entorship/Advice

Good afternoon all,

I'm seeking some feedback/advice/suggestions/mentorship about my migration into IT. My goal is to end up in the information assurance doman, particularly in the areas lumped into "cybersecurity." I would particularly like to work in critical infrastructure protection or cybersecurity as it relates to the national security/defense realm.

I have a liberal arts bachelor's degree and no work experience in the IT field. I am a former Army officer and held some positions that involved some of the domains of Information Security, but not technical.

I have earned A+, Net+, and Sec+ from CompTIA, am cleared, and am currently working for a government contractor in the DC area who does a lot of information technology and cybersecurity consulting work. I am working on moving into a tech role within the company, because I realize nothing is more valuable than experience, but it's a process.

In the meantime, I would like to beef up some of my educational credentials. Several colleges in the area offer an MS in Information Assurance, as well as in Cybersecurity.

My question: what would be most beneficial to me, a post baccalaureate (essential a B.S. for people who allready have a bachelor's) in Computer Science and then a masters in IA or Cybersecurity once I have some experience, or just an IA or Cybersecurity masters? Do these IA or cybersecurity programs have enough technical coursework to produce competent security professionals, or are the touch-ups for people who have been working in the industry?

I realize the computer science relates more to the software side, but that's fine with me. As far as the math requirements go, I did take some calculus and statistics in college and earned high grades. I want to build a holistic knowledge of security, from software vulnerabilities to network vulnerabilities and everything in between. I don't want a cybersecurity policy degree or some degree that makes me conversational with information assurance topics.

Also, I would prefer to go to a B&M or a hybrid B&M/online program, because of GI Bill housing benefits and since I don't have a technical academic background.

I am leaning toward doing the Computer Science post baccalaureate program and then moving toward an IA or cybersecurity degree, but want to follow the path that will give me the most options, and more importantly, provide the biggest educational return on investment.

Those working in InfoSec/Cybersecurity/Information Assurance, please weigh in.

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

instant000

I want to build a holistic knowledge of security, from software vulnerabilities to network vulnerabilities and everything in between. I don't want a cybersecurity policy degree or some degree that makes me conversational with information assurance topics

If I could find the "cans of coke" posting, it would be perfect for you right now.

I don't know "everything" about Security certifications, and am waiting for someone more qualified to chime in.

Don't forget that your years of experience, even if not technical, should be leveraged for everything they are worth.

As a fellow servicemember, I salute you! Hooah!

EDIT: Google is a wonderful thing:

http://www.techexams.net/forums/security-certifications/28593-security-certification-where-start.html

^^^
Read that thread. Keatron makes one of the all-time great postings, at #14 in that thread., directly linked here:
http://www.techexams.net/forums/security-certifications/28593-security-certification-where-start.html#post205636

RPMar52

Thanks Instant, I appreciate it.

Everyone

I'm guessing from your background you already posses a security clearance.

If you happen to have a Top Secret clearance, along with the Security+ certification, that's your ticket into jobs in this field in the Defense sector.

Those 2 items will get you tons of calls from defense contractors all over the place the minute you put your resume out there. A lot of them though will be for rather short term contracts. Living in the DC area already is a big plus, because you could take them without having to move. Recruiters don't care though, you'll get offers from all over the country and over seas for 3 to 6 month contracts like they expect you to just up and move right now for such a short term job.

It's really going to depend on what you want to do in this field. Do you want to be a COMSEC guy and work with crypto all day? Or do you want to do computer forensics? Maybe you'd like to work with firewalls and do boundary security? Or perhaps you'd like to do penetration testing and vulnerability assessments?

I got to do a wide variety of work in Information Security when I worked for the DoD. I enjoyed penetration testing and vulnerability assessments the most. I hated COMSEC/crypto work. Firewall work was OK. I also really enjoyed getting to do security investigations. Some people might find it boring to be digging through audit logs tracking down a security incident, but I always enjoyed it.

It sounds like you'll want to stay away from Information Assurance. IA work is mostly policy related, and working on training users on how to properly secure their data. "Cybersurety" is their latest made up work for this. If you want more technical work, stick with Information Security, Network Security, or "Cybersecurity" as some of the defense industry likes to call it now.

carolinaguy

Hey guys, I need help. I have a bs in computer science now going for my masters at strayer I have 1year helpdesk experience...am I on right track or not? Please help

SteveLord

carolinaguy wrote: »

Hey guys, I need help. I have a bs in computer science now going for my masters at strayer I have 1year helpdesk experience...am I on right track or not? Please help

Methinks you should make your own thread, instead of hijacking another.

hardly

+1 what he said

phantasm

RPMar52: I work in the DC Metro area on a contract doing Network Support. I just spoke with my PM the other day and was offered the chance to move into a SOC position with no Security experience. I have a Sec+ and my CCNA, BS degree and a clearance.

If you want into the Security field then find a networking job and see if you can slide over to a security position. As for an MS, I'm about to start at WGU here soon for an MSISA degree. I spoke with my PM about this as well and was given positive feedback about that decision. Sure the company can charge more for me but I can also charge my company more. lol. Let me know if you got any questions.

-phantasm (Former 11B & BM3)

RPMar52

Thanks for the advice all.

For the degree side, I've pretty much settled on an MS in Computer Science. One of the universities in the area offers a graduate certificate in Computer Security and Information Assurance, the classes for which all count toward an MS in Computer Science. I'll have to knock out some prereqs at the community college, but so be it.

Not coming from a technical background, I want to learn the technical basis. I realize it's no replacement and not as valuable as hands on experience in the form of day-to-day work, but I'll take the first opportunity I get to move into a technical position as well as continue to learn through studying/labbing things for certs.

I appreciate the advice and will keep everyone apprised of how my journey's progressing.