Cyber Security Graduate - Ask me (almost) anything
A bit of background for those that have never seen me lurking over in tech. I'll be graduating my Cyber and Forensics undergraduate degree this summer with a guaranteed First. I've interviewed at a handful of organisations and have a competitive job lined up for when I finish. My primary interest is in offensive cyber (pentesting/red teaming) and research.
I'm happy to give advice and answer questions about breaking into the industry (as a career changer, as a school leaver, whatever) or any other general questions about cyber. I won't be answering questions that involve sharing personal information (what uni I'm at, where I'm going to work on graduation, my salary, etc.).
I'm happy to give advice and answer questions about breaking into the industry (as a career changer, as a school leaver, whatever) or any other general questions about cyber. I won't be answering questions that involve sharing personal information (what uni I'm at, where I'm going to work on graduation, my salary, etc.).
Scroll to see replies
Hey man, do you mind if I ask you a few questions? I would definitely be considering following similar steps to you (taking an undergrad in cyber security) although I will definitely not be as successful as you 
I've spoken to a few people who are currently at university looking to work in the Cyber Security profession, there has been a pretty mixed opinion as to whether it is better to take Computer Science at university then study cyber sec in your free time (so no doors are closed) or to just take Cyber Security (the more direct and obvious choice). Do you mind sharing your opinion, are you enjoying the degree or do you think it would be more beneficial to have taken Computer Science.
Thanks,
I've spoken to a few people who are currently at university looking to work in the Cyber Security profession, there has been a pretty mixed opinion as to whether it is better to take Computer Science at university then study cyber sec in your free time (so no doors are closed) or to just take Cyber Security (the more direct and obvious choice). Do you mind sharing your opinion, are you enjoying the degree or do you think it would be more beneficial to have taken Computer Science.
Thanks,
Original post by RobbeD
Hey man, do you mind if I ask you a few questions? I would definitely be considering following similar steps to you (taking an undergrad in cyber security) although I will definitely not be as successful as you
I've spoken to a few people who are currently at university looking to work in the Cyber Security profession, there has been a pretty mixed opinion as to whether it is better to take Computer Science at university then study cyber sec in your free time (so no doors are closed) or to just take Cyber Security (the more direct and obvious choice). Do you mind sharing your opinion, are you enjoying the degree or do you think it would be more beneficial to have taken Computer Science.
Thanks,
I've spoken to a few people who are currently at university looking to work in the Cyber Security profession, there has been a pretty mixed opinion as to whether it is better to take Computer Science at university then study cyber sec in your free time (so no doors are closed) or to just take Cyber Security (the more direct and obvious choice). Do you mind sharing your opinion, are you enjoying the degree or do you think it would be more beneficial to have taken Computer Science.
Thanks,
I don't think there's a right or wrong choice, but I do think it depends on how clear you are on your goals.
One benefit of CompSci is that you have a much broader choice of options. If you try to specialise in Cyber and hate it, you fall back on CompSci instead. However in my experience, my Cyber degree is so broad that I've got foundational knowledge for a lot of other stuff. I wanted to transition to software dev, or networking, or whatever I'd have to put time in making up the knowledge deficit but it doesn't really close any doors. A big part of Cyber is knowing a little bit about a lot of stuff, which in some ways makes it more flexible than regular CompSci. Personally I think if you're unsure, taking a gap year may be a good choice. I actually started uni 3 years "late", taking an additional 2 years at college because I didn't know what I wanted to do and then taking a gap year. I'd say rushing into the wrong decision is worse than taking your time thinking about it.
I'd say on the whole I've enjoyed my degree, largely in part to how diverse it is. I get bored easily, and knew that I didn't just want a degree where I'd be programming all day. In that regard, my degree is a good fit for me. That said I also wish I'd aimed at a more challenging uni, since there's a bunch of times where I've been disinterested purely because the material was too easy for me. Cyber as a field is quite demanding, and stagnating is one of the worst things you can do.
All things considered though, I don't think I made the wrong choice. I'm really glad I didn't take CompSci as it simply wouldn't have been interesting enough for me. Your mileage may vary though and it depends where your interests lie. CompSci, and CyberSec, courses are very different between unis so the sort of stuff you cover will vary a lot. I think it's important that you choose the course that looks most appealing, because you need to put yourself in a position where you want to do stuff in your own time. CyberSec really emphasises that, as roles in Cyber are very rarely 9-5.
Yeah it's interesting to hear that you think that the Cyber Sec degree is much more interesting. I think, like you, I would get bored of just programming all day, so it's good to know your opinions on it.
Obviously for security reasons I don't want to ask about your employment after graduation, but are there many opportunities for newly graduated students? I saw that your future job was highly competitive, so this might not be specific to you but in your opinion is it easy for a newly graduated student to find a decent job.
