How much would my starting salary be now that I have CISSP, CISA, CISM, Security+, CEH, GSEC, SSCP, and GCIH. I did all this at home because since I don’t have a bachelors degree in Cyber (I have it in Biology), and Masters are pretty expensive… any advice about what position or salary I could get? I don’t have any experience but I’m clearly quite prepared to take on any challenges…

likefunny
Posting as :
works at
You are currently posting as works at
Highlighted IconHIGHLIGHTED

Hiring a CISSP without experience is a bit like hiring a financial advisor without experience, it devalues the certification and doesn’t prove much. It basically demonstrates you can memorize a lot of information because it’s about 1,110 pages of information to pass the CISSP. Not impossible but not easy either. Personally my CISSP has always been a good secondary skill for me. I don’t find it very practical as a career. Nothing against the profession. I just don’t run into many talented security people. What I would do in your position is build your skills in cloud, Azure or AWS as an architect. Apply the security plus Cloud and work on becoming a Cloud security architect. Within 10 years you’ll be over 200k. I specialize in Cloud, security, api management. I’m north of 200k.

likehelpful

A2- you should have waited, he would have gotten back to you with a response

… if you have 0 experience you don’t have a CISSP or a CISA. You passed the test but you’re not licensed and cannot say you are. ISACA is pretty clear about that.

Otherwise, this is pretty impressive if you actually sat for these tests. Seems like you paid a pretty penny…..

like

I know

like
Recent IconRecent

Half of these require years of work experience. Either you mean to say you passed the tests but haven't been certified yet, or you obtained these illegitimately (my guess is the first).

Either way, the scope of these certs is so broad that without work experience, this screams "certification collector" to me which is a huge red flag 🚩 for hiring managers - you're not focused and spending too much time on the wrong things. I see this a LOT from applicants in India and I toss those resumes immediately.

Without experience you're eligible for entry level SOC roles and associate roles in IT audit. Salary extremely unlikely to be six figures, but you might be able to swing 80k in HCOL areas.

like

You don’t have CISSP if you don’t have experience (as years of experience is required to even get the cert). At best, you passed the test and have the Associate of ISC2 designation. Be careful to not misrepresent your credentials, as that will get you disqualified by a lot of employers

like

Wait, you don’t have experience but you passed all these? That’s impressive on its own.

like

Even with those certs, I doubt six figures is realistic with no experience. You'll be a strong candidate to be hired for sure, I'd just temper your expectations

like

Unfortunately, without any experience, it would be tough to come in higher than the associate level. However, if your ability to perform on the job is anything like your drive to obtain certifications, you should be promoted rather quickly. Question, who did you obtain all of these without experience? I know the CISA and CISSP require several years of experience to obtain them.

like

They might mean they have passed the tests, but obviously, as you said, you don’t officially hold the certification until you’ve met the experience requirements.

like

You need few years of experience to fully “obtain”certs like cisa, cissp etc. I would apply for jobs like infosec or more technical role and negotiate the salary with ur certs

like

Sorry to say but now you are over qualified to get a job. Help desk is always hiring though

likefunny

Probably not. Those are not easy to pass. Took that CISSP twice to pass. Tip 1- No drinking the night before the exam.

likefunny

But you don’t have all of these certs. You passed the test, but at least with ISC(2), you can’t even put that you passed the exam on a resume, because it’s confusing and can be misconstrued. IF you passed the exam AND you apply for it, you can be accepted as an Associate of ISC(2). That’s it. You can’t reference these certs without passing the exam, having a sponsor endorse your experience, and maintaining an active status through dues and and CPEs. Did you read any of the requirements for certification before paying thousands of dollars to sit for the exams? This screams suspicious to a hiring manager.

Please don’t devalue our credentials by claiming them when you don’t have them

likesmart

Cissp as well as other orgs dues are purely a scam. “Maintaining” CPEs and paying dues shows absolutely no skill nor capability other than the fact that you’re willing to pay into a scam.

If the dues came with semi-regular exams on new cyber topics or changes so that your knowledge is proven to have stayed relevant is one thing but that’s not what they’re doing or anybody else that I know of from the cert providers is doing.

I do and will continue to claim that I passed the cissp exam and there’s nothing they nor you can do about it.

If a recruiter wants me to get the CISSP full cert I’ll pay the 800 if I think the job is worth it and they won’t budge on the requirement and then do it the next weekend. But so far I haven’t ever had to do that, so whatever.

I would get in the door and advertise 2 of them only. Perhaps CISA and security +.

Once you get to senior consultant roll out the CISA CISSP combo

like

Agree with D1 on the CISSP experience part. Regarding CISA and CISM it is possible to obtain those certs with less than 5 years experience (I did them both before hitting my 5 year mark in advisory / audit, but had several years of IT management experience, plus a B.A. degree which counts towards the experience requirement).

