How to Get a Certified Information Systems Security Professionals (CISSP)

Cybersecurity professionals are in demand since cybercrime and hackers are finding new ways to hack into systems to steal data. This has led to organizations placing even more demand on some professionals, especially those with high-level certifications, such as the Certified Information Systems Security Professionals (CISSP) certification. 

In this article, learn about the CISSP, how it can boost your career, and why this certification is valuable. 

What is a CISSP?

A Certified Information Systems Security Professional (CISSP) offered by ISC2 is a certification for information technology (IT) security professionals. The certification displays your competency in securing an organization’s data and ensuring they keep hackers away from sensitive data. 

The CISSP certification covers eight cybersecurity domains which include the following [1]: 

1. Security and risk management

2. Asset security

3. Security architecture and engineering

4. Communication and network security

5. Identity and access management

6. Security assessment and testing

7. Security operations

8. Software development security

With a CISSP certification, you can perform various activities, from securing an organization’s network to installing patches and managing an entire cybersecurity team. Anywhere technology and security intersect, a CISSP holder is in demand. 

Benefits of CISSP

While becoming a CISSP takes commitment, it has plenty of benefits. Let’s review some of the most important ones. 

Widely recognized

The CISSP certification is globally recognized, meaning you can find work nearly anywhere you live—even if you leave the United States. 

Higher salary potential

Certified IT professionals often earn higher wages than those without certifications, and the same rings true for CISSP certification holders. As of November 2023, the average IT security professional’s salary is $101,927 per year, while the average CISSP holder earns $126,000 annually [2, 3]. 

Read more: 10 Essential IT Certifications

More job opportunities

Holding a CISSP demonstrates your skills and knowledge to handle a wide range of cybersecurity tasks, making you a more desirable candidate. Some companies may require their cybersecurity professionals to hold a CISSP certification to qualify for a role. If this is the case, it’s important to list the CISSP on your resume so that applicant tracking systems can find your application. 

Read more: 7 IT Career Paths and How to Get Started

Build job-ready skills with a Coursera Plus subscription

Start 7-day free trial

• Get access to 7,000+ learning programs from world-class universities and companies, including Google, Yale, Salesforce, and more
• Try different courses and find your best fit at no additional cost
• Earn certificates for learning programs you complete
• A subscription price of $59/month, cancel anytime

Start 7-day free trial

How to become a CISSP

Earning CISSP certification starts with gaining experience and passing the exam. Let’s look more deeply into the whole process. 

1. Meet the CISSP certification qualifications 

Before earning a CISSP certification, you need at least five total years of full-time work experience working in at least two of the eight domains. To be considered a full-time employee you need to work at least 35 hours per week for four weeks to qualify for one month of experience [4]. 

If you work part-time, which is 20 to 34 hours per week, ISC2 will credit six months of full-time employment for every 1,040 hours worked and one year of full-time experience for every 2,080 hours. An internship is also acceptable as a part-time job as long as you receive documentation of your internship on organizational letterhead [4]. 

A college degree may also earn you credit toward the full-time working requirement. Earning a bachelor’s or master’s degree in a related field can typically count as one year of full-time experience. Certain ISC2 credentials also count as one year of experience [4]. 

If you don’t have the required experience but feel confident you can still pass the CISSP exam, you can take it. If you pass, ISC2 will consider you an Associate of ISC2. You have six years to gain the required working experience to get the official certification [4]. 

2. Prepare with courses.

You'll gain the knowledge you need to pass the CISSP exam through experience. However, you can further sharpen your skills by taking optional courses that’ll help you. ISC2 has several online, self-paced and classroom-based courses. It also has CISSP concentration courses in architecture, engineering, and management, among other fields,for those seeking a specific niche. 

3. Register.

To register for the exam, create an account with ISC2. You’ll then head to the exam registration site, where you’ll schedule your exam and enter basic personal information. Keep in mind that this is an in-person exam, so you’ll choose an exam center that’s convenient for you.  

How much is the CISSP? As of November 2023, the exam costs $749 [5]. If you were an active-duty military member after September 10, 2001, the GI Bill will cover this cost for you [5]. 

4. Take the CISSP exam. 

On testing day, arrive at least 30 minutes before your scheduled test time to allow time to check in. The check-in process includes: 

• Showing two forms of identification

• Providing a signature

• Taking a palm vein scan

• Getting your photo taken

Remember that you cannot bring personal items into the testing area. You must leave them in the secured lockers outside the classroom. You’ll then read and sign a non-disclosure agreement (NDA) before starting the test.  

Here are some elements of the test: 

• 125 to 175 multiple-choice questions 

• Four hours to complete the test

• Earn at least 700 out of 1,000 points to pass [7]

CISSP salary and outlook

A CISSP holder can work in various roles, earning a range of salary levels. The average base salary for an IT professional holding a CISSP certification in the US is $126,000 annually [3].

Some of the roles a CISSP certification holder may take, and the average salary for each role is as follows [3]: 

• Cybersecurity analyst: $99,565 

• Security engineer: $113,758

• Cybersecurity engineer: $120,273

• Information security manager: $129,542

• IT director: $136,054

• Chief information security officer: $181,300

Read more: 5 Cybersecurity Career Paths (and How to Get Started)

The career outlook for a CISSP holder depends on the role since they can qualify for a wide range of IT security positions. The US Bureau of Labor Statistics (BLS) reports that computing occupations are expected to grow by 10 percent from 2022 to 2032 [8].

Some specific roles a CISSP holder can take on and their growth rates through 2032 are as follows: 

• Information security analyst: 32 percent [9]

• Computer systems analyst: 10 percent [10]

• Network and computer systems administrator: 2 percent [11]

• Computer network architect: 4 percent [12]

• Computer and information systems manager: 15 percent [13]

CISSP career advancement

Earning a CISSP is an excellent way to advance your career in the IT security field. As an early-level CISSP, you can dive into various entry- to mid-level cybersecurity jobs, such as a security analyst. 

As you gain experience and take on more responsibilities, you may find yourself in managerial roles, such as security manager, security director, or even chief information officer. 

Read more: 10 Cybersecurity Jobs: Entry-Level and Beyond

Get started

If becoming a CISSP sounds like the right path for you, consider the Google Cybersecurity Professional Certificate on Coursera. This program is designed ​​to help individuals with no previous experience find their first job in the field of cybersecurity, all at their own pace. The courses cover topics such as security models, tools that are used to access and address threats, networks, and more.