I currently work in corrections. Have for about 7 years. I am considering going back to school for cyber security.

Will a associates/bachelors/master degree get me in the door?

Can I expect to go from job paying 50k a year to a job in the technology making the same money?

What else can I do to make myself more appealing to employers?

Will my background hurt me?

Advice I am missing?

Go get a ccna and youll easy make that figure walking in the door. If you are smart and can pass the certs it's easily doable by anyone that  can read.

Ccna and cissp are both certs I have looked into.

I want the degree to increase earning potential. I don't want to get stuck at 50-70k.

Start with ccna to get your foot in the door, then get certs as you go.

My company pays for classes and training for certs as well as testing. They also pay for a set amount for acquiring various certs up to two a year. Most companies do.

I don't know much about the job market in TX, but I would say to expect starting pay for a freshly credentialed IT person to be $60k - $70k. It takes a few years of experience and success on the job to move up in pay. Six figures is likely possible as a veteran IT person at a large firm, but don't expect to climb very high in the six figures without making your way into management.

OP I am a programmer not a security engineer ... but I say go with your passion if you like it. The security market shouod he good.

People dont just want a degree, they want performance and interest.... definitely get the certs.

Proven past work matters more than degrees I think ... not sure if you have fixed any viknerabilities legally bit that would look good on a resume :)

A bachelors in anything is nice but consider the cost.

Good luck OP.

Also I find thenwhole isea of security fascinating.. check out Bruce Schneier if you havent.

Degrees are nicr and they get you past the HR dregs. But experience is King if you don't have any experience your going to start low on the pole.  Getting CCNA is nice but you have to know what your doing as well. CISSP is a mother of a cert and the test is a bastard.  Good luck to you let us know what you decide on.

I think I am pretty set on starting my degrees in January.

I realize I am not going to walk in and make six figures, it would be nice after 10-15 years to be there though.

My current career I will tap out at 25 years and 70k-80k. Hence the career change desire.

College is expensive, I realize that. If I can spend 60k and double my lifetime earnings it sounds like a sound investment.

I have friends and employees with a ccna and a Cisco voice cert move to making 80k plus at under 30 some under 25 with additional bonuses and potential to go into higher levels of engineering in the last year. One kid didnt have a single cert and 3 years experience.

I am going to explore getting my CCNA/Cisco voice cert (other certs I find beneficial) first then. if I can make 60K plus, it would make college a hell of a lot more affordable. I am 29. I want to avoid taking a pay cut moving into a bottom entry level job. If it is possible to do without a degree, that would be a better more expedient plan.

Like I said, get a ccna, get in the door,  use the company to get further certs. Profit.
   If you come into an interview with me and have a ccna, voice cert and other certs with zero actual experience I would probably pass on you for someone with experience.

There's no degree, boot camp, cert, or get-rich-quick scheme in existence that is going to fast track you to 70k a year as a Cyber Security expert.  What they will get you is a 14 dollar an hour job being a SOC monkey working night shift until someone is willing to believe you actually know wtf you're doing.

That being said.  If you're dead fucking serious about this.  I can make a call and get you an interview with a guy who will start you at 120k if you're 100% willing to drop everything in your life and move to Alabama, hold your hat in your hands and awkwardly shuffle your feet and be willing to start learning day 1.

I'm in - how do I apply :-)

OP: do it. You are in a dead end job now. CS is a growing field with lots of funding. You might have to move though, or settle for whatever jobs are in your area.

Also, get a computer and start learning the stuff. Everything you need to learn is available on google and you need to know the workings of a computer backwards and forwards.

Not looking to get rich. Just looking to be the middle class. If I wanted to get rich I have better chances with the lotto then with my brains.

That job invite is almost entertaining.

I have noticed how fast cyber security is growing. part of my interest. my brother got out of the army to joined college and get in cyber security. there seems to be a growing field.

Corrections, while not a dead end job is becoming less and less of a career I want to pursue.

I have been in IT since I was a college student (systems administrator) and was working full-time before I graduated with my CS degree.

I didn't switch to an actual security role until 2007, and even then, that was 50/50 Identity Management and Security.

It looks like you're specifically targeting an IT Security job on the outset, but you cited $50K annually as a starting salary.

Ok, I haven't looked for a job in years because I work at the same University I graduated from, so perhaps how I moved through the ranks differs from most people in private sector.

That being said, I don't know what is starting for IT Security jobs, I can't imagine any IT Security job starting for less than $65K a year.

As far as relocation, you shouldn't have to assuming your location in your profile is accurate. I have a few locations on my LinkedIn account with regards to notifications on job openings including Texas, Nevada, and Arizona. I see security job openings in all of those areas all the time (Vegas being the most intriguing, if I ever wanted to go private sector).