However, for those and a few others, ISC2 and ISACA will require you after successfully passing the exam to obtain validation from another certification holder in good standing - and what are they validating? Work experience. If you have no experience, but have passed the exams then congrats, but you are not officially certified until that completed application is submitted and accepted by the issuing organization.

Your best chance for work will be entry level and not six figures to begin with.

like

Personally, if they’re looking for a degree in cyber or related field then they are very shortsighted. The whole point of cyber as it is now is to draw from other knowledge bases by expanding the candidate pool. I for one do not have a degree in IT or cyber or anything technical, but still do what I do from the experience I built.

Again, entry level should be attainable if you don’t have a degree that’s related, but you have these proofs of passing the exams. If you were able to book an interview with any company, I would speak on your passion for the subject matter and what your outlook is for the future as far as your career path goes. I would also draw from whatever experience you do have and apply that when you present yourself.

like

When job hunting, do not publicize your CISSP (or any others that require time in the role) if you don't have job experience.

To answer your question, the certifications show your enthusiasm and talent for understanding cybersecurity concepts. I'm pretty sure you would be accepted at least as an analyst at Deloitte in advisory, as long as your resume doesn't show any red flags with those certs.

like

No experience? Try for 80-100k

like

$1

funny

This will get you an IN as far as breaking into cyber. It shows morivation, and arguably knowledge. So probably take an entry level position; its totally ok. Nothing trumps relevant experience. And as for the certs you have done, it will hold you in good stead as you climb up the ladder. Some companies need these cert for promotion to managerial roles. So modify you expectations, be sure about your goals, you’ll be more than fine OP

like

Wow, OP!! I thought I did well to get my Security+ without first having any IT or security experience or other related or foundational certs. Started studying in May...passed in August. Not. Easy.

Now, I'm going for CIPP/US. I'm going to hold it there, until an employer is footing the bill. The quest for certs is not cheap!

Your run does show incredible enterprise and persistence. But, it's true about what others are saying about actual experience in the industry...I'm finding it is tricky to parlay Security+ to successful applications even though I have 20 YOE, a Masters and ran my own LLC for a decade.

I'm pivoting careers, and my focus is GRC and cyber awareness and social engineering. Decided to pass Security+ and CIPP to fill in technical and subject matter knowledge and demonstrate I was serious, capable and willing to invest in my own professional development.

I'm convinced that my skills and experience are terrific complements to this work -- just need to find the right role/team/firm. (Have one application in the process now with Deloitte...fingers crossed!)

Good luck to you!

like

Very impressive! As other ppl mentioned, I only passed the exams with educational knowledge but it did take me forever. I’m still not fully certified because I don’t have the experience for it yet. I’m very persistent and I’m willing to learn a complete different field if it means something to me

like

BUT to answer your OG question, my first security role I started at $115k. I had no infosec experience, but had done IT and Security project management

helpful

Thank you 🙏

Your starting salary is probably in line with those suggested below; however, if you can get a job in a hot area, you can jump in two years and make more money and then from there should be able to start moving up quickly...assuming strong performance.

helpful

But it’s true that I don’t need to have a bachelor degrees in Cybersecurity or Computer Science right? Because I see some jobs require that…

Generally in the field of cybersecurity, no it’s necessary. Specific to some roles, possibly still even though these days a lot of places have relaxed on that requirement.

Yeah I guess what I have are the certificates then. I thought it was certifications already.

All this post is not realistic, I didn’t learn all that in 2 years, when I first posted this I had no clue about what half those certifications meant, I was just looking for random information about certain topic, y’all provided great info but some others felt weird about it, the question was what position or salary was it possible for me to get by having those random certification, you were just supposed to write a number and position, but thank you for providing extra information, it helped me a lot to see what I should do or should not do. I appreciate it a lot, truly. Now I have an idea of what certifications to get first (Security+, Network+, A+) I also learned that each field has different certifications, clouds have different certifications (AWS, Google, Azure), pen testers have different ones (CEH, , OCSP?, Pentest+, ejpt) , and more advanced ones (CISSP), and compliance/risk/governance too (not fun), so thank you to you all who gave a bit of information to support my case. It is true I’m changing careers and that I have different , just not true about everything else with all the random certifications.

