Ask the Expert: Do I need more infosec certification?

Posted on
Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone

Dear Ed:
I’ve been reading your articles for sometime and appreciate your contributions to the certification community. I am about to retire from the military with 30 years experience operation and securing communications and automation networks. Today, I operate all communications and automation networks for all services in one of the military’s global regions. Upon retirement I would like to remain in the automation security field. I currently hold the CISSP and SSCP certifications along with a MBA. What do you recommend that will make me more marketable – CISA, CISM, something else?
Thank you in advance for your advice.
Leonard S.
Honolulu, HI


Dear Leonard:
If you’ve already got significant work experience in information security, information assurance, and so forth–and it certainly sounds like you do–you probably don’t need to acquire another certification to enhance your employability. Strong, well-credentialed information security professionals like yourself are in high demand right now, and I don’t anticipate that: (a) adding one or more certs to your current mix will make much difference, and (b) that it would be worth the extra time and expense involved. If you find yourself looking for work for more than a couple or three months, e-mail me again and we can reconsider this advice.


But particularly if you’re going to reside in some area where government, military, or DoD contractors are active, I think you’ll be surprised at both the alacrity with which job offers will arrive, and the rates of pay that you should be able to command. This goes double if, as I think you must, you’ve got current, medium- to high-level DoD security clearance.


Good luck in your transition to civilian life!


[Note: in a subsequent e-mail to Leonard, I also recommended that he consider joining a local chapter of the Information Systems Security Association, or ISSA, because it provides great opportunities to network with fellow information security professionals, and because they include career advice and job postings in the members-only area on their Website.]

Share on Google+Share on LinkedInShare on FacebookShare on RedditTweet about this on TwitterEmail this to someone


Posted in Archive|