Related Posts
Celigo is hiring Product Managers, Sr. Product Managers, and Lead/Group Product Managers to help make Celigo the market leader in the iPaaS market.
In this role you'll lead our Prebuilt Integrations product portfolio focused on high-value, high-impact integrations that our customers need to disrupt new markets.
If you are interested or know someone who'd be a good fit, please reach out with your resume to spshiva71@gmail.com . #productmanagerjobs
More Posts
Should I get a Dyson fan? Is it worth the price?
Whats the move tonight?
Additional Posts in Cyber Security Bowl
What’s it like working at Mandiant?
D Cyber to Synopsys a good move?
New to Fishbowl?
unlock all discussions on Fishbowl.
Hiring a CISSP without experience is a bit like hiring a financial advisor without experience, it devalues the certification and doesn’t prove much. It basically demonstrates you can memorize a lot of information because it’s about 1,110 pages of information to pass the CISSP. Not impossible but not easy either. Personally my CISSP has always been a good secondary skill for me. I don’t find it very practical as a career. Nothing against the profession. I just don’t run into many talented security people. What I would do in your position is build your skills in cloud, Azure or AWS as an architect. Apply the security plus Cloud and work on becoming a Cloud security architect. Within 10 years you’ll be over 200k. I specialize in Cloud, security, api management. I’m north of 200k.
A2- you should have waited, he would have gotten back to you with a response
But you don’t have all of these certs. You passed the test, but at least with ISC(2), you can’t even put that you passed the exam on a resume, because it’s confusing and can be misconstrued. IF you passed the exam AND you apply for it, you can be accepted as an Associate of ISC(2). That’s it. You can’t reference these certs without passing the exam, having a sponsor endorse your experience, and maintaining an active status through dues and and CPEs. Did you read any of the requirements for certification before paying thousands of dollars to sit for the exams? This screams suspicious to a hiring manager.
Please don’t devalue our credentials by claiming them when you don’t have them
Cissp as well as other orgs dues are purely a scam. “Maintaining” CPEs and paying dues shows absolutely no skill nor capability other than the fact that you’re willing to pay into a scam.
If the dues came with semi-regular exams on new cyber topics or changes so that your knowledge is proven to have stayed relevant is one thing but that’s not what they’re doing or anybody else that I know of from the cert providers is doing.
I do and will continue to claim that I passed the cissp exam and there’s nothing they nor you can do about it.
If a recruiter wants me to get the CISSP full cert I’ll pay the 800 if I think the job is worth it and they won’t budge on the requirement and then do it the next weekend. But so far I haven’t ever had to do that, so whatever.
Half of these require years of work experience. Either you mean to say you passed the tests but haven't been certified yet, or you obtained these illegitimately (my guess is the first).
Either way, the scope of these certs is so broad that without work experience, this screams "certification collector" to me which is a huge red flag 🚩 for hiring managers - you're not focused and spending too much time on the wrong things. I see this a LOT from applicants in India and I toss those resumes immediately.
Without experience you're eligible for entry level SOC roles and associate roles in IT audit. Salary extremely unlikely to be six figures, but you might be able to swing 80k in HCOL areas.
You don’t have CISSP if you don’t have experience (as years of experience is required to even get the cert). At best, you passed the test and have the Associate of ISC2 designation. Be careful to not misrepresent your credentials, as that will get you disqualified by a lot of employers
Wait, you don’t have experience but you passed all these? That’s impressive on its own.
Even with those certs, I doubt six figures is realistic with no experience. You'll be a strong candidate to be hired for sure, I'd just temper your expectations
Unfortunately, without any experience, it would be tough to come in higher than the associate level. However, if your ability to perform on the job is anything like your drive to obtain certifications, you should be promoted rather quickly. Question, who did you obtain all of these without experience? I know the CISA and CISSP require several years of experience to obtain them.
They might mean they have passed the tests, but obviously, as you said, you don’t officially hold the certification until you’ve met the experience requirements.
You need few years of experience to fully “obtain”certs like cisa, cissp etc. I would apply for jobs like infosec or more technical role and negotiate the salary with ur certs
Sorry to say but now you are over qualified to get a job. Help desk is always hiring though
Probably not. Those are not easy to pass. Took that CISSP twice to pass. Tip 1- No drinking the night before the exam.
… if you have 0 experience you don’t have a CISSP or a CISA. You passed the test but you’re not licensed and cannot say you are. ISACA is pretty clear about that.
Otherwise, this is pretty impressive if you actually sat for these tests. Seems like you paid a pretty penny…..
I know
I would get in the door and advertise 2 of them only. Perhaps CISA and security +.
