nth topic on Career Advice

Hello everyone.

I'm currently doing my bachelor's in computer engineering, and I still have one and a half years to go, but the end is nearing. I've always wanted a career in infosec, and I've been wondering on what my next step should be after grad. I posted around on the Ethical Hacker network, and I did get some information, but I thought of asking here as well.
Going through the regular campus placement process in the fourth year would put me in as a software engineer. I want to start in the security field though.
I've heard about masters in Information Assurance in some universities in the US. Should I be going directly for that after my undergrad? Capitol College seems enticing, considering the NSA-driven program they have. There are other universities too (such as Iowa State and John Hopkins). Some of them (such as Norwich) require that the candidate have 2 years of prior experience. Please suggest some good unis if I should be going down this path - and I can handle my studies more than well. Also please advise me on whether I should work for a few years first or go for MS first - this is a popular conundrum. I was told by one of the members on EHnet to get into the field as soon as possible.

I've started preparing for CCNA (wanted to establish a foundation in networking), and I've been reading posts around these forums. I got a hold of the Cisco packet tracer and am currently on Ethernet networks in Lammle's book. I'll be asking questions as and when the need arises, so that is taken care of.
I wanted to ask about security certs as well. I was recommended eLearnSecurity's CPPT (I am interested in starting in the ethical hacking/pentesting area) and OSCP. I was also told by a fellow Indian that most of the foundational skills for these courses are covered in my college years, which is helpful.
I'll post more questions if any come to mind...any answers would be greatly appreciated!

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

SVXX

3t3283.jpg

earweed

I would probably recommend you get some work experience before the MS. You could start the MS at same time as it would probably be easier to do it online. The security field isn't something they just let you jump into straight out of school (and it would be foolish of them if they did) and you would benefit from experience/education on systems/networks/programming as well as being able to write reports and such.

ptilsen

Master's degrees are good, but without some experience to go along with them it is hard to even get into entry-level security. My advice for IT professionals is generally to get experience before or in tandem with earning a graduate degree. As far as which degree to get, you need to ask yourself whether your long-term goal might be moving into a policy-focused or managerial role, or if you want to stay highly technical. There are different security-related graduate programs for each.

CCNA and Security+ are good foundation certifications. OSCP is highly respected as a pentesting cert, but it's not an early-career thing IMO. You'll need significant existing knowledge to even study for, and real skill to pass. That being said, it is probably the most logical choice after you finish CCNA (and possibly Sec+ as well).

Penetration testing could well be considered an offshoot of software engineering, so that might not be a bad focus for your fourth year of university.

SVXX

@earweed: Point taken. Indeed, wherever I have looked I have found the master's degrees to be online. I suppose I could do work and study together.
@ptilsen: I would want to focus on the technical aspects, that's where the fun is imo

again, point noted, I will try to balance work and study together. What about CCNA:S though? And eLearn's CPPT?
Hmm..then I will have to enter as a software engineer if that is so. As earweed says, no one enters security straightaway..hmm.