WGU Master's but no prior experience

Will I be able to get into a security job with only a WGU Master of Science in Cybersecurity and Information Assurance?

I have zero job experience. My Bachelor's is in a different area too.

Will I at least be able to get an interview for a decent entry-level job?

Comments

  • Danielm7Danielm7 Member Posts: 2,287 ■■■■■■■■□□
    For security specifically? You're very likely going to have a rough time. Now, if you came to me and talked all about things you've done on your own, home lab, VMs, stuff like that, showing a lot of passion, I might give you a shot for a jr level position. Most security roles aren't typically considered "entry level" though. You'll find level 1 SOC analyst roles but even then they're usually above what a level 1 help desk person would need to know.
  • adrenaline19adrenaline19 Member Posts: 251
    What if I have my OSCP too?
  • BlackBeretBlackBeret Member Posts: 684 ■■■■■□□□□□
    Can you get a job? Of course. You could get a job with no experience, no certs, and no degree. Is it likely? Not really. Also, you can have a Masters degree, any cert you want to list, and lots of experience and still might not be able to find a job, it's just more likely that you will.

    That being said, SANS has a program called VetSucces. There are guys graduating that program with multiple SANS certs and can't get a security job, because they don't have the right cert listed or don't have enough experience, etc. etc. Nothing guarantees a job, but experience usually trumps all.
  • Danielm7Danielm7 Member Posts: 2,287 ■■■■■■■■□□
    You probably want to define what you actually want to do first, then make a plan to get there. Just saying, Oh I'll get an MS, or wait I'll throw in an OSCP too. Do you want to be a pentester? If so don't even bother with the MS as they likely won't care. Do you want to "get into security"? because that can mean a ton of different things, figure out what you want to do first, then people can help you get there.
  • DatabaseHeadDatabaseHead CSM, ITIL x3, Teradata Assc, MS SQL Server, Project +, Server +, A+, N+, MS Project, CAPM, RMP Member Posts: 2,541 ■■■■■■■■■□
    I would hope you would be able to land an entry level security position with a masters in that specific domain.
  • devilbonesdevilbones Member Posts: 318 ■■■■□□□□□□
    Most security people are grown from other positions. Can somebody help me understand how you can be a security professional without any experience? I have worked in IT for over 15 years and there arent many that come into any discipline on the security side without mastering some other aspect of IT.
  • Danielm7Danielm7 Member Posts: 2,287 ■■■■■■■■□□
    I would hope you would be able to land an entry level security position with a masters in that specific domain.
    The issue is that security in general is a pretty wide domain, and the MS program sounds like 1 class per portion of it. If it was something like they wanted a job in digital forensics and had an MS specifically in forensics, then it would be a different situation.
  • BerkshireHerdBerkshireHerd Member Posts: 185
    Agreed, doable but would be tough for me. I spent a year doing Desktop learning the environment before moving into security.
    Identity & Access Manager // B.A - Marshall University 2005
  • markulousmarkulous Member Posts: 2,394 ■■■■■■■■□□
    It depends more on you. If I was interviewing for an entry-level analyst, I'd ask you what you were doing before, why you want to get into security, and what tools you've played around with at home. With zero IT experience, you'd have to really sell it. Having a Master's is great, it shows you're capable of learning, but doesn't show that you would be a good fit necessarily.
  • beadsbeads Senior Member Member Posts: 1,503 ■■■■■■■■■□
    I see resumes like this occasionally squeak through HR and after a short discussion they have disappeared from my applicant list. Really, security is what you do after you've had a career in IT and have learned both the technical and business sides of the field. It takes much too long to through someone into a blue team and expect them to be able to float on their own, let along swim. I simply don't have the time or manpower to train people from scratch.

    icon_twisted.gif

    - b/eads
  • DatabaseHeadDatabaseHead CSM, ITIL x3, Teradata Assc, MS SQL Server, Project +, Server +, A+, N+, MS Project, CAPM, RMP Member Posts: 2,541 ■■■■■■■■■□
    beads wrote: »
    I see resumes like this occasionally squeak through HR and after a short discussion they have disappeared from my applicant list. Really, security is what you do after you've had a career in IT and have learned both the technical and business sides of the field. It takes much too long to through someone into a blue team and expect them to be able to float on their own, let along swim. I simply don't have the time or manpower to train people from scratch.

    icon_twisted.gif

    - b/eads

    Even an ENTRY level position? It's security, you are not sending astronauts to the moon.
  • cyberguyprcyberguypr Senior Member Mod Posts: 6,882 Mod
    This post reminds me of a resume that came across my desk. The guy was a doctoral candidate in Cybersecurity yet had no experience in security, just low level desktop support many years ago. It's one of those things that I will never forget. You need to focus on getting some experience. You will certainly see more value out of that instead of the masters.