In our recruitments in the past few years for people to join the Info Sec Office at my institution, we didn't hire anyone who was a "Security Analyst" or was coming from a Security role (except the new CISO). They were all in other IT functions (e.g. systems admin, devops, etc). We hired based on relevant experience and ability to learn.

Now coming from a non-IT field is what makes this question a bit difficult to answer. Do you get a certification and hope for the best?

Even if you get a security related certification, you still need to get a job, and odds are you won't get an Info Sec job simply based on the cert and no relevant IT experience.

Information Security is not just isolated to Security Analysts, Security Engineers, and Security Officers/Directors/Managers. Info Sec applies to all aspects of IT including help desk, desktop support, web development, application development, development operations, etc.

My opinion would be to get a job in what was systems administration. You need to learn Windows, *nix, and Mac OS X operating systems and how to administer those OS'es from a desktop and server standpoint. Obtain a basic understanding of networking and how to apply security at the transport layer, at least. Even if you are not technically in Information Security, at least by being a systems administrator you are in a position to apply security controls and develop experience in deploying and maintaining a secure environment.

Then when you have the IT experience (and maybe the certs), you can transition into something more Information Security focused (e.g. Security Analyst, Security Operations, Security Engineer).

While everyone thinks Information Security is the hot field, I still think devops is a desirable skillset that can apply to lots of technical IT roles, including security.

Given that we leverage a lot of tools utilized in the devops stack to deploy and maintain security controls, including puppet, ansible, git, jenkins, etc., I look upon prospective applicants with devops skills with high favor because I know they can improve security efficiency.

Good luck getting any IT job that pays well without any experience.  It isn't impossible but experience is king.  Who you know matters as much as what you know.  Network, someone may like you enough to give you a chance at a position.'


ETA:  Don't pick the "hot" field.  Pick something you will enjoy doing.  It will be hard to really dig into any material and truly learn it if you don't enjoy it.

THANK YOU for the information. I am in the DFW metro area.

I figure the best way is through a college degree and certs. it doesn't seem impossible to get into the computer field without experience. what will kill me is no paper to hang. I do understand I will be starting at the "help desk" level.
As long as I can keep/surpass my current salary I am cool.

I have no network contacts outside of law enforcement unfortunately. I would have exercised them had I by now.

You need to start networking.  Go to user groups, volunteer.  Do something to meet people in the industry local to you that could help you get your foot in the door.  

I have 15 years in IT, mostly systems administration/engineering, networking, storage etc and a CISSP and have not been able to find a position for just IT Security.  Now, I'm trying to maintain a higher salary so it limits my options but most of the security positions I see posted are senior level and they are looking for particular experience.

I'm not sure how many entry level security positions are available outside of a SOC and I'm not current on what the starting pay would be.  I started out helpdesk/desktop in 2002 at $12/hr.  

An education is not going to hurt you by any means but don't rely on that as the sole reason someone is going to give you a job paying $50k/yr.  Now once you get in the field and start getting experience it should be easy to move up in salary by job hopping but getting in the door some where at the salary you want could be a problem.

OP, what is your computer knowledge now?

Server admin?

Got any Linux under your belt yet?

While I am sure it's possible, if jumping right from some certs to a decent job were that straight forward, everybody would be doing it.

I am hoping by going with both college and certs it will make me more appealing. also I bet I can get some points from my law enforcement experience.

Computer knowledge now is basic. Slightly more then your average person. I play in command prompt, understand IP Adresses, mac addresses, system names.

Server admin, I understand the days of downloading from a link are dead. Updates and such are now pushed from a server/database. Prevents issues with social engineering.

No Linux. I should download a copy and play though.

I also know of the existence of VMWARE and know in a network we can push make the individual feel like they are sitting behind a computer. Making it work, not a clue.

To be clear, information security is the end goal. after college and training I want to be specialized in Cyber Security.

If after college my career takes me elsewhere so be it.

Security is not the end all be all. I open to all areas of IT.

the real goal is starting at 50K and ending above a salary offered in my current field.

In full disclosure. Computers was a passion that got put on the back burner for Law Enforcement. I'm now reigniting it.

being in the technology field is a desire too. Technology has always entertained me.

https://csrc.nist.gov/publications/detail/sp/800-181/final

Well I am taking he plunge.

I enrolled at Saint Leo University with a major in Cyber Security.

After Talking to industry professionals, I have decided to pursue the degree, get an associates and move over to the computer industry at the entry level. After I am in a "Help Desk" type positon I will keep pursuing my Bachelous and masters in cyber security.

I will maintain an open mind and understand I may end up in a very different area of IT.

Due to having a strong physical security knowledge, I hope I end up in Cyber Security. Or find an employer that wants my physical security knowledge.