CISSP Certified and the Next Steps
February 1, 2019   |   Personal Thoughts

I finally obtained the Certified Information Systems Security Professional (CISSP) certification. It is definitely the most well-known certification in the information security industry and the one recommended for any professionals in this field. What is the CISSP? It is not necessarily the most technical or specialized certification. It would seem that information security is one unique specific area but it’s quite the opposite when there are so many possible domains. The CISSP is the ideal certification that allows someone to know a little bit of everything on all these specializations.

Continue Reading
Update: CISA Certification and Frequently Asked Questions
January 17, 2018   |   IT Compliance

In August 2014, I published a post about my experience with the CISA exam and the required experience. Even 3 years later, it is still the most popular post here and not so long ago, I was always seeing more requests after the exam dates. However, it seems that exams are not on specific dates anymore but within 3 specific testing windows throughout the year. I am still surprised by the number of comments I received on this post and I wanted to do an update with some recurrent questions.

Continue Reading
CISSP: Réussi, et une autre étape complétée
September 2, 2017   |   Information Security

This post was published when this blog was also in French. This post is available in English. Terminé. Cet examen de 6 heures avec ses 250 questions est enfin du passé. Eh oui, je parle bien du légendaire CISSP ou l’examen pour le “Certified Information Systems Security Professional” de ISC2. C’est probablement la certification que la plupart des professionnels en sécurité de l’information souhaitent obtenir à un moment donné dans leur carrière.

Continue Reading
CISSP: Passed, and One More Milestone Completed
August 28, 2017   |   Information Security

Done. The 6-hour exam with its 250 questions is finally in the past. Yes, I am talking about the famous CISSP or the “Certified Information Systems Security Professional” exam from ISC2. This is the certification that most information security professionals will try to obtain at one point in their career. Why? For most recruiters and companies that are looking for a professional in information security, the CISSP is now the golden ticket for employment in this field.

Continue Reading
Pourquoi avoir fait la certification OSCP?
April 4, 2017   |   Information Security

This post was published when this blog was also in French. This post is available in English. Depuis les dernières années, je suis de plus en plus du côté de l’audit TI et de la sécurité de l’information. Du moins, en théorie, j’ai encore plusieurs projets techniques… Toutefois, ça faisait déjà quelque temps que je voulais poursuivre la certification « Offensive Security Certified Professional » (OSCP). Au début, c’était un défi intéressant et surtout, je voulais valider mon intérêt à poursuivre une carrière dans le domaine des tests d’intrusion et c’était définitivement une bonne façon de confirmer, ou non, mon intérêt.

Continue Reading
Why did I do the OSCP certification?
February 20, 2017   |   Information Security

I am more an IT auditor, and on the business side of information security (at least, in theory, I still like doing many technical projects). However, it was still important for me to pursue the Offensive Security Certified Professional (OSCP) certification. At first, I was maybe interested in a career as a penetration tester (pentester) and it was indeed a good way to confirm, or not, my interest. The OSCP certification is unique among other IT certifications.

Continue Reading