    I've hired two entry-level fresh out of college candidates. We do it because we have the capability to mentor talent and bring them up to speed. Even after all the time we've spent having them shadow, training, etc. it's still an uphill battle. I've seen investigations crawl because they had no idea of elemental IT things related to networking, servers, stupid crap users do, etc. What happens then is that you need people like me to stop doing higher level work and go help fill those gaps. As much as we would like we can't rely on them for advanced stuff. Right now they are relegated to doing some "less fun" work such as metrics and initial triaging".

    To DatabaseHead's point, don't forget that information security, like medicine, is intrinsically a very specialized discipline. Entry level folks in both are extremely limited in what they can do, require a lot of supervision, and their value is limited. Not all companies can afford this and just need people to hit the ground running.
  • BlackBeretBlackBeret Member Posts: 684 ■■■■■□□□□□
    Even an ENTRY level position? It's security, you are not sending astronauts to the moon.


    That's employer dependent. In a lot of places there's no such thing as an entry level security position. The security team is responsible for things like policy development, system hardening, network monitoring, etc. all at once. If someone doesn't know how to administer AD on Server 2012, how can they harden it? If they don't know what the critical business functions are, how do they develop policy to secure those systems and develop emergency operations plans?

    Now if you go to a dedicated SOC you might find entry level analyst positions who ONLY need to know how to recognize and analyze attacks. IR positions that only need people to know how to operate Encase and Volatility. Dedicated security positions are a lot different from being part of a security team in a large corporation, more specialized and focused, but they're not doing EVERYTHING for a company.
  • amcnowamcnow CISSP, CEH, CHFI, SAFe 4 Practitioner, ITIL v3 Foundation, A+, additional certs for outdated technol Circle CityMember Posts: 215 ■■■□□□□□□□
    You're not sending astronauts to the moon, but are being charged with protecting mission-critical assets. To that end, I say there's no such thing as an entry level infosec position.

    EDIT: Ninga'd by BlackBeret.
    WGU - Master of Science, Cybersecurity and Information Assurance
    Completed: JIT2, TFT2, VLT2, C701, C702, C706, C700, FXT2
    In Progress: C688
    Remaining: LQT2
    Aristotle wrote:
    For the things we have to learn before we can do them, we learn by doing them.
  • adrenaline19adrenaline19 Member Posts: 251
    is it too late to get into I.T. if you are 37 and have no experience? Only education?
  • devilbonesdevilbones Member Posts: 318 ■■■■□□□□□□
    is it too late to get into I.T. if you are 37 and have no experience? Only education?
    No. You should have no issues getting into the field.
  • NotHackingYouNotHackingYou Member Posts: 1,460 ■■■■■■■■□□
    No, it is not too late but I'd like to echo what others have stated here. It will be difficult to get into a security position without experience. How can you secure it if you don't know how it works?

    Edited to add: Have you considered getting a standard entry level IT job while in school?
    When you go the extra mile, there's no traffic.
  • mgeoffriaumgeoffriau Member Posts: 162 ■■■□□□□□□□
    To echo a couple things already said --

    1. No, it's not the moon mission, but that doesn't mean it's not incredibly important. I work in healthcare -- if I mess up something bad, my company could be on the hook for several million dollars in fines, plus whatever it would cost us to rectify the breach or failure itself. I don't know if I could do enough damage to put us out of business, but it would certainly set us back and give us little margin for survival.

    2. If you are having trouble jumping straight into a security role, then look for a support role in an organization where security is paramount (healthcare is an example). Then start working sideways into security responsibilities -- ask to be involved, ask to sit in meetings. Start taking on smaller security responsibilities and KEEP TRACK OF THEM. Keep a record of what you've worked on so that you can start adding it to the security-focused version of your resume.
    CISSP || A+ || Network+ || Security+ || Project+ || Linux+ || Healthcare IT Technician || ITIL Foundation v3 || CEH || CHFI
    M.S. Cybersecurity and Information Assurance, WGU
  • NotHackingYouNotHackingYou Member Posts: 1,460 ■■■■■■■■□□
    May I also ask why you are specifically interested in security versus server administration or networking or ? It's OK to want to do this but trying to understand your motivations in order to provide better guidance.
    When you go the extra mile, there's no traffic.
  • adrenaline19adrenaline19 Member Posts: 251
    How difficult is it to get into I.T. stuff for the government with no prior experience?

    I'm not really worried about the clearances, I'm more worried about having the education but not the job experience.

    I love my current job, but it's not really something I can retire doing. That's why I'm looking into a new career field.
    Is it hard to become a college professor teaching c.s. ?
  • PocketLumberjackPocketLumberjack Member Posts: 162 ■■■□□□□□□□
    I am curious if the MSCIA with 3 years of desktop support would help me land my first security analyst or engineer position? Would the MSCIA hold me back from getting a networking or sys admin role?

    Edit: I should also mention that my work will cover tuition but not certs.
    Learn some thing new every day, but don’t forget to review things you know.
Sign In or Register to comment.