Thanks again for being so helpful
Obviously for security reasons I don't want to ask about your employment after graduation, but are there many opportunities for newly graduated students? I saw that your future job was highly competitive, so this might not be specific to you but in your opinion is it easy for a newly graduated student to find a decent job.
Thanks again for being so helpful
Original post by RobbeD
Yeah it's interesting to hear that you think that the Cyber Sec degree is much more interesting. I think, like you, I would get bored of just programming all day, so it's good to know your opinions on it.
Obviously for security reasons I don't want to ask about your employment after graduation, but are there many opportunities for newly graduated students? I saw that your future job was highly competitive, so this might not be specific to you but in your opinion is it easy for a newly graduated student to find a decent job.
Thanks again for being so helpful
Obviously for security reasons I don't want to ask about your employment after graduation, but are there many opportunities for newly graduated students? I saw that your future job was highly competitive, so this might not be specific to you but in your opinion is it easy for a newly graduated student to find a decent job.
Thanks again for being so helpful
On the whole yes, there's a huge demand right now in Cyber and that translates into a lot of jobs.
In terms of how easy it is, that depends a lot on you. As with most industries, if you're fairly average and competing for average jobs then there's a lot of competition. But as soon as you make yourself stand out there's way less competition. It's a little counterintuitive, but getting an average job is harder than getting a good job.
To give you an idea of what myself and some of my peers have been through though:
•
Myself and my flatmate did placement years. I ended up getting two simultaneous comeptitive offers and had to choose between them. My flatmate got turned down from a load of jobs based on the HR psychometric tests and stuff like that, went to his first assessment centre the other week and landed a job. I wouldn't say either of us have struggled.
•
The class used to be around 15 students, and I'm still in touch with 4 of them. One went on to do a Masters, 2 had jobs and 1 is still looking a year later. It's not a huge sample, but I'd say this is fairly representative of what you could expect.
Roles also vary wildly. I was choosing between a research job and a grad scheme going on to do pentesting. My flatmate has a SOC role. One of my old classmates is doing analytics. There's jobs which focus on networking, secure coding, crypto. If you're less interested in technical stuff there's auditing, data protection and similar. Transitioning towards Forensics is also quite straightforward. And you can choose between public and private sector work, with benefits and drawbacks to each. There's a huge variety of roles available and if you know what you are aiming for, then make yourself stand out then it's fairly easy. That said, decent job is of course subjective.
(edited 4 years ago)
No that makes a lot of sense to me, I think that is the case in pretty much every competitive industry.
Can I assume all the placements/CTFs were organised off your own back, the university didn't provide anything right?
Also, it kind of ties in with what you said a bit later on about the private/public sector, can I ask for your opinion on that? I know it's quite a broad subject but do you think it would be better to go into public cyber security roles such as in the GCHQ when you are younger, then maybe go private when you're older and more experience to make a bit more money aha.
Can I assume all the placements/CTFs were organised off your own back, the university didn't provide anything right?
Also, it kind of ties in with what you said a bit later on about the private/public sector, can I ask for your opinion on that? I know it's quite a broad subject but do you think it would be better to go into public cyber security roles such as in the GCHQ when you are younger, then maybe go private when you're older and more experience to make a bit more money aha.
Why red team and not blue team? Or for best of both purple team? What about pen testing interested you?
Original post by RobbeD
No that makes a lot of sense to me, I think that is the case in pretty much every competitive industry.
Can I assume all the placements/CTFs were organised off your own back, the university didn't provide anything right?
Also, it kind of ties in with what you said a bit later on about the private/public sector, can I ask for your opinion on that? I know it's quite a broad subject but do you think it would be better to go into public cyber security roles such as in the GCHQ when you are younger, then maybe go private when you're older and more experience to make a bit more money aha.
Can I assume all the placements/CTFs were organised off your own back, the university didn't provide anything right?
Also, it kind of ties in with what you said a bit later on about the private/public sector, can I ask for your opinion on that? I know it's quite a broad subject but do you think it would be better to go into public cyber security roles such as in the GCHQ when you are younger, then maybe go private when you're older and more experience to make a bit more money aha.
Yes and no. Obviously the uni won't outright get you a placement, but at least for me there was all sorts of support if you needed it. CV reviews, making you aware of jobs, that sort of stuff. I didn't personally utilise any of it, but my flatmate was struggling to find a placement and ended up getting one with a company our placement team was notifying people for. In terms of CTFs, it's a mixed bag. If you want to do them yourself you can go ahead. We've had stuff run through our societies as well, and if you want to run one but the uni isn't there's probably nothing stopping you setting it up yourself. Obviously this isn't uniform across universities, but it should be fairly representative.
I'll be honest, I've heard two ways of looking at it. If you go into public sector roles (GCHQ, Police, MoD, etc.) then you get all the perks assocaited with it and you never take work home with you. However pay can be much lower than the private sector, and it can be a mixed bag whether you are doing really cool stuff or really mundane stuff. If you go private, it's basically the reverse. You could be expected to work long hours, but the pay is typically going to be much better. There's also a lot more opportunities for travel. I think it really comes down to what sort of lifestyle you'd prefer.
