+ Reply to Thread
Results 1 to 8 of 8
  1. Member
    Join Date
    Jan 2016
    Posts
    42

    Certifications
    CISSP, PMP, Network +, MCP, SAP Crystal Reports
    #1

    Default Thinking of CISA cert next.... good idea?

    Hi - I'm a IT Security Professional with 20 years of IT experience now. Have had a diverse background of experiences over the years. I passed CISSP in January and starting to think of what's next.
    I've become interested in the GRC - Risk Assessment/Compliance lane of security and think I may want to specialize.
    I believe I may like the role of an IT auditor. Had an interview with E&Y earlier this year - Did not get an offer - but was impressed with org and culture of the organization and job itself. I like the travel/remote aspect of these jobs.

    Anyway, I'm thinking CISA may be a good next step to get me into this type of a job/lifestyle.
    Does anybody have any other input/thoughts/ideas that may re enforce or change my mind?

    Thanks in advance everyone!
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Dec 2015
    Location
    Quebec, Canada
    Posts
    328

    Certifications
    A+, Network+, Linux+, HP APS, VCP 3-4-5-6, VSP,VTSP, SSCP, Veeam VMCE, CISSP (endorsement in progress)
    #2
    To apply for CISA, you need to have real audit experience... So get an auditor job, then get your CISA..
    Reply With Quote Quote  

  4. Senior Member wd40's Avatar
    Join Date
    May 2007
    Location
    Bahrain
    Posts
    911

    Certifications
    CISA, eJPT, CompTIA x 6, MCP, MCTS
    #3
    Quote Originally Posted by SteveLavoie View Post
    To apply for CISA, you need to have real audit experience... So get an auditor job, then get your CISA..
    No you don't need IT Audit experience to become a CISA.

    Once a CISA candidate has passed the CISA certification exam and has met the work experience requirements, the final step is to complete and submit a CISA Application for Certification. A minimum of 5 years of professional information systems auditing, control or security work experience (as described in the CISA job practice areas) is required for certification. Substitutions and waivers of such experience, to a maximum of 3 years, may be obtained as follows:
    • A maximum of 1 year of information systems experience OR 1 year of non-IS auditing experience can be substituted for 1 year of experience.
    • 60 to 120 completed university semester credit hours (the equivalent of an 2-year or 4-year degree) not limited by the 10-year preceding restriction, can be substituted for 1 or 2 years, respectively, of experience.
    • A bachelor's or master's degree from a university that enforces the ISACA-sponsored Model Curricula can be substituted for 1 year of experience. To view a list of these schools, please visit www.isaca.org/modeluniversities. This option cannot be used if 3 years of experience substitution and educational waiver have already been claimed.
    • A master's degree in information security or information technology from an accredited university can be substituted for 1 year of experience.
    Reply With Quote Quote  

  5. Senior Member E Double U's Avatar
    Join Date
    Apr 2014
    Location
    The Netherlands
    Posts
    1,178

    Certifications
    CISSP, CISM, GCIA, GCIH, C|EH, and more.
    #4
    Quote Originally Posted by djasonslick View Post
    I've become interested in the GRC - Risk Assessment/Compliance lane of security and think I may want to specialize.
    How about CGEIT?

    CGEIT Exam Job Practice: 2013
    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
    Reply With Quote Quote  

  6. Senior Member yoba222's Avatar
    Join Date
    Jun 2013
    Posts
    437

    Certifications
    LFCS, GCIH, eJPT, CCNA, CAPM, Sec+, Net+, A+
    #5
    I'm considering going for this cert early next year. From what I've gathered, it should be relatively easy to pass for a person with related work experience and it seems very popular among job postings. I normally spend several months studying for a cert and I may only slate 6-8 weeks for this one. I could be wrong.
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Mar 2011
    Location
    Chicago
    Posts
    1,325

    Certifications
    CISSP-ISSAP, HCISPP GPEN, GSEC, GSNA, GCIH, E|CH, ECSA, Security+
    #6
    I no longer work as a dedicated auditor so I let it drop off my hamster wheel of constant CPEs and annual dues. Really, its not about the number of acronyms after the name but how effective you are at the position at hand.

    - b/eads
    Reply With Quote Quote  

  8. Are we having fun yet? UnixGuy's Avatar
    Join Date
    Mar 2008
    Posts
    3,363

    Certifications
    GCFA, eJPT, RHCE, Solaris 10, SNIA SCSP, Security+, Server+, ITILv3, CCNA (Expired)
    #7
    Since you passed CISSP, and are interested in GRC, CISA is a great choice! so is CISM
    Goal: GCFA (DONE), GPEN
    Reply With Quote Quote  

  9. Junior Member
    Join Date
    Jul 2017
    Posts
    9

    Certifications
    CISA, CISSP, CISM, OSCP, OSWP, eWPTX
    #8
    I think if you want to work as an auditor, the CISA will help you to get that job.
    But as you already has the CISSP cert, it won't give you a bug burst in knowledge...
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks