Does anyone on here actually have their Certified Information Systems Security Professional certificate and do the job? I have been told what their job is, sounds like a fun yet impossible to get into role. To boot the cert. is like $500 to test for. Any truth to this? Whats the real deal for job experience. I assume a computer support specialist would not be considered for this role? No security experience except giving, limiting, adding rights to profiles. Adding policies to groups, etc. Comments?