Wow! A terrific, and terrificly sobering article. I too was dismayed by the GIAC requirement change. At first I was happy that I could stop worrying about writing white papers...then the truth sunk in about it's potential to become a paper-cert (especially considering SANS training business).

CISSP is indeed a management level cert. but, as we've seen all along, every door knob and idiot HR person thinks it is essential for ANY security position.

More directly, I would say the undervalued Security+ is perfect for this role...new team members, practioners/admins/operators in the NOC/SOC, etc. CISSP is for the team leads, engineers, managers, etc.