I’m looking to get into computer security.?

I looking into getting my 4-year (Bach.) in computer security. Would a Tech institute or a actual college, I’m into what is best for actually getting the job-. Most typical answers say just get a degree in it. But a friend of mine who works in networking he also i is going to school for video game programming tells me that I will also need a certificate also. What would actually be the best thing for me to do. I’m hoping for answers from people who work in this field to PLEASE help me out.

2 replies
  1. xeon500 says:

    Well you probably should get both a degree and certifications in what ever you want to specialize in for best results.

    Computer security is a pretty big term it covers a lot like

    Network security
    Software security
    Programming

    All pay well once you get your schooling plus certifications taken care of plus experience .

  2. N/A says:

    It’s true that most IT jobs prefer someone with a 4 year college degree. But in the security field, they also prefer someone with a college degree AND one or more security certificates (so your friend is correct). Typical requirements to get a security job are:

    1. 4 years of college degree (anything computer-related)
    2. A few years of hands-on experience in different backgrounds (network admin, software engineer, programmer, etc)
    3. A security certificate (CEH, CISSP, OSCP, GPEN, etc)

    The certificate part is really tricky, because some of the well advertised certs aren’t necessarily the best. For example, CEH might get you an interview or even a job, but OSCP (a direct comparison of CEH) is really what allows you to keep it. CISSP is another popular cert, but it’s more for management… most security professionals have it, but it’s kind of useless for penetration testing (even though, again, most pentesters have one). And generally, all SANs courses are highly recommended, but like most certs out there, they’re expensive. Cisco certs are also popular, but many of the Cisco cert holders still cry and suffer in OSCP… that gives you an idea how technical they really are when it comes to security.

    Basically, the more certs you have, the better. But any security professional will still tell you what kind of degree or cert doesn’t mean you know how to get things done…. so when you apply for certain jobs, their job requirements might get even more specific. For example:

    For security research jobs, they often ask for specific things such as:
    1. Software development experience in C/C++, Java, .Net, Python, Ruby, Perl, etc
    2. Experience in reverse engineering and debugging tools such as OllyDBG, WinDBG, IDA Pro, etc. (you usually get you choose your own DBG)
    3. Experience in exploits development — bypassing ASLR, safeSEH, stack canary, fuzzing, heap spraying, any type of buffer overflow, etc.
    4. Sometimes the company will also demand you to code in certain languages

    For penetration testing jobs, you often get asked if you know:
    1. Some experience in exploits development
    2 . Web programming experience. Because often you’re only allowed to break your clients network via their web applications
    3. Experience in certain operating systems (Windows, OpenBSD, Solaris, etc) Basically if you come from network admin background, this isn’t a problem.
    4. Experience in bypassing IDS, IPS, and antivirus (usually if you can defeat most signature-based protections, they’re happy)
    5. Certain tools for penetration testing (too many to name, even a novice hacker can name a bunch of them)
    6. If you have experience in command-line kung fu, they’ll like you. Because a lot of times you’re not even allowed to upload anything to your target machine during a pentest.

    My honest opinion to you is, if you have the money, please go to a good university first. And go major in something computer-related. Colleges are also a good way to expose yourself in the security field, because some colleges also attend events such as NetWars, security conferences, oCTF or CTF hacking competitions locally or nationally, etc. If you do all that, by the time you’re out of college, you won’t be asking questions about how to get into the security field on Yahoo Answers.

    Also, while you’re trying to get into the security world. Do not listen to anybody who tells you how you should break into systems without permission to gain experience. This isn’t the 1980’s… it’s not like this anymore. In fact, if you have a criminal record, you will have a hard time getting a job in the security field. All legit companies simply don’t want to deal with black hats.

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.