CISSP Certification
CISSP, or Certified Information Systems Security Professional, is an advanced, experience-gated certification from ISC2 that validates broad expertise in designing, implementing, and managing enterprise-level cybersecurity programs.
Definition
CISSP, or Certified Information Systems Security Professional, is an advanced, experience-gated certification from ISC2 that validates broad expertise in designing, implementing, and managing enterprise-level cybersecurity programs.
Overview
The exam covers eight domains spanning security and risk management, asset security, architecture and engineering, network security, identity and access management, security assessment, operations, and software development security — reflecting the certification's focus on breadth across an entire security program rather than deep specialization in one area. Candidates must document several years of verified, relevant professional experience across at least two of these domains to earn the credential, which sets it apart from entry-level certifications. It's generally positioned near the top of a cybersecurity Certification Path, typically pursued after foundational credentials like CompTIA Security+ and after gaining substantial hands-on experience. Its emphasis on governance, risk, and program-level thinking overlaps closely with what the Governance, Compliance & Career Readiness course covers, and it's frequently held by professionals in senior security architecture and leadership roles. Because CISSP evaluates strategic and managerial security knowledge as much as technical depth, it's commonly seen as a credential for security leadership and architecture roles rather than a first certification for someone new to the field.
Key Concepts
- Administered by ISC2, requiring verified professional experience to earn
- Covers eight domains spanning the breadth of enterprise security programs
- Emphasizes governance, risk, and program-level security thinking
- Positioned as an advanced credential rather than an entry point
- Common among senior security architects and security leadership roles
- Requires ongoing continuing education credits to maintain