.

Certificates vs Degree

<<

Peleus

User avatar

Newbie
Newbie

Posts: 5

Joined: Sun Feb 24, 2013 4:05 pm

Post Sun Feb 24, 2013 4:17 pm

Certificates vs Degree

Hello everyone. I've got a question as to the industry perception of degrees vs certificates. I'm interested in pen testing, and at this stage am largely self taught on the topic. We all know however the world goes around on pieces of paper, so if I want to get a job in the industry I'll need to obtain some formal qualifications.

I've got a degree in engineering, and was considering going back to university to do a masters in network and computer security. This would allow me to at least have an IT related university degree, which could help a lot in job applications. On the other hand I strongly believe certificates would probably provide more useful hands on knowledge specific to pen testing; but I'm unsure how they are typically viewed by industry.

So, the question really comes down to if you were a perspective employer what would you look at more favourably? Someone with a masters degree, or someone who had done a reasonable amount of certificates in the area?

Location wise Australia if matters.

Thanks all.
<<

unicityd

User avatar

Full Member
Full Member

Posts: 170

Joined: Wed Sep 03, 2008 5:33 pm

Post Sun Feb 24, 2013 7:55 pm

Re: Certificates vs Degree

Degrees and certs are both used as screening tools.  If you don't have what they're asking for, your resume may get tossed.  In general, I think degrees are more valuable, but there are cases where a cert will win out; for instance, a CCIE is probably more valuable to a network engineer than a degree.  The ideal move, however, is to get a degree and some certs.

In your case, you already have a B.S. in engineering.  This should be enough to get you past a resume screen.  Lots of people work in IT/security with degrees in unrelated or semi-related fields.  Most employers are using degrees as a marker of intelligence/work ethic without worrying about the particulars of what you learned in the degree.  A CS/IT degree with a focus in security would add a little, but you're not losing out by having what you have.

I'd recommend getting some certs now and worrying about the M.S. later.  The CCNA is very useful and will show that you have a good foundation in networking.  The CEH is an HR favorite but my impression is that most actual penetration testers don't think very highly of it; it's often required or preferred for pen testing positions, but you'll probably learn more doing something hands-on like the OSCP or eCPPT.  The various SANS certifications are pretty well regarded, but they're expensive.

Once you have more experience in pen testing and a few certs under your belt, a master's degree will make more sense.  Master's degrees are often preferred for senior technical or management positions.  Having a master's degree for an entry level role probably won't help a lot and may hurt you.  Some employers will assume that you're just using them to get your feet wet and will move on within a year or two--employers like to expect loyalty, but most won't show you any in return.  

Are you going to do your master's online or would you go back to school full-time?  If you're going to go to school full-time, it may be less disruptive to just get the master's now and ignore my previous advice.  If you do, be ready to convince your future employers that you're willing to put in some time and not jump ship right away.  You may find an employer who is happy to see that you have a master's (Google prefers them) in which case you just win outright and don't have to explain anything.

Good luck.
BS in IT, CISSP, MS in IS Management (in progress)
<<

MaXe

User avatar

Hero Member
Hero Member

Posts: 671

Joined: Tue Aug 17, 2010 9:49 am

Post Sun Feb 24, 2013 7:59 pm

Re: Certificates vs Degree

A degree in computer science is good if you're in Austraila, and as you are doing a masters in Computer Security that's also very good. You should however look into Offensive Security certifications as well, as they are valued at some companies in Australia. CREST certifications are quickly gaining popularity at the moment, but they are very costly, and, extremely overpriced. I suggest you do OSCP first before you even attempt CRT if you got the money.

Employers here, will look at your education, but also certifications as they can be merit (but seriously, finish your education), however some of them will most likely test your technical skills in a theoretical and/or practical test, so make sure you know what you're talking about.

Having the right education and certifications is one thing, but knowing your stuff is even better, and having a combination of both is the best.  

GIAC certifications and SANS courses are known, but not as highly valued as OffSec certs.

So look into getting OffSec certs for starters.
I'm an InterN0T'er
<<

Peleus

User avatar

Newbie
Newbie

Posts: 5

Joined: Sun Feb 24, 2013 4:05 pm

Post Sun Feb 24, 2013 11:28 pm

Re: Certificates vs Degree

Thanks for your feedback so far, anyone else is certainly welcome.

