Certified Information Systems Security Professional: Certification & Job Info

The Certified Information Systems Security Professional (CISSP) credential is a globally recognized standard for information systems (IS) security related professions. Individuals who want to be certified must have substantial IS security work experience and meet continuing education requirements to maintain this certification.

View popular schools

Certified information system security professionals are computer professionals who ensure the security of computers and networks for an organization. They have received the Certified Information Systems Security Professional (CISSP) certification. These professionals have an annual salary range of about $70,000 to $127,000.

Find schools that offer these popular programs

  • Information Systems Security
  • Networking Management
  • Systems Administration
  • Webmaster and Multimedia Management

Essential Information

CISSPs are trusted with maintaining a secure information system, but their daily duties may include specialty tasks, such as designing security features, testing programs or managing security compliance, along with duties related to computer forensics and cryptography. The International Information Systems Security Certification Consortium, Inc. (ISC2) administers the CISSP credential, which is accredited by the American National Standards Institute (ANSI). The credential meets the standards of the International Organization for Standardization (ISO). It is recognized around the world, and it may possibly provide the holder with career advancement opportunities.

Examination Requirements

Candidates must supply answers to questions concerning their background and criminal history. They must have at least five years work experience in two or more domains, such as access control, cryptography or operations security, out of ten contained in the CISSP content body of knowledge (CBK). In addition, candidates must affirm that the information they provided regarding professional experience is true and that they will follow ISC2 ethics code. Lastly, they must pay an exam fee. The CISSP examination is six hours long (9 a.m.-3 p.m.) and consists of 250 multiple choice questions.

Individuals without the required amount of experience may take the exam to become an associate. Associate status is good for six years, allowing the individual to acquire the necessary experience after which he or she can send in the endorsement document to become certified.

Certification Requirements

Certification requirements to become a CISSP include passing CISSP exam, submitting a resume and endorsement form, as well as an audit of their professional experience (if required). A candidate must find another certified professional who can verify a candidate's work experience to fill in and submit the endorsement form. The certified professional must be in good standing and have active ISC2 certification.

Maintaining certification

Information systems security is a rapidly evolving field, so strict CISSP maintenance requirements ensure that practicing CISSPs keep their knowledge of the field current. Certification must be renewed every three years. Candidates must pay a fee and earn 120 continuing professional educations (CPEs) within the three years (minimum of 20 per year). CPE requirements can be met through attending seminars, webinars, classroom courses or online training, as well as publishing papers, volunteering for IS-related work and giving training in security.

Associates must earn at least 20 CPEs for every year that they remain associates. They must also pay a fee.

CISSP Concentration

ISC2 offers CISSP concentrations in architecture, engineering and management to CISSPs in good standing. Architecture focuses on the construction or design of a security plan. The engineering concentration was developed under cooperation with the U.S. National Security Agency (NSA) and focuses on integrating security measures into information systems, applications and projects. The management specialty includes project and risk management, along with maintaining security policies and compliance.

Each concentration requires CISSPs to pass an additional examination, and the architecture and management concentrations require at least two years professional experience in those respective areas. As information security advances, developing specialized knowledge may give CISSPs more control over their career path. To maintain certification in a concentration, one must pay the fee and earn 20 CPEs (part of the 120 CPEs) in his or her concentration area.

Career Information

The U.S. Bureau of Labor Statistics (BLS) reports that employment for information security professionals should rise by 18% over the 2014-2024 decade, which is considerably faster than the average for all occupations. As companies expand their databases and measures to keep sensitive information secure, CISSPs may have the opportunity to choose from a wide range of employers, such as retail companies, the healthcare industry or government agencies.

According to, most security engineers with the CISSP credential earned $69,996-$127,368 per year as of January 2016. A CISSP credential is often a requirement for higher-level positions.

Certification can be attained in either engineering, architecture or management. Certification requirements include passing an exam, submitting a resume, submitting endorsements by members in good standing, and possibly an audit of work experience. These positions are in demand with a rapidly growing job outlook.

Next: View Schools

What is your highest level of education?

Some College
Complete your degree or find the graduate program that's right for you.
High School Diploma
Explore schools that offer bachelor and associate degrees.
Still in High School
Earn your diploma or GED. Plan your undergraduate education.

Schools you may like:

Popular Schools

The listings below may include sponsored content but are popular choices among our users.

    • Graduate Certificate - Cyber Security

    What is your highest level of education?

    • Graduate Technology Certificate

    What is your highest level of education?

    • Computer Information Technology

    What is your highest level of education completed?

    • Diploma in Network & Internet Security Specialist
    • Diploma in Network Systems Management
    • Diploma in Network and Internet Security Specialist - LEA.AE Gestionnaire en Rseautique : Spcialiste Scurit LEA.AE
    • Diploma in Network and Database Management
    • Diploma in Network & Database Administrator
    • Diploma in Network Administrator

    What year did you graduate high school?

    • Computer Career Networking

    Year of High School Graduation or GED completion:

  • 10
    Wiregrass Georgia Technical College

Find your perfect school

What is your highest level of education?