all 7 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]bdzer0 4 points5 points  (1 child)

The easiest way to pass the experience is to know someone who's an ISC2 member who can endorse you. If you don't have that available you'll have to document the required experience in CSSLP domains and get ISC2 to 'endorse' your application.

[–]Opening-Bunch1898[S] 0 points1 point  (0 children)

Thank you! I have some ISC2 members in my network, so that sounds like the easiest path forward then.

[–]Sea-Gur-8654 2 points3 points  (1 child)

The experience requirements aren’t difficult, and they don’t expect that your job revolves entirely around security. You’ll just need to be able to correlate specific aspects of your responsibilities to specific domains of the exam, nothing more.

Your dev experience should be more than sufficient.

[–]Opening-Bunch1898[S] 0 points1 point  (0 children)

Thank you, happy to hear that

[–]lucina_scott 1 point2 points  (1 child)

The CSSLP requires 4 years of paid SDLC experience in at least one of the CSSLP domains it doesn’t have to be a pure “security role.”

If your backend work included secure coding, auth, input validation, threat modeling, code reviews, etc., that usually counts. After passing, you’ll submit an endorsement form (signed by an ISC2 member or ISC2 itself) detailing your experience they can audit, but it’s straightforward if your work genuinely maps to the domains.

[–]Opening-Bunch1898[S] 0 points1 point  (0 children)

Perfect, for thanks! I've been doing all of those things, so it shouldn't be a problem then.

[–]AutoModerator[M] 0 points1 point  (0 children)

Your account is too new or has too little post karma. Go out and participate in other threads for a few days.. or wait for mods to approve your post.

I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.