in mid-2009, got serious about studying early this year (2010), took the exam in late April, was notified that I passed and had my background endorsed in May, had to update my resume for an auditor in early June and was awarded the CISSP designation at the end of June.
I felt that this certification was important both professionally and personally.
Professionally, the certification serves as a validation that I have a solid and broad understanding of information systems’ security. People who have worked with me know that I have been focused on IS security for many years.
Whether performing security-centered code reviews, fixing flawed implementations or teaching designers and developers how to improve the security of their systems, I have been on a mission to mentor and train people to observe effective security practices and principles. I’ve also had operational responsibility for system infrastructures. With that experience I was able to pass GIAC’s GSEC and Red Hat’s RHCE exams several years ago.
Personally, the process of studying and passing the exam allowed me to pursue and attain a non-trivial goal. I am enrolled and taking classes toward my master’s degree, but completing that work will require several more years of part time attendance. Setting and achieving intermediate goals helps to keep me focused and learning.
If you are wondering what the CISSP is all about, please read on.