CCIE security: IT certification and career path

Certification: ISC CSSLP - Certified Secure Software Lifecycle Professional

The need for network security is obvious. It takes only a glimpse in the newspaper to see what damage can be done to a company due to sub-par network security. Information is power, and as such, companies need to protect that power. So, obviously, they pay big money to ensure that they lose none. But how are they able to know what to buy? After all, companies are just organizations. Well, they employ people whose sole purpose is to secure and maintain the network. And those people need to be good, to measure up to their salaries. A certification, to that end, would prove invaluable.

The Cisco Certified Internetwork Expert Security (CCIE Security) is recognized as one of the best network security expert certification in the industry. It recognizes individuals who are adept at implementing, supporting, and maintaining extensive Cisco Network Security Solutions using the latest practices and technologies the industry has to offer.

IT Certification and career paths

A CCIE Security certification can prove invaluable in the field of Networking. A CCIE Security is not about just understanding technology, but about being an expert in them both in troubleshooting and implementation. Also, CCIE Security is often thought of as the highest level of certification that CISCO offers at the CCIE level, so naturally, a lot of career paths in networking open. However, CCIEs are more for people who work with networking equipment day in and day out and amass quite a lot of experience as CISCO itself advises for at least a 5 years of hands-on experience. This does not certify you are able to use the equipment, but rather that you are an expert at it.

Even if the CCIE Security would help in any networking career, the ones you should be aiming for include titles such as: Network Security Administrator/Engineer, Security Policy Makers, and various auditor, consultant, and architect roles. The average annual salary for those roles fluctuates around $60,000 to $90,000 to $120,000, depending on the level of job and experience, least paying job being the Network Sec. Administrator ($30K - $90K). However CISCO is not that explicit when it comes to the impact of the CCIE on their career. The salary itself depends on the size of the company hiring, and the size of their network and needs. For more specific help you might want to check their community forums, as that is your biggest help if you have any doubts. Or even better, go browse the job market for certified Network Security specialists. You might find the best answers by snooping around yourself.

CISCO advises any candidate to have at least 5 years of experience in the domain in order to take the exam. The exam itself provides a hefty increase in salary, as well as opens up opportunities to advance to higher positions. A CCIE Security exam can fulfill the prerequisites of mostly any CISCO certified CCNAs, with the exception of those that do not have explicit prerequisites, however there is no specific reason to take other CCNAs if you have a CCIE Security certificate. The only real pre-requisite is the written exam, which will filter out those who would not have any chance on passing the actual lab exam anyway. Again, hosting lab exams is costly. Nobody wants to be wasteful.

The CCIE Security Exam

The exam is made out of two parts. A two hour written exam you must take before the lab one, which attests your technical knowledge in terms of describing, implementing, deploying, configuring, maintaining, and troubleshooting Cisco network security solutions and products, also testing for knowledge over the best practices and interworking fundamentals in the industry. Topics of the exam include fundamentals, security-related concepts and practices, as well as a range of CISCO products and solutions in VPNs, firewalls, intrusion detection, etc…Content includes both IPv4 and IPv6 (Internet Protocol) concepts and solutions.

The second part is the performance-based lab exam. Like with most CCIE exams, you need to attempt the lab part within 18 months, and must retake the written exam if you fail to pass the lab exam within 3 years. This part lasts for 8 hours, and asks the candidates to configure a series of secure networks to given specifications. For this exam, troubleshooting skills are required as candidates will be expected to diagnose the networks and solve issues as part of the exam.

Skills tested

The exam tests the candidate for core skills required in order to satisfyingly offer solutions to Network Security problems. Besides the elementary skills such as network troubleshooting and configuration, the knowledge of the candidate’s CISCO products is given prime examination. The candidate will be asked to provide up-to-date solutions for real-life problems that are depicted in the lab exam.Each question on the lab has specific criterion. The labs are graded by proctors who ensure the entire criterion is met and points are awarded accordingly.

If you want to try for the certification, you should be sure you have knowledge over the latest CISCO products and services, along with the best current solutions available. During the exam, a CISCO documentation CD is available in the lab. It can only be navigated through index, as the search feature is disabled. No outside documentation material can be used.


Thankfully, CISCO has not slacked on prompting you towards the best resources and information available to you to use at your own discretion. All the resources for your personal needs and further investigation can be found on the CISCO main site, and for what isn’t there, a quick post in their forums will be your best bet at finding an answer fast. Best of luck, and may your network never be compromised.