How much would my starting salary be now that I have CISSP, CISA, CISM, Security+, CEH, GSEC, SSCP, and GCIH. I did all this at home because since I don’t have a bachelors degree in Cyber (I have it in Biology), and Masters are pretty expensive… any advice about what position or salary I could get? I don’t have any experience but I’m clearly quite prepared to take on any challenges…

likefunny
Posting as :
works at
You are currently posting as works at
Highlighted IconHIGHLIGHTED

Hiring a CISSP without experience is a bit like hiring a financial advisor without experience, it devalues the certification and doesn’t prove much. It basically demonstrates you can memorize a lot of information because it’s about 1,110 pages of information to pass the CISSP. Not impossible but not easy either. Personally my CISSP has always been a good secondary skill for me. I don’t find it very practical as a career. Nothing against the profession. I just don’t run into many talented security people. What I would do in your position is build your skills in cloud, Azure or AWS as an architect. Apply the security plus Cloud and work on becoming a Cloud security architect. Within 10 years you’ll be over 200k. I specialize in Cloud, security, api management. I’m north of 200k.

likehelpful

A2- you should have waited, he would have gotten back to you with a response

But you don’t have all of these certs. You passed the test, but at least with ISC(2), you can’t even put that you passed the exam on a resume, because it’s confusing and can be misconstrued. IF you passed the exam AND you apply for it, you can be accepted as an Associate of ISC(2). That’s it. You can’t reference these certs without passing the exam, having a sponsor endorse your experience, and maintaining an active status through dues and and CPEs. Did you read any of the requirements for certification before paying thousands of dollars to sit for the exams? This screams suspicious to a hiring manager.

Please don’t devalue our credentials by claiming them when you don’t have them

likesmart

Cissp as well as other orgs dues are purely a scam. “Maintaining” CPEs and paying dues shows absolutely no skill nor capability other than the fact that you’re willing to pay into a scam.

If the dues came with semi-regular exams on new cyber topics or changes so that your knowledge is proven to have stayed relevant is one thing but that’s not what they’re doing or anybody else that I know of from the cert providers is doing.

I do and will continue to claim that I passed the cissp exam and there’s nothing they nor you can do about it.

If a recruiter wants me to get the CISSP full cert I’ll pay the 800 if I think the job is worth it and they won’t budge on the requirement and then do it the next weekend. But so far I haven’t ever had to do that, so whatever.

Recent IconRecent

Half of these require years of work experience. Either you mean to say you passed the tests but haven't been certified yet, or you obtained these illegitimately (my guess is the first).

Either way, the scope of these certs is so broad that without work experience, this screams "certification collector" to me which is a huge red flag 🚩 for hiring managers - you're not focused and spending too much time on the wrong things. I see this a LOT from applicants in India and I toss those resumes immediately.

Without experience you're eligible for entry level SOC roles and associate roles in IT audit. Salary extremely unlikely to be six figures, but you might be able to swing 80k in HCOL areas.

like

You don’t have CISSP if you don’t have experience (as years of experience is required to even get the cert). At best, you passed the test and have the Associate of ISC2 designation. Be careful to not misrepresent your credentials, as that will get you disqualified by a lot of employers

like

Wait, you don’t have experience but you passed all these? That’s impressive on its own.

like

Even with those certs, I doubt six figures is realistic with no experience. You'll be a strong candidate to be hired for sure, I'd just temper your expectations

like

Unfortunately, without any experience, it would be tough to come in higher than the associate level. However, if your ability to perform on the job is anything like your drive to obtain certifications, you should be promoted rather quickly. Question, who did you obtain all of these without experience? I know the CISA and CISSP require several years of experience to obtain them.

like

They might mean they have passed the tests, but obviously, as you said, you don’t officially hold the certification until you’ve met the experience requirements.

like

You need few years of experience to fully “obtain”certs like cisa, cissp etc. I would apply for jobs like infosec or more technical role and negotiate the salary with ur certs

like

Sorry to say but now you are over qualified to get a job. Help desk is always hiring though

likefunny

Probably not. Those are not easy to pass. Took that CISSP twice to pass. Tip 1- No drinking the night before the exam.

likefunny

… if you have 0 experience you don’t have a CISSP or a CISA. You passed the test but you’re not licensed and cannot say you are. ISACA is pretty clear about that.

Otherwise, this is pretty impressive if you actually sat for these tests. Seems like you paid a pretty penny…..

like

I know

like

I would get in the door and advertise 2 of them only. Perhaps CISA and security +.

