Security Basics mailing list archives

Re: A question on security postgraduate programs


From: "some randomer" <some.randomer () gmail com>
Date: Wed, 23 May 2007 10:02:00 -0700

On 5/22/07, Katelyn Rowlands <knr () uid0x00 org> wrote:
>  I'm a 3rd year computer science student and and I've a strong interest
>  in security. Primarily, vulnerability research/reverse engineering. At
>  the moment I'm trying to decide what to do after I finish University.

I'm also in a very similar position right now. I am about to graduate in
June with a BSc Computer Science and I want a career in security
research.

>  I would like to work in vulnerability research or pen testing when I'm
>  finished so I'm wondering if I'm better off attempting to find work
>  straight away after I finish or getting some other qualifications
>  first? Also if someone could recommend some decent masters/postgrad
>  courses that would be cool.

One very good course in the UK is the MSc Information Security at UCL
(http://mscinfosec.adastral.ucl.ac.uk). The fees are very high, but
apparently the course is very well taught and is aimed at people who
intend to work in industry afterwards. It's certainly a technical
course, and UCL is a respected place.


I had a look at that course and it looks fairly interesting and
relatively comprehensive. I was talking to a few other people since I
sent the initial email and I'm now considering whether I might be
better off doing some sort of Msc in Operating systems or
parallel/distributed systems. The reason being, from looking at most
Security based courses I seem to know most of the stuff they are
teaching and I don't think a lot of them would add much to my
knowledge in the area of vulnerability research/pen testing/exploiting
whereas a course in Operating systems or whatever would be
sufficiently technical to aid in vuln research and at the same time
open other doors as well if I ever decide I get tired of 0days ;)

I have one other question for anyone working as a pen
tester/vulnerability researcher. What are my chances of getting a job
based on my current degree and ability to demonstrate what I know? e.g
vuln research, creating exploits, knowledge of pen testing.

Cheers for all the responses.

I have a place on the above course, but have been advised to do a
research MSc instead, as this is more suitable for future research work.
I think it depends if you're going into the research side of things, or
the industry side. If you don't know, it's always possible to do a
Masters course while also finding a student placement and gaining
experience, doing certs etc.

- Katelyn



Current thread: