Hi all,

Im currently a student (20) doing a Bsc in Computer Science, with one year left and all being well i will get a 1st Degree, after which i might do a MEng masters year.

Now im trying to work out some kind of career plan, im a good programmer but going into a 9-5 programming job would bore me to death... But ive always had an interest in security/hacking/networking.

I have a CompTIA linux+ certification, but other than that no real experience in the IT world as im pretty much fully self taught and not had the opportunity for any part time work.

So, is it possible for a UK graduate to get established in a security orientated career? And what would be the best way to get a foot in the door? From what ive heard security consultants and pen testers generally have years of experience. So im just not really sure where to start off once i graduate.

Also how does a security career compare pay wise to say a programmer?

Thanks for any advice,
Jack

tntcoda,

welcome to EH-net,

This topic strikes close to home so I thought I'd provide you with my experience as it seems I'm running roughly 1 year ahead of you.

I graduated from a UK uni with a 1st class honours in computing. Like you I've always had an interest in security. Nearly been working in my current place for three years (one year placement, one year whilst completing final year and one year after graduating). Don's advice rings true, keep doing whatever your day job is and jump on any opportunity to work on a security related project.

I've mostly completed my usual tasks whilst focusing on the security aspects like tightening ACLs/firewall rules, hardening servers etc. I've also been fortunate (or unfortunate depending on your view point) in that I've handled a couple of real-world incidents. Nothing makes the management types look at you differently than when the senior guys start panicking and the new-comer whips out a backtrack/helix CD and deals with the situation calmly

Basically, I'd echo Don's advice, get in where you can and push the security aspects where possible. If you company has any standards certifications (ISO 9001, 27001 etc.) this can be a good place to start by offering to do the security audits (that most people don't enjoy doing). If your place has a security department you can push for a transfer once you've 'proven' yourself, if you place doesn't have a security department then you amy become that department

In terms of pay, I can't speak for the whole UK industry as I don't have that much experience, but from my experience security type people are being paid more than programmers at the moment. (But security is a hot topic in the UK currently so this could be a blip).

Good luck with your final exams