I'm starting to rethink and seriously lean towards certificates. To answer a point raised I'm doing currently enrolled in the masters online, but I've just got access to the course material. It all seems extremely basic, and I'm confident I could pass each subject with my self taught knowledge right now. I admit this is only the first 4 of 16 subjects, but I'm realising how largely theoretical the degree will be.

I'm fortunate enough that I'm pretty happy in my current field, so these qualifications (whatever type) is 90% because I enjoy learning, 10% because if I feel like it I can change professions slightly easier in the future. I think looking at it now perhaps the practical knowledge will be more useful, and enjoyable, for me at the moment.

Cost wise certificates to a point make sense. The masters will set me back $25600, which is an expensive learning experience. Admittedly it's nice I can defer paying it (hecs-help in Australia), but ill have to fork out eventually. Certificates are not cheap either, but it's all relative.

Sorry I know some of the above didn't have a direct question, I'm more thinking out loud and asking for a double check on my thought process ;) The biggest unknown I had was how limiting will and engineering degree be in applying for jobs as oppose to a specific IT degree. It seems the answer is a little but not as significant as I expected.

TL;DR most likely use the degree as a foot in the door showing work ethic and problem solving, then use certificates to demonstrate technical ability in the relevant areas as ill probably enjoy the technical learning a little more, end up with less debt and be reasonably valuable regardless.

Thanks!!
<<

MaXe

User avatar

Hero Member
Hero Member

Posts: 671

Joined: Tue Aug 17, 2010 9:49 am

Post Mon Feb 25, 2013 12:31 am

Re: Certificates vs Degree

The course I recommended from BackTrack, is not that expensive:
http://www.offensive-security.com/infor ... backtrack/ (750$, I recommend 60 days lab time)
and this: http://www.offensive-security.com/infor ... perimeter/ (1200$)

Don't do OSCE without knowing quite a bit about hacking first, as it's really a killer if you don't know a sufficient amount of hacking.
I'm an InterN0T'er
<<

Dark_Knight

User avatar

Sr. Member
Sr. Member

Posts: 294

Joined: Mon Aug 11, 2008 7:03 pm

Post Mon Feb 25, 2013 12:41 am

Re: Certificates vs Degree

MaXe wrote:The course I recommended from BackTrack, is not that expensive:
http://www.offensive-security.com/infor ... backtrack/ (750$, I recommend 60 days lab time)
and this: http://www.offensive-security.com/infor ... perimeter/ (1200$)

Don't do OSCE without knowing quite a bit about hacking first, as it's really a killer if you don't know a sufficient amount of hacking.

It's a killer period :)
CEH, OSCP, GPEN, GWAPT, GCIA
http://sector876.blogspot.com
<<

UNIX

User avatar

Hero Member
Hero Member

Posts: 1244

Joined: Mon Apr 28, 2008 9:20 am

Post Mon Feb 25, 2013 6:35 am

Re: Certificates vs Degree

Eventually you want to gain experience, which triumphs any degree and certificate. Ideally you'll have a good mixture of all three though.

There are a couple of threads which cover the same question as yours:
http://www.ethicalhacker.net/component/ ... opic,7630/
http://www.ethicalhacker.net/component/ ... opic,1489/
http://www.ethicalhacker.net/component/ ... topic,438/
[...]
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Mon Feb 25, 2013 8:10 pm

Re: Certificates vs Degree

As also mentioned above, I think you're in a pretty good place in terms of formal education since you already have a BS degree. I think engineering also demonstrates that you have aptitude for the technical concepts you'll need to master in this field.

That said, I don't think "Certificates vs. Degree" is the right mindset. They are complimentary, and you should strive to make each area as strong as you feasibly can.

Your master's is only going to increase in cost, and will also likely become more difficult to complete due to life responsibilities, the longer you wait. Since you've already started the program, I'd keep up that momentum and see it through.

If the material is as easy as you say, throw a cert or two into the mix to keep things interesting and strengthen that portion of your CV. Also, while obviously not as good as actually having the degree, showing that you have a masters in-progress is beneficial.

MaXe wrote:Don't do OSCE without knowing quite a bit about hacking first, as it's really a killer if you don't know a sufficient amount of hacking.


MaXe also told me I should learn how to ride a bicycle before attempting a backflip on a dirt bike. His advice is solid 8)
The day you stop learning is the day you start becoming obsolete.

Return to General Certification

Who is online

Users browsing this forum: No registered users and 2 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software