I've been in the IT industry for about five years. I've done work in various area such as tech support and administration...
but mostly in software development. I also have a CPSC degree. Am I qualified to take the CISSP exam? How do I assess whether my experience is relevant to the CISSP's three year requirement? How will the examiners assess my experience?
The ISC-squared is actually kind of vague about what does or doesn't constitute "relevant work experience." My information from other CISSPs is that you have to be able to make the case that your work somehow involves security; better yet, you'll want to include specific details about your duties, activities, tasks you've performed and so forth that include chronology, duration and as much descriptive information as possible. I'm told that anybody who can demonstrate that as little as 10-15% of their overall effort is security related over three or more years is usually a shoo-in when it comes to meeting that requirement. If you have friend or colleagues who are already CISSPs, you can also get them to write supporting letters on your behalf.
The examiners usually go by a combination of how believable and coherent your own experience narrative is, but they will also weigh testimony from other CISSPs on your behalf as well.
I didn't get a strong sense of direct security involvement in your ever so brief list of positions, so you'll have to make a case for the security experience you gained in various aspects of those jobs.
For more information on this topic, visit these other resources on SearchSecurity:
Careers and Certification Tip: Security certification -- CISSP
Ask the Expert: The ten areas of the CISSP Common Body of Knowledge
Ask the Expert: Advice on preparing for the CISSP
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.