mailing list archives
Re: [PEN-TEST] Education. Formal or not?
From: Gregory McCann <greg () cambria com>
Date: Tue, 7 Nov 2000 21:49:24 -0800
I'm not a full-time security professional, but I'm in a closely related field doing system administration and
e-commerce development for a number of clients. I quit college about 13 years ago when one of my professors
recommended me for a programming job (dBase) and everything has been on-the-job training since then.
You mentioned that everything you learn in school is 2-3 years behind. That's typical. It probably stays that way
until you get into post-graduate work (which I never did). Then you might actually end up being *ahead* of the curve.
I have mixed feelings about not having a degree. On the one hand, I have done well without it and I have enjoyed the
challenge. On the other hand, a lot of doors are much easier to get through if you do have that piece of paper. Most
corporate hiring managers are college graduates themselves and they must have that "stamp of approval" on everyone who
comes through their door.
To get by without a degree you have to be independent, well above average, and very hard-working. But there is a lot
of satisfaction in being able to succeed that way.
On 11/7/2000 at 10:00 PM ph00dy wrote:
My questions are:
1.Is college a waste of time for pen-test/auditing/risk assessment
2.If so how does one prove what they know to a perspective employer?
3.What is the practical value of a college degree in our field? What about
in the long run?
"Acquire the spirit of peace and thousands around you will be saved."
- Saint Seraphim of Sarov