I also know that I can’t focus on those certifications until I’ve managed to learn all the OS (Linux, Windows, MacOS, Unix (which is basically Linux clone but doesn’t hurt to know). I also know Python, JavaScript, and SQL are useful, not that Script Kiddy stuff, I mean to learn how to code with them to be able to make tools/automation that could be useful

Related Posts

Offer Evaluation:
I have offers for product manager roles from the following companies:
1. Airmeet
2. Razorpay
3. Flipkart
4. Meesho

YOE: 5 years
Offered(Approximate): 50 LPA + ESOPS
I would like to know which company is best and do I need to negotiate more on the offers?  

likeuplifting

Which is a better option to go with - LTI or Deloitte India?
Both are offering almost same pay.
Technology - SAP ABAP

like

USI folks currently onsite in US, what is the AIP payout date? Is it 6/11 in US accounts or 6/30 Indian account?

like

Hi, what will be the yearly hike in citi. I have offer for C10 level. 7 YOE.

like

Hello all - currently evaluating an offer for IT strategy senior consultant out of London. Would like to hear about culture and any exit opps that have come across.

Thoughts on the corporate strategy team at Visa? Trying to learn more about the regional vs global teams, salary (US btw), career progression etc. Thanks!

like

Anyone here work in a family office role? What are the hours and salary like?

like

Hey fishes, I have offers from IBM and UST. IBM is offering 30 lpa fixed and UST is offering 30.7 lpa fixed + 17% variable total 37 lpa. Which one should I choose based on WLB and job security?
YOE - 15
Role - Agile coach

like

Anyone work for Ensemble Health? How much do they pay for the Credit Balance Specialist role?

like

So fed up with my practice and not looking to stick around for typical below-market compensation in October.

Which big 4 firms or MM have the best FDD comp. so far? Excl. A&M (I know their comp., over half our practice has quit to go there lol)

like

Appeared for KPMG interview 45 days back. HR is intentionally delaying offer release. Done with 2nd round of interview in last week of July. My Lwd is in oct first week. She took documents on 23rd Aug and did salary discussion a week later. And giving shitty excuses like waiting for approval. Approver is on leave bla bla. Has anyone faced such issue with this company? I never expected such a shitty and worst recruitment process from a BIG4

like

Read that new Strategy analysts are being offered 100K coming in. Is that for Strat only or all of S&C? Will this band be applied to current analysts too?

like

Managers at Accenture Strategy (South), what was your pay increase going from consultant to manager? Any promotion bonuses?

like

For experienced accounting professionals considering a transition into a career with solid work/life balance, a fast-growing biotech company near San Francisco is hiring for a SOX Compliance Manager and Senior Accountant/Manager roles. Roles pay well over $100k.

Generous benefits, fun company culture, and VERY favorable stock options. Message me if interested, and I will try to screen you for an interview!

1. Freshworks Inc -
Designation: Software Engineer
CTC: X LPA + 1 JB
WFO/ Hybrid
2. Nagarro -
Designation: Senior engineer
CTC: (X+3.5)LPA fixed +1LPA variable
WFH, is what they have mentioned in offer letter.

Which is better in terms of learning, wlb, tech stack, promotions, hikes and other perks?
Please advise Nagarro, Freshworks Inc

like

Hi Fishes,

Need your help and suggestions to select from below offers:

PWC AC: 22.5 fix+ 2.5 JB+ Variable as per policy
Globant: 26.5 fix
Yoe: 5.10
Tech stack: SAP Native Hana+ BODS

Please suggest in terms of Wlb, career progression, job security,others.

Pwc AC Globant

like

I have an offer for Consultant Specialist GCB5. Not sure what the role is..is it a team lead role or is it a junior role? I have 10 yoe .. is it apt? Pls help Thanks

How’s Sid Lee these days? They’re hiring a lot of people. Feels like it’s been years since I saw any work from their Toronto office.

like

Got couple of openings for HR professionals in India . Middle to Senior level . IM me with your CV if keen. Thanks

likefunny

Best companies in India for Product manager role & Pay range?

#ProductManagement #ProductManager

like

More Posts

By investing 50k/annum in NPS I can save 15k tax per year.. Suggest me I should opt for NPS or not?

Hey, so I’m going to my first 3% conference. I heard it’s usually white feminism x 100. But I was wondering what I should expect? Has anyone been.

like

Hi,

I am about to join Amazon team in del18 -B&M Sites suppose in case if I don't like the work can I request them to change my role to some other department in 1-2 months also any insights about this role?

like

KPMG I’m interested in learning more about your AWA alternative work arrangements. Any success stories? When would be the appropriate time to request one? Are certain types more likely to be approved than others? What does a compressed work schedule entail?

like

Hola Fishes! Welcome to the Canada specific bowl. We can discuss about jobs, products, preferences, research, IT, digital and consulting in Canada!

like

Can I move to Florida the month my bonus hits and not pay any NY State tax on it? Or would I just declare that 1/12 of the year I was in Florida and get the pro-rated refund from NYS on my overall Pay

like

How can I invest in real estate ? Looking for an additional passive income source

like

I just did my pre-licencing certification and passed my CA state exam for property and casualty. No I have no idea what to do or where to start my career as an insurance agent since I have no experience in the real world, just lots of knowledge. Please help!

like

Looks like unemployment, businesses shutting down and COVID deaths and new way of life is priced in till November elections

like

What is the PTO carryover policy?

like

What surprised you the most about the practice of law?

likefunny

Specialists, when I send a request for comments and give a reasonable deadline, and ask that you let me know if you anticipate an issue with meeting said timeline, why would you not respond and then not send comments on time?

