I updated my Linkedin profile, my website and even told a few friends. I sat back and waited for the job offers to come flooding in, and I waited, and I waited. And nothing happened.
This is not right! Why am I not lording it up in an InfoSec role being paid an extortionate salary, angels playing harps and beautiful people feeding me peeled grapes? I tell you why, because a CISSP is not a free ticket to paradise, its a qualification from an exam you (hopefully) pass. It shows an ability to understand the content and apply it, in lets be honest, a bloody difficult exam. But when/if you pass you don't become an InfoSec rock star over night! It's your experience and knowledge are that make you good, or bad.
I can see why some the CISSP gets a hard time. I ran a few job searches for CISSP and the spread of roles that 'require' CISSP is nuts. Network Engineers, Security Analysts - which when you read the details were just dealing with AV deployments, patching, Pen Testers etc. These are not roles that the cert brings anything.
I remember my instructor saying on day 1.
"This is a business cert, not a technical one"HR, recruitment, and I think a great deal of the industry miss that and so abuse the cert by making it an obligatory requirement for technical roles. This is where I think the issue lies.
So don't blame the cert, I think theres a place for it. Blame the way industry uses it.
No comments:
Post a Comment