Hello,<p>Disclaimer:<p>This turned into a bit of a rant, I think I needed it. However, any and all responses to the questions I asked would be highly valued (I put all my questions below the essay I regurgitated). The people here have all my respect, HN community is the best community.<p>A little background:<p>There's a security firm in the town I live that I've been bugging, politely, for the past several months about a job. I interviewed a few months ago and they said that they were impressed with some proof-of-concepts I put together and liked what they saw in my employment history. Nevertheless, there was someone more qualified for the position. I've stayed in contact with the technical manager and he suggested if I really wanted to work in security I should shoot for my CISSP. I kind of already knew this but was hesitant because I have no professional experience, and it requires 5 years minimum I believe.<p>Regardless of my lack of experience I've started to study, it looks like there's a program for those who want to take the test but lack the required experience. I've been reading and coding for the past couple years on my own without anyone to interact with, I think if I could get this job I would learn a ton.<p>Sorry for the rant everyone. Sooner or later they are going to hire me, that's what I tell myself, because I don't intend on quitting.<p>Here are my questions:<p>- Do you have any advice on study strategies/tactics for the CISSP?
- Any recommended reading related to computer science? (right now I'm picking away at Godel, Escher, and Bach; love it).
- Other communities I would be wise to involve myself in?
- Lastly, any professional and/or personal wisdom on building knowledge in infosec?<p>Thanks again everyone, this post isn't very community-centric and I feel bad for that but I can't think of anywhere else I would go for this sort of advice.
I would say stick to it! Desire and motivation are much more useful than experience. And I think your persistence should demonstrate that. The experience will come but having the drive to not let anything get in the way of your end goal is not something that everyone possesses. As far as the CISSP or certs in general they are a good gateway to say that you have the foundation and methodology down and if that is what they would like you to have I would get it. Just remember there are continuing education requirements and other things that go along with the CISSP or G-PEN or take your pick. So I would ask if they will be willing to stand behind a commitment to your continuing ed if they are insistent on the CISSP this may reveal their intentions. Good Luck and keep at it!