Master's Degree worth pursuing if wanting to stay technical

[Deleted User]

Hope everyone is enjoying their weekend. Having graduated from my undergrad 3.5 years ago and tackling on a bunch of certifications, I see other people I work with pursuing their Master's degree or some who are almost done. It almost makes me feel like I am behind but I decided for my career I wanted to stay technical and focus on certifications. I have had my managers tell me that I have enough certifications and I should get more well rounded with a master's degree. I personally enjoy doing certifications because they are flexible with my life to spend time with my family and enjoy life. The only school I am considering is WGU because I can waive 2 classes with my EC-Council certifications and complete my degree in 1.5 years. Since I want to stay as a penetration tester, to any penetration testers here, did you find a master's degree worth it or just stick to doing certifications and security research/bug bounties? Thanks and look forward to hearing what you all have to say!

UnixGuy

if you want to stay a pentester, I don't see how a masters degree can help. Maybe it can help with writing reports after pentests? I can't justify it to be honest. Stick to certifications specially SANS & offensive security

stryder144

One thing to consider is this: who are your clients? They may not know what all of your certifications mean but they will understand what a master's degree means. Thus, they will value your inputs more due to the perceived professional capabilities that an advanced degree implies.

Danielm7

stryder144 wrote: »

One thing to consider is this: who are your clients? They may not know what all of your certifications mean but they will understand what a master's degree means. Thus, they will value your inputs more due to the perceived professional capabilities that an advanced degree implies.

To tack onto this, it might also depend how you interface with the clients or what you see in your future. If you always want to just be in the trenches and pass the reports to some suit to present, then it likely will never matter.

With that said, can you please fix your cert list in your profile? It runs all over your post and it makes it hard to read it.

tedjames

If you ever decide to start your own security-related company, having an MBA might help.

josephandre

Super pricy depending on what your company will contribute, but the SANS technical institute masters obviously fits the bill. Georgia techs new cyber masters has a CTF/exploit writing course along with a malware analysis course which I think fits the bill.

TechGromit

Unless your aim is to get into management, I think a Master Degree is a waste of $, chances are you will not have a position that will give you a return on the investment in time and money, just Bragging rights. In some case it might actually hurt you. We have two qualified people for the position, one with a Bachelors and the other with the Master, who should we pick? The guy with the master degree is going to want more money, lets just stick in the bachelors guy, we don't need that degree level or the extra cost.

ThePawofRizzo

I generally agree with TechGromit, unless you are considering a move to management, career-wise you may not see the return on the investment.

That being said...if you're earlier in your career, in a few years you may feel differently about management goals. Or, if you're like me and you like the continual learning that coursework provides and pursuing a goal helps with keeping you focused, a Master's might be worth considering. Another thing when considering a ROI for a graduate degree is does your employer provide tuition reimbursement. Mine provides a pretty generous benefit, so for me a grad degree cost-wise would be just a bit out of pocket, so I'd mostly just be out the time it takes.

I'm just finishing another bachelor's, so I'm also trying to determine what my next steps will be in the next year: certs focused or master's. I'm later in my career, so management probably isn't something I'd do either. I've had to do the weighing the options as well. Not sure I've totally decided, but the above are some things I consider.

Mike7

Danielm7 wrote: »

With that said, can you please fix your cert list in your profile? It runs all over your post and it makes it hard to read it.

Please do that. For a start, you can remove the entry-level certs such as A+/CEH and list the higher level certs such as LPT.

kMastaFlash wrote: »

Since I want to stay as a penetration tester, to any penetration testers here, did you find a master's degree worth it or just stick to doing certifications and security research/bug bounties? Thanks and look forward to hearing what you all have to say!

With regards to being a pen tester, focus on getting that OSCP! Understand you have tried before, but you can try again. Couple of folks in TE forum only got it on the second or third exam. FWIW, I know of pen test firms that will only hire people with OSCP; they do not bother with CEH, eJPT or even SANS certifications.