Am I missing something? Do I need to be more clear? Follow up more? Call you? Carrier pigeon?

I don't get it.

likefunny

My latest pickup, worth the 10 day wait after hitting on the SNKRS shock drop. Good luck to anyone trying to cop tomorrow!

Post Photo
like

Hi all,

I’m hoping for UK Tech referrals. I’ve more experience than qualifications so would appreciate a referral

like

How do I politely decline that I’m not okay to make out in the first date or when the guy calls me over to his place after we meet/eat/drink? I want to take things slowly & know the person before getting physical. Not everyone might like this but that’s what I am & this whole thing appears off-putting.

like

Any females for weekend casual meet ?

like

New to the city and looking for people to hang out with!
23F, if that matters!

like

Janhit mein jaari. Folks, while retaining, don't fall for onsite trap which they'll try to lure you with. One of our mates has learnt this the hard way. Go ahead with with your job switch, don't fall for this.

Post Photo
likehelpful

After 1 month of BGV doc submission I have not received any communication. HR says to check after some time.
What to do? Is this usual?
Do I get any confirmation on completion of BGV?

like

Additional Posts in Cyber Security Bowl

Any B4 IAM consultants make the move to Accenture? How is the talent experience (employee apps for time & expense, expense/travel policies, well being subsidy, stock options, etc) compared to what you’d find at D or EY? How do you find the quality of projects, and your role as a SC (which I understand is just “Consultant” at Accenture)? Worth making the jump or do you miss B4 life?

like

For those who have passed the CIPM exam, what is it like (and how does it compare to the CIPP/US exam)?

Anyone work in vulnerability and patch management? Is it as easy as running a norton scan and windows update on my personal computer? 🙂

like
like

Hi Fishes. I am currently holding offer from BP and Citi , both offering the same package for penetration tester. Any idea which is an overall better option to choose?

like

Has anyone gone through the deloitte cyber risk interview process recently? How many interviews did you have and how was the process?? Salary?

like

What technical interview questions can I expect for a Cloud ISSO position?

like

Thinking about getting the AWS Cloud Practitioner certification. Does EY have any amazon resources or training materials that they provide? Any advise from people who have taken it before? Thanks!

like

Thinking of moving from Big4 cyber to Accenture cyber. Any major differences (other than no channel restrictions).

like

Hey all, I have been working in Identity and access management space at EY for past 4 years. Need help with understanding best exit opportunities?

Looking for a job dojng cloud security. Which are the best and worst companies to work for? Optiv any good?

like

Can anyone recommend a good book/materials to prep for the CIPP/CIPM? 🙏🏽

How to make a jump to cloud security when I just have SOC experience? Currently studying for Solutions Architect cert

like

Does anyone know if Focal Point Data Risk is a good place to work at? Their recruiter reached out for a Principal Consultant role and I am wondering if they are a reputed name in the industry.

like

Need to recertify my AWS-SAA cert. any recommendations on best resources given the new test format (SAA-CO2)?

like

Cyber managers in Ontario, could you please help me with approx salary ranges?

like

What is the expected salary for Consultant position in Identity and Access Management field at Accenture?

How long did you guys study for The new cissp exam , and how are the questions like on the exam

like

For 🐠 who got your CISSP, about how much study time did it take you? E.g. how many weeks/months did you study for, and how many hrs/week? It's a goal of mine to get certified, just trying to (cont.)

likefunny

Anyone got insights on IBM Security? Areas of expertise? QoL? Pay, etc.

New to Fishbowl?

Download the Fishbowl app to
unlock all discussions on Fishbowl.
That was just a preview…
Sign Up to see all discussions
  • Discover what it’s like to work at companies from real professionals
  • Get candid advice from people in your field in a safe space
  • Chat and network with other professionals in your field
Sign up in seconds to unlock all discussions on Fishbowl.

Already a user?
Login here

Share

Embed this post

Copy and paste embed code on your site

Preview

Download the
Fishbowl app

See what’s happening in your industry
from the palm of your hand.

A phone with Fishbowl app

Scan your QR code to download
Fishbowl app on your mobile

Download app

Sign up for free to view this conversation on Fishbowl

By continuing you agree to Terms of Use and Privacy Policy

Already have an account? Log in

Sign up for free to continue using Fishbowl

By continuing you agree to Terms of Use(New) and Privacy Policy(New)
Messaging rates may apply

Already have an account? Log in

For account settings, visit Fishbowl on Desktop Browser or

General

Legal