user500

Which degree is better for future MSc and jobs?

https://sh.itjust.works/post/62374589

Which degree is better for future MSc and jobs? - sh.itjust.works

So. I have this ongoing BS program in CS at a european public university, brick and mortar. However the program is terrifyingly broad, for example barely any coverage of networking. The environment is killing me as students are terrible, teachers are worse. On the other hand, there is is IU hochschule’s online BS in Cyber Sec program. IU is private uni but fully accredited. Which one would you choose for cyber sec career and maybe MSc in cyber sec / CS with cyber track ??

Jun 25 at 7:02amWeb
Show threadsylver_dragon1d ago

Just to set the table, I’ve been working in IT for around 25 years. I’ve spent time at help desk, systems administration and cybersecurity. I’m now in a senior technical position, having managed to avoid being a people manager by dint of being a good enough technical worker and an honest conversation with my own managers telling them I do not want to be a manager. I don’t actually have a degree, but that’s a choice I would NOT recommend to anyone. Especially in today’s world with every paper mill churning them out. I also am regularly part of the interview and hiring process for cybersecurity hires at my current company and previous ones as well. Yes, my unedu-macated arse is involved in the decision of whom to hire.

My advice for anyone looking at Cybersecurity as a career path would be “it depends”.

If you want to be on the technical side of things, I’d argue for the Computer Science degree. If you can, take some of the Cyber Security classes as electives, but the main focus should be on understanding how systems and programs work. One of the reasons I’m able to avoid management duties is that I have a rather deep understanding of how IT and systems work. And I can usually figure out the new stuff pretty fast. Much of that comes from my own learning about systems and programming.

If you are more interested in the auditing and compliance side of cybersecurity, then the Cyber Security degree is likely to be more useful. The folks in compliance need to have a solid foundation in the language of compliance models and dealing with the “joys” of audits. They usually aren’t going to be the folks digging into the deep technical details, but they do need to know enough to ask the right questions when a program manager starts trying to bullshit them about why a high criticality security control is “N/A”. And they need to understand why that control is important. The folks I’ve interviewed with Cyber Sec degrees seem to have this sort of thing down.

No matter which way you go, I’d highly recommend getting some time in traditional IT. The folks we have been hiring usually have a career path kinda similar to my own: some background in IT (often a year or three at hell desk and possibly time as a sysadmin) followed by a move into cybersecurity. We do have a couple junior folks who didn’t spend time IT and they tend to have odd gaps in their knowledge which hold them back. We really want people whom we don’t have to explain to what an ARP table is and why you might want to pull one from a switch. Build some systems and get a grasp on why the sysadmins might make some of the choices they do. Walking a mile in the shoes of IT can really help you make sense of the alerts they generate.

Lastly, I’d give the MSc a miss for the time being and go get some experience. There is nothing quite like being in the trenches to really put the pieces together in your mind and understand why organizations might make the choices they make. Security is almost never job #1 and that leads to a lot of compromises. Learning to feel those out and communicate with folks who don’t want to do things “the right way” is an important skill. And it’s not one you’re going to learn from a book. That said, if you do have room during your degree to take a public speaking course, take it. Especially as a senior technical leader, I do a lot of speaking to people. I have directors and C-level folks randomly asking me questions. And I spend a lot of time in meetings and on calls with IT and business folks. While it’s very true that “Hell is other people”, you’re gonna spend a lot of time in that fire.

Once you have a few years in, that’s the time to get the MSc. Especially if you want to move onto management track. At that point, go get a higher degree in Business Administration. Unless your goal is in research or teaching, a higher degree in either CS or Cyber is basically a waste. Once you are far enough along the technical track, companies are looking at experience. Sure, the higher degree might be a differentiator if you are up against similarly skilled folks. But that becomes less of an issue the further you go. I don’t think I have been asked about my lack of a degree in an interview in the last decade. No one cares when you can talk to all the issues they are looking to hire you for.

No matter what you choose, never stop learning. This is a career where what you learned ten years ago is both completely irrelevant and also oddly relevant. Some of my earliest time at a computer was learning to program in BASIC. And while that’s not something I ever expect to do again, I still see patterns I learned from that all over the place today. So, keep learning, even after you get handed that fancy bit of paper. It’s both fun and pays dividends in this field.

Show threadthr0w4w4y21d ago
Are you hoping for the degree to teach you skills that will help you succeed in a technical CS career? or are you hoping to get a credential that will get you a job?