If a person had no degree of any sort but wanted to get into the computer security field (I think they call it different things sometimes) which degree would give that person the best start toward that goal?
Not really, experiences play the major role in the Security world. I would recommend to work on certifications and start working as help desk and tech supports. Security+ SSCP CISSP Ethical Hacker CCNA & CCNP Security
Are you open to getting a degree or looking at certifications? There are computer security and forensics degrees, some I believe online. My husband got this degree at Oklahoma State University but ended up going the programming route. Several of his classmates now work for high level government agencies doing security/forensic type work with this degree.
I work with security people all the time and have one leg in infosec and another in software engineering. Many of them came up from the help desk ranks. I think the best come from the engineering and development world but help desk is one way to get into security as you are doing account maintenance and managing identity lifecycles etc. So I would suggest getting an entry level IT job ASAP and work on the degree simultaneously. Certifications are good but the CISSP requires 5 years or so of security experience.
Hi Kiz - The InfoSec career path is sort of funky as it is or was as of even a few years ago, still unstructured enough to have a ton of possible vectors you could inbound from. Here's what I've seen based on occupational specialty. IT Audit - Usually Accounting or Finance with some IT electives and a CISA cert from ISACA. Most of these guys went to a good enough school to get into a consultancy firm as an associate out of school and went into Risk first. IT Infrastructure Security - Most of these guys came up through a CS program and spent some time in hybrid developer/operations roles before deciding to get either a CISM from ISACA or CISSP with either an infrastructure or applications development specialty. Identity Management and Access Control - Most of these guys have an IT degree and have come up through the ranks of Help Desk roles doing account management. Theirs is a longer haul as it's easier to transition to security when you've got experience in a data center or a significant code portfolio and from experience, there's a lot of guys trying to get off help desks to be the "security guy". I came up out of the third category after building an audit team from the ground up and am about 3-6 months away from taking responsibility for our firm's security program. I carry the certs mentioned and obviously the degrees in the signature line, but I would have been better served knowing I wanted to be in InfoSec earlier in my career and going one of the first two paths if I wanted to make it into the field faster. What I haven't seen is a guy go straight into school saying "I want to be an infosec guy" and actually get a gig out of school as an infosec guy. I'm sure it happens somewhere though and I'd love to see that story from someone at least once.
Ryoder has great advice. This is exactly what Google recruiter told my husband at a college recruiter events some years back. My husband took his advice, got a entry level helpdesk job at Dell with just 6 months of experience there he was able to get an entry level programming job and since has worked his way up to senior software engineer at Microsoft.