Once you get to senior consultant roll out the CISA CISSP combo
Agree with D1 on the CISSP experience part. Regarding CISA and CISM it is possible to obtain those certs with less than 5 years experience (I did them both before hitting my 5 year mark in advisory / audit, but had several years of IT management experience, plus a B.A. degree which counts towards the experience requirement).
However, for those and a few others, ISC2 and ISACA will require you after successfully passing the exam to obtain validation from another certification holder in good standing - and what are they validating? Work experience. If you have no experience, but have passed the exams then congrats, but you are not officially certified until that completed application is submitted and accepted by the issuing organization.
Your best chance for work will be entry level and not six figures to begin with.
Personally, if they’re looking for a degree in cyber or related field then they are very shortsighted. The whole point of cyber as it is now is to draw from other knowledge bases by expanding the candidate pool. I for one do not have a degree in IT or cyber or anything technical, but still do what I do from the experience I built.
Again, entry level should be attainable if you don’t have a degree that’s related, but you have these proofs of passing the exams. If you were able to book an interview with any company, I would speak on your passion for the subject matter and what your outlook is for the future as far as your career path goes. I would also draw from whatever experience you do have and apply that when you present yourself.
When job hunting, do not publicize your CISSP (or any others that require time in the role) if you don't have job experience.
To answer your question, the certifications show your enthusiasm and talent for understanding cybersecurity concepts. I'm pretty sure you would be accepted at least as an analyst at Deloitte in advisory, as long as your resume doesn't show any red flags with those certs.
No experience? Try for 80-100k
$1
This will get you an IN as far as breaking into cyber. It shows morivation, and arguably knowledge. So probably take an entry level position; its totally ok. Nothing trumps relevant experience. And as for the certs you have done, it will hold you in good stead as you climb up the ladder. Some companies need these cert for promotion to managerial roles. So modify you expectations, be sure about your goals, you’ll be more than fine OP
Community Builder
Wow, OP!! I thought I did well to get my Security+ without first having any IT or security experience or other related or foundational certs. Started studying in May...passed in August. Not. Easy.
Now, I'm going for CIPP/US. I'm going to hold it there, until an employer is footing the bill. The quest for certs is not cheap!
Your run does show incredible enterprise and persistence. But, it's true about what others are saying about actual experience in the industry...I'm finding it is tricky to parlay Security+ to successful applications even though I have 20 YOE, a Masters and ran my own LLC for a decade.
I'm pivoting careers, and my focus is GRC and cyber awareness and social engineering. Decided to pass Security+ and CIPP to fill in technical and subject matter knowledge and demonstrate I was serious, capable and willing to invest in my own professional development.
I'm convinced that my skills and experience are terrific complements to this work -- just need to find the right role/team/firm. (Have one application in the process now with Deloitte...fingers crossed!)
Good luck to you!
Very impressive! As other ppl mentioned, I only passed the exams with educational knowledge but it did take me forever. I’m still not fully certified because I don’t have the experience for it yet. I’m very persistent and I’m willing to learn a complete different field if it means something to me
BUT to answer your OG question, my first security role I started at $115k. I had no infosec experience, but had done IT and Security project management
Thank you 🙏
Your starting salary is probably in line with those suggested below; however, if you can get a job in a hot area, you can jump in two years and make more money and then from there should be able to start moving up quickly...assuming strong performance.
But it’s true that I don’t need to have a bachelor degrees in Cybersecurity or Computer Science right? Because I see some jobs require that…
Generally in the field of cybersecurity, no it’s necessary. Specific to some roles, possibly still even though these days a lot of places have relaxed on that requirement.
Yeah I guess what I have are the certificates then. I thought it was certifications already.
All this post is not realistic, I didn’t learn all that in 2 years, when I first posted this I had no clue about what half those certifications meant, I was just looking for random information about certain topic, y’all provided great info but some others felt weird about it, the question was what position or salary was it possible for me to get by having those random certification, you were just supposed to write a number and position, but thank you for providing extra information, it helped me a lot to see what I should do or should not do. I appreciate it a lot, truly. Now I have an idea of what certifications to get first (Security+, Network+, A+) I also learned that each field has different certifications, clouds have different certifications (AWS, Google, Azure), pen testers have different ones (CEH, , OCSP?, Pentest+, ejpt) , and more advanced ones (CISSP), and compliance/risk/governance too (not fun), so thank you to you all who gave a bit of information to support my case. It is true I’m changing careers and that I have different , just not true about everything else with all the random certifications.
I also know that I can’t focus on those certifications until I’ve managed to learn all the OS (Linux, Windows, MacOS, Unix (which is basically Linux clone but doesn’t hurt to know). I also know Python, JavaScript, and SQL are useful, not that Script Kiddy stuff, I mean to learn how to code with them to be able to make tools/automation that could be useful