Varun,
I'm in the same position, having worked as a Security Architect for
only one year. I have recently passed the GSEC qualification which
covers the 10 domains of CISSP.
For a summary of the two qualifications look here
http://forums.boson.com/forums/ittests/topic.asp?TOPIC_ID=588 and here
http://www.nwfusion.com/careers/2004/0920man.html?page=2
While GSEC isn't as widely recognised, it is still respected as a
sound technical grounding in infosec disciplines and is gaining
popularity with employers (apparently). It also appears to cover most
of the syllabus for the Comptia Security+ exam which you don't even
need to renew. I plan to sit the Security+ exam and renew my GSEC
certification whilst waiting for my 4 years to elapse before sitting
CISSP. As someone already mentioned, surely there's a reason for the
mandatory 4 years' experience, we wouldn't want to devalue one of the
truly respected IT qualifications by minimising entry requirements and
opening the door to any crammer who cares to take it.
Regards
Natalie
P.s.... if you go for the GSEC, give yourself more than 24 hours to
write your practical... otherwise you'll not represent yourself as
well as you might... yes, I speak from experience!
-----Original Message-----
From: Varun Pitale [mailto:varun.pitale@gmail.com]
Sent: 14 February 2005 22:51
To: security-basics@securityfocus.com
Subject: CISSP without experience
I have a 6 month experience on working professionally in Information
Security, but I have been learning and practicing it in my studies and
now I am looking for a job. Almost all of the jobs require a CISSP,
but you cannot get it without atleast 3 years experience. I did hear
that even without an experience you can pass the CISSP, but you will
not get the certification and then you can go to the employer and tell
him that you passed the CISSP. Anyone have any views or any experience
with it?
--
Regards,
Varun
(704)-687-6005 --(Office)
(704)-458-3589 --(Mobile)
mailto: varun.pitale_(at)_gmail_(dot)_com
