I don't have a bachelors degree. I see quite a few job offers that
require one. I only did one year of University (10 years ago) in Marketing.
Would doing night classes in a University program (or online program)
relating to IT be helpful? I've seen some a degree 'Information Systems
Security' that may be interesting. It would be expensive and take a long
time to finish part-time. I'm not sure if I'm better off with
certifications or a bachelors degree (academic and real-world is also very
different I believe)
I am working for a web hosting company right now as a Level I Systems
Administrator, so my position is not really giving much security experience
(only a little here and there as it pertains to some security issues or
abuse issues.). My employer will not pay for certifications, so I'm on my
own there.<<<
You're actually in pretty good shape without realizing it. The job you're in
is a very good place from which to build your skills. In my experience,
employers love it when their workers actively take steps to learn more. When
I was learning SQL Server from a book and by setting a server up at my house
to learn on, I told my boss at the time that I would love the opportunity to
participate in any projects where I could get some real-world experience
using the software. Two days later, he assigned me a project working on
implementing the new help desk ticketing system that used an SQL back-end. I
learned a lot from doing that, and my employer gained someone with some SQL
skills without having to go out and hire a new DBA.
So I would recommend doing a similar thing. Talk to your boss and tell them
that you're really interested in learning more about InfoSec, and that you'd
love the opportunity to work with your InfoSec team on any projects that
they are working on. Any employer worth working for should recognize that
this is a win-win. You get upgraded skills, and your employer gets an
employee who is a more valuable asset to the company.
There are lots of university programs worth looking into. It sounds like the
'Information Systems Security' program you've seen might be the one offered
by ITT. As a graduate of ITT, I'd advise treading with great care. The money
you'll pay to go to school there is IMHO far more than the value of the
knowledge you'll attain - they basically treat everything as though it's a
survey of the material in question, which isn't as in-depth an immersion
into the material as you'll want for $30K. Studying security or any other
IT-related discipline in a classroom has value, but not as much value as
those skills you attain in the real world. The relativity of that depends on
where you decide to study.
My two cents. Hope that helps.
Devin
