Re: A question on security postgraduate programs

["Drew Masters" <drewmasters () gmail com>]

Hi,

I did an MSc in infosec at Royal Holloway UoL a few years ago, it
might be worth checking out although I believe the format's recently
changed.

Drew

On 23/05/07, some randomer <some.randomer () gmail com> wrote:
> Hey, cheers for the reply. I think I may have caused some confusion by
> my use of the word 'research'. The last thing I want to do is become
> an academic researcher. I just don't see the appeal of that, I would
> much prefer to work in the industry. When I say vulnerability research
> I mean code audits, exploiting software, pen-tests etc.
>
> This is why I'm wondering whether I'd be better off just developing my
> expertise on my own time e.g. my own vuln research, writing exploits
> etc and mentioning that on my C.V with a portfolio of functional
> exploits rather than spending a year or two doing a masters that may
> or may not aid me in landing a job as a pen-tester/analyst.
>
> Cheers,
> Sean
>
> On 5/23/07, kevin fielder <kevin.fielder () gmail com> wrote:
> > Having been involved in a lot of interviews to fill two places in our
> > team recently I would strongly recommend gaining work experience and
> > possibly some relevant industry certifications if these are in line
> > with your career goals.
> >
> > While I would in no way wish to cast aspersions over the value of the
> > various IT security masters courses as we haven't seen enough people for
> > it to be a statistically relevant sample (indeed gaining my MSc is
> > something I want to achieve in the next few years), but, the applicants
> > we have had with masters have been somewhat disappointing when compared
> > with those who had spent the time in industry.
> >
> > Obviously if your goal is to be more research based then continuing in
> > education may indeed offer more value than if your goal is to work as an
> > analyst / pen tester etc.
> >
> > Cheers
> >
> > K
> >
> >
> >
> > -----Original Message-----
> > From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
> > On Behalf Of Katelyn Rowlands
> > Sent: 23 May 2007 00:59
> > To: some randomer
> > Cc: security-basics () securityfocus com
> > Subject: Re: A question on security postgraduate programs
> >
> > >  I'm a 3rd year computer science student and and I've a strong
> > interest
> > >  in security. Primarily, vulnerability research/reverse engineering.
> > At
> > >  the moment I'm trying to decide what to do after I finish University.
> >
> > I'm also in a very similar position right now. I am about to graduate in
> > June with a BSc Computer Science and I want a career in security
> > research.
> >
> > >  I would like to work in vulnerability research or pen testing when
> > I'm
> > >  finished so I'm wondering if I'm better off attempting to find work
> > >  straight away after I finish or getting some other qualifications
> > >  first? Also if someone could recommend some decent masters/postgrad
> > >  courses that would be cool.
> >
> > One very good course in the UK is the MSc Information Security at UCL
> > (http://mscinfosec.adastral.ucl.ac.uk). The fees are very high, but
> > apparently the course is very well taught and is aimed at people who
> > intend to work in industry afterwards. It's certainly a technical
> > course, and UCL is a respected place.
> >
> > I have a place on the above course, but have been advised to do a
> > research MSc instead, as this is more suitable for future research work.
> > I think it depends if you're going into the research side of things, or
> > the industry side. If you don't know, it's always possible to do a
> > Masters course while also finding a student placement and gaining
> > experience, doing certs etc.
> >
> > - Katelyn
> >