Once you get to senior consultant roll out the CISA CISSP combo

like

Agree with D1 on the CISSP experience part. Regarding CISA and CISM it is possible to obtain those certs with less than 5 years experience (I did them both before hitting my 5 year mark in advisory / audit, but had several years of IT management experience, plus a B.A. degree which counts towards the experience requirement).

However, for those and a few others, ISC2 and ISACA will require you after successfully passing the exam to obtain validation from another certification holder in good standing - and what are they validating? Work experience. If you have no experience, but have passed the exams then congrats, but you are not officially certified until that completed application is submitted and accepted by the issuing organization.

Your best chance for work will be entry level and not six figures to begin with.

like

Personally, if they’re looking for a degree in cyber or related field then they are very shortsighted. The whole point of cyber as it is now is to draw from other knowledge bases by expanding the candidate pool. I for one do not have a degree in IT or cyber or anything technical, but still do what I do from the experience I built.

Again, entry level should be attainable if you don’t have a degree that’s related, but you have these proofs of passing the exams. If you were able to book an interview with any company, I would speak on your passion for the subject matter and what your outlook is for the future as far as your career path goes. I would also draw from whatever experience you do have and apply that when you present yourself.

like

When job hunting, do not publicize your CISSP (or any others that require time in the role) if you don't have job experience.

To answer your question, the certifications show your enthusiasm and talent for understanding cybersecurity concepts. I'm pretty sure you would be accepted at least as an analyst at Deloitte in advisory, as long as your resume doesn't show any red flags with those certs.

like

No experience? Try for 80-100k

like

$1

funny

This will get you an IN as far as breaking into cyber. It shows morivation, and arguably knowledge. So probably take an entry level position; its totally ok. Nothing trumps relevant experience. And as for the certs you have done, it will hold you in good stead as you climb up the ladder. Some companies need these cert for promotion to managerial roles. So modify you expectations, be sure about your goals, you’ll be more than fine OP

like

Wow, OP!! I thought I did well to get my Security+ without first having any IT or security experience or other related or foundational certs. Started studying in May...passed in August. Not. Easy.

Now, I'm going for CIPP/US. I'm going to hold it there, until an employer is footing the bill. The quest for certs is not cheap!

Your run does show incredible enterprise and persistence. But, it's true about what others are saying about actual experience in the industry...I'm finding it is tricky to parlay Security+ to successful applications even though I have 20 YOE, a Masters and ran my own LLC for a decade.

I'm pivoting careers, and my focus is GRC and cyber awareness and social engineering. Decided to pass Security+ and CIPP to fill in technical and subject matter knowledge and demonstrate I was serious, capable and willing to invest in my own professional development.

I'm convinced that my skills and experience are terrific complements to this work -- just need to find the right role/team/firm. (Have one application in the process now with Deloitte...fingers crossed!)

Good luck to you!

like

Very impressive! As other ppl mentioned, I only passed the exams with educational knowledge but it did take me forever. I’m still not fully certified because I don’t have the experience for it yet. I’m very persistent and I’m willing to learn a complete different field if it means something to me

like

BUT to answer your OG question, my first security role I started at $115k. I had no infosec experience, but had done IT and Security project management

helpful

Thank you 🙏

Your starting salary is probably in line with those suggested below; however, if you can get a job in a hot area, you can jump in two years and make more money and then from there should be able to start moving up quickly...assuming strong performance.

helpful

But it’s true that I don’t need to have a bachelor degrees in Cybersecurity or Computer Science right? Because I see some jobs require that…

Generally in the field of cybersecurity, no it’s necessary. Specific to some roles, possibly still even though these days a lot of places have relaxed on that requirement.

Yeah I guess what I have are the certificates then. I thought it was certifications already.

All this post is not realistic, I didn’t learn all that in 2 years, when I first posted this I had no clue about what half those certifications meant, I was just looking for random information about certain topic, y’all provided great info but some others felt weird about it, the question was what position or salary was it possible for me to get by having those random certification, you were just supposed to write a number and position, but thank you for providing extra information, it helped me a lot to see what I should do or should not do. I appreciate it a lot, truly. Now I have an idea of what certifications to get first (Security+, Network+, A+) I also learned that each field has different certifications, clouds have different certifications (AWS, Google, Azure), pen testers have different ones (CEH, , OCSP?, Pentest+, ejpt) , and more advanced ones (CISSP), and compliance/risk/governance too (not fun), so thank you to you all who gave a bit of information to support my case. It is true I’m changing careers and that I have different , just not true about everything else with all the random certifications.

