Quote:
Originally Posted by ElSenor
Not sure how long it has been since you were a Federal contractor, but this has been pretty standard since 2010. If you want to touch the network (routers/switches/servers) you need at least a Sec+. This is part of the DoD 8570 initiative.
Links for reference:
https://www.isc2.org/dod-8570-cap-certification.aspx
http://www.giac.org/certifications/dodd-8570
If you have a CISSP, you can pretty much work on anything.
So, yes, you are correct a CISSP would be nice, but you are definitely missing the point of the discussion. If I was using your logic, I would tell the guy to not bother with a CCNA and go straight for a CCIE. There is no pre-req to get a CCIE.
Also, the chances of him actually getting a CISSP are zero. You can pass the test, but you need someone to sponsor you and you need to show employment relevant to the certification - which OP doesn't have. Without these, you aren't getting certified. |
I left Fed contracting work in 2011. So things may have changed. I have a friend who is a manager over in one of the DoD organizations. I'll ask him for verification. I can tell you for sure, outside of the DoD, this requirement is non existent.
In regards to the CISSP comment, you're putting words in my mouth. As it appears the DoD is the only Federal agency which requires a minimum of a CompTIA security or equivalent commercial certification for IT staff with privileged access. I haven't seen other agencies spelling out this type of certification as a requirement for hire in various job openings. I have seen CISSP thrown around as a desired certification. Point being, you're more marketable if you want to go down the security track with a CISSP.