EXPERT RESPONSE
The parent organization for the CISSP, the ISC-squared, is pretty quiet on the subject of how job duties
and responsibilies map to each of the 10 areas in the CBK. Since
you already have a CISSP, forgive me for observing that point should
be nearly moot, except obviously that you're trying to figure out
how to put your knowledge to work in the workplace. But having
obtained the CISSP, you have been able to convince them that you
had at least three years of relevant work experience, as well as passing
the test. I might therefore ask you to revisit your application and
see how you made the case to qualify to meet the on-the-job
experience requirement.
That said, it's probably best to let your technical interests
guide further work and training. If IDS are what excite you, you
are correct in observing that SANS offers training and certification
on that subject (as do numerous vendors, including ISS, Computer
Associates, Network Associates and many others).
I'm sorry I can't point you to specific lists of job duties or
aptitude tests or self-assessments to help you figure where to
specialize. My advice is to continue to read widely in the field,
and to concentrate in those areas where your interest and enthusiasm are highest. With a 13-to-1 ratio of jobs to qualified
candidates, the security field is one where you can try out
various roles before settling into the one you like best.
For more information on this topic, visit these other searchSecurity resources:
Best Web Links: Security Training
Career Tip: Security Certification: CISSP
Chat Transcript: Security certifications: What they are, and why you need them
|