I also know that I can’t focus on those certifications until I’ve managed to learn all the OS (Linux, Windows, MacOS, Unix (which is basically Linux clone but doesn’t hurt to know). I also know Python, JavaScript, and SQL are useful, not that Script Kiddy stuff, I mean to learn how to code with them to be able to make tools/automation that could be useful

Related Posts

What is your age, current salary, and state you reside?

like

Does anybody know what's the monthly salary range for Talent Acquisition Manager in Israel?

like

What is the timeline of your job and salary progression?

like

Senior Copywriter looking to move up to the ACD level. Preferably in a west coast market. 7+ years experience, been in a senior role for 5 and 2 Cannes-winning projects in the past 2 years.

How realistic is it to land an AD position as a fresh grad (with a doctorates) and a handful of pharma & FDA interships? I'll have over a year of (consistent) work experience at a large pharma company and I have prior leadership/mgt experience in a gov't position prior to changing career paths and pursuing my doctorates. TIA!

like

What is the hiring status in FAANG? They were all having hiring slow downs or freeze. So anyone know of the current status??

If You need a referral have Cyber experience and a clearance DM me!

like

Can I ask for a slight increase ($5K) in salary if I already signed an offer letter? Their highest threshold was $5K more than what the offer was. If so, how do I go about it?

like

Anyone exit to corporate VC? If so, what level did you exit and what type of experience/academic background did you have?

like

Hello all,

I am a recent college grad that has been struggling to transition & find a good entry QA role. Does anyone know a remote entry level Quality Assurance Analyst or QA Specialist roles hiring? I live in Washington, DC so I can be on site as well. TIA and open to any advice or referrals as well!!

like

Deloitte fish, asking for a friend on salary expectations for Deloitte GPS senior consultant, manager role?

Thanks!

like

I’m currently working in Australia and I’m thinking of relocating to the UK next year. Just trying to get some insights on what the average salary for a senior BA would be in London. Also trying to figure out how likely I would survive financially because I’ve heard accomodation in London is quite expensive 😂

like
like

Any chance a consultant at Deloitte could exit into private equity, and how?

like

Ok friends, help me out here….I need to know what an RN makes in an Internal Med Clinic Setting that has a speciality of testing and treating STI’s including HIV.
AND what a Behavioral Health Intake Nurse makes.
Any insight would be much appreciated! TYIA!

like

Left big4 for a national firm. It’s not looking like a good fit after 3 months. How soon is too soon to ask for my old position back?

like

After 3 years of dealing with the worst firm I've ever had the displeasure of working for, I finally landed my dream gig at a small specialty firm. The people at the new firm are all SMEs featured in and contributors to the most notable business publications in the world, less than 100 employees, better benefits, unlimimted PTO, doubled my pay and landed a senior role.

Keep looking for what you want and deserve. I'm happy to be forging a better path away from what I've had to endure.

likeuplifting

Hello everyone! I am new here on this site looking for guidance on two things. One.., an exit out of my current place. And two can anyone give me a round about salary rate for a volunteer coordinator in the nyc area. Thanking you in advance!

like

More Posts

If You need a referral have Cyber experience and a clearance DM me!

like

Can I ask for a slight increase ($5K) in salary if I already signed an offer letter? Their highest threshold was $5K more than what the offer was. If so, how do I go about it?

like

Moving to DFW in a couple of months.
What are some good agencies down there?
Is there any group for DFW creative?

Should I get a Dyson fan? Is it worth the price?

like
like

How much does QA engineer II make in TD Canada bank?

like

Our startup just raised our Series B, I want to ask for a raise but I’m not really sure how to go about it - any tips from my baddass females or allies out there? 🙌

like

For those on medication for anxiety what are you taking?

How conservative do you make your appearance at work (including hair too)? Does it help the way colleagues & Partners interact with you?

like

The "I can't find a job outside of public accounting" support group thread

like

So I wanted to share my experience and see if it helps anyone else out there. I was not an alcoholic, but I was definitely alcohol abusive. I would go out and drink and then be completely blacked out and not remember anything. I would also do and say stupid things that just made no sense and I even got in trouble with the law a few times.