Original post by AnonymousNoMore
Why red team and not blue team? Or for best of both purple team? What about pen testing interested you?
Red teaming just interests me so much more, not just the technical element but stuff like social engineering as well. I've seen blue team and SOC style work and it doesn't appeal to me. Of course being a good red teamer requires you can also do defence, but given the choice between the two I'd almost always rather break stuff.
Original post by GreenCub
What's the gender balance like in cyber security?
I can only answer based on my experience, but my courses have been very male dominated. IIRC there were 2 girls in my class (of around 15-20) before I went on placement, and my post placement class there's only 1 girl. However like the rest of STEM, there's a huge push to get more women involved. At the moment it's much like traditional CompSci though and very male oriented which is quite disappointing. The Cyber Security Challenge puts the figure at 20% though, a lot better than my classes have been.
Does Alexa work for the government/NSA?
Original post by NonIndigenous
Does Alexa work for the government/NSA?
Not that I'm aware of
Ah my friend, you clearly haven't reached the inner INNER circle if you don't know that fact.
Original post by Quady
ELK or Splunk?
I've got basically zero experience with Splunk, but given how much faff I went through setting up ELK on my placement I'd probably take Splunk. Definitely not my area of expertise though
Original post by RobbeD
Ah my friend, you clearly haven't reached the inner INNER circle if you don't know that fact.
You say that like it's a bad thing
Yeah, I don't think the life expectancy is too long in the inner INNER circle. I guess that's politics for you
Original post by GreenCub
Can you go into cyber security with any other STEM degrees besides computer science and cyber security itself?
Absolutely! More than that, you don't need STEM specifically as many places accept graduates of any kind and put you through a training program. Nor is a degree an absolute necessity, there are alternative pathway in with the most common being apprentiecships.
That's not to say a CompSci, CyberSec, or otherwise related degree won't be useful. You'll learn an awful lot of important stuff, and even a lot of STEM degrees at least have easily transferable skills/knowledge. If you try to break into the industry from any other route not only will you have a lot to learn but you'll need to demonstrate an interest (which will basically amount to being self taught). But not having a relevant degree doesn't disqualify you.
Cyber is also unique in that there's a huge field and it's not just all computer stuff. Maths is really important if you want to go down the Cryptography route. Psychology and some other social sciences relate to aspects like social engineering and phishing. Cyber isn't purely technical. But it's a broad field and really comes down to what you want out of it.
Quick Reply
Related discussions
- Opinions on the best option modules
- University choices
- Is it just me?
- BAE systems degree apprenticeships September 2024
- A Thrilling Journey into Cyber Security: My Experience at DMU
- Advice for humanities grads getting into tech/business roles
- BT Graduate Scheme
- Psychology to Tech
- Thales Degree Apprenticeship 2024
- thinking of doing masters in cyber security but worried won't entry the requirement
- Government Security Cyber Apprenticeship (Level 4) 2023/2024
- cybersecurity jobs
- BT Assessment Centre 2022
- Cyber Security or Finance???
- is Hertfordshire university is better then Middlesex in Cybersecurity
- Need help asap pls answer this question?
- Pharmacy vs cyber security
- EY Technology Graduate Program
- Amazon (degree) apprenticeship
- Ofcom 2020 Graduate Scheme
Latest
Last reply 2 minutes ago
Official: University of Bristol A100 2024 Entry ApplicantsLast reply 14 minutes ago
2023 ** Borders and Enforcement, Crime & Compliance - ICE - Immigration OfficersLast reply 28 minutes ago
Official University of Edinburgh Applicant Thread for 2024Last reply 31 minutes ago
Official UCL Offer Holders Thread for 2024 entryLast reply 37 minutes ago
Official University College London Applicant Thread for 2024Last reply 55 minutes ago
Can I do economics degree without a level maths?Last reply 1 hour ago
BAE systems degree apprenticeships September 2024Last reply 1 hour ago
Government Social Research Placement interview questionsLast reply 1 hour ago
Official University of St Andrews Applicant Thread for 2024Last reply 1 hour ago
Standard Chartered Apprenticeships 2024Trending
Last reply 1 month ago
applying to Russel group unis if my undergrad is from a non Russel groupLast reply 1 month ago
How long should you wait to hear back after an assessment centre?Last reply 1 month ago
No level 3s and trying to find a way into Engineering as a 23 year old.Last reply 1 month ago
Applied Professional Engineering Program degree apprenticeship at JLRTrending
Last reply 1 month ago
applying to Russel group unis if my undergrad is from a non Russel groupLast reply 1 month ago
How long should you wait to hear back after an assessment centre?Last reply 1 month ago
No level 3s and trying to find a way into Engineering as a 23 year old.Last reply 1 month ago
Applied Professional Engineering Program degree apprenticeship at JLR