One day, my friend and I after a few day bender decided to take some LSD because we were hung over and just wanted to not drink and chill. (Cont.)

like
like

If I buy something Tumi from Nordstrom (bc same price but I can get Nord points) - can I go into Tumi to get the tag personalized for free?

like

Chicago’s mayor keeping us all in line event with our diet 😂

Post Photo
likefunny

Anyone exit to corporate VC? If so, what level did you exit and what type of experience/academic background did you have?

like

Is labor pain really hard? What about the epidural? If that is taken do things get better?

like

Your favorite Denver agencies?

What is the best/quickest way to get laid off? Asking for a friend.

likefunny

Whats the move tonight?

like

Additional Posts in Cyber Security Bowl

What’s it like working at Mandiant?

like

D Cyber to Synopsys a good move?

like

Anyone from Unit 42 willing to provide a referral? Happy to share my resume/background

like

I keep getting contract offers on LinkedIn (think self-employed consultant). The rates seem really good ($120-$150/hr). I have around 5 years exp and a CISSP. I’m highly considering leaving big4 to become a contractor/self-employed consultant. From a risk perspective I’m young and have no kids and low debt.
Anyone did it? Any feedback?

like

Any PwC 🐠 willing to refer for an identity and access mgmt role?

Can’t seem to find the thread but any recommended material for SEC +? I tried last year and failed by 20 points… then the exam switched and didn’t want to study new material. Any pointers would help. Have a good weekend all

like

Anyone familiar with Kratos Defense and Security Solutions?

like

Everyone says that getting a Master's in cyber isn't worth the time/money. Certs are better. But surely an MS in cyber could benefit in some way. In what career path would a degree like this help?

like

How are DBA privileges provisioned within AWS? How do you prevent SOD conflicts???

like

🐟 any suggestions on next move? Have offers from following
1) Deloitte - 175K
2) PwC - 160K
3) EY - 165K
Role - M , HCOL, PAM/IAM.
Which one to go with? D has better comp but not sure how WLB is ?

likehelpful

What's the industry's view on the CISM cert? I know the CISSP is like the gold standard but what about the CISM? Lots of higher level roles require one or the either so it seems like there is value?

likehelpful

Do we have professionals from Brisbane, or other Australian cities here?

I wanted to know what do you guys think I should ask for expected compensation - my profile is :

3 Years into InfoSec compliance around ISO27001; SSAE-18; CIS

1 Year into Identity and Access Management (PAM focussed)

Holding ISO27001LA, CompTIA Security+, AZ900.

In next 4 months I target to achieve AZ500, and CISSP.

Can someone please evaluate and tell me what can I ask in AUD ? Pre and Post CISSP

Thanks in Advance

like

Has anyone taken the AWS security speciality cert? Besides LA and whizlabs exams, are there any other suggested resources?

like

Thoughts on the future of Cyber Threat Intelligence as a specialization? Is it a discipline that will continue to grow?

like

I am in US based cyber practice team working towards my promotion for year 2021. I am currently a System Operation Engineer II which is equivalent to Advisory Consultant. If I get promoted next year, what’s the estimated raise if I get promoted to Lead System Operation Engineer I that is equivalent to Senior Consultant/ Specialist senior?

like

Is IAM cybersecurity? Seems just like glorified IT work

likefunny

EY TAS still hiring? 5 years In Deloitte Cyber specializing in ITRM work. Interested in due diligence.

like

What the heck is cyber security strategy? Is it really cyber? What skills does someone have when they specialize in that? And what exit ops do those guys get?

like

Anyone work in any of the MBB and do security work? I am shifting over and would like some insight. Thanks!

like

New to Fishbowl?

Download the Fishbowl app to
unlock all discussions on Fishbowl.
That was just a preview…
Sign Up to see all discussions
  • Discover what it’s like to work at companies from real professionals
  • Get candid advice from people in your field in a safe space
  • Chat and network with other professionals in your field
Sign up in seconds to unlock all discussions on Fishbowl.

Already a user?
Login here

Share

Embed this post

Copy and paste embed code on your site

Preview

Download the
Fishbowl app

See what’s happening in your industry
from the palm of your hand.

A phone with Fishbowl app

Send download link to your phone

OR

Scan your QR code to download
Fishbowl app on your mobile

By continuing you agree to Terms of Use and Privacy Policy.

Messaging rates may apply

Download app

Sign up for free to view this conversation on Fishbowl

By continuing you agree to Terms of Use and Privacy Policy

Already have an account? Log in

Sign up for free to continue using Fishbowl

By continuing you agree to Terms of Use(New) and Privacy Policy(New)
Messaging rates may apply

Already have an account? Log in

For account settings, visit Fishbowl on Desktop Browser or

General

Legal