cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Iontomorrow
Viewer

Is a 4 year degreee still a requirement?

Hi everyone,

I have an Associates in CIS, several certifications and 10 years of experience as a sysadmin/engineer. Security has always been something I have been involved with but never a direct focus.

I am considering whether going back to complete a 4 year degree has any merit. It feels that unless I start working at a tech company, jobs like I am used to are drying up in favor of outsourcing, contracting, and IaaS, cloud, etc.

So I am considering the options of remaining technically hands-on and digging into security or going the IT management route.

How does anyone out there that may be a hiring manager feel about candidates with or without 4 year degrees? Do they still hold relevancy?
80 Replies
brennj4
Newcomer II

Preaching to the choir mate, there is no reason to be disconcerted. I'm not doubting the value of a degree, I'm simply trying to show the others on this thread that it is not black and white. As I said in my original reply to this thread, a degree is still required. personally, after I recognized this myself, I continued after my BS and acquired a masters degreee, and then a number of certs including ITIL, PMP, Leadership, and now CISSP.
Ravenshroud
Newcomer III

I love it when companies put X education or Y comparable experience.

 

What is odd is that the math you chose gives more value to the degrees than real experience.  The math is backwards, but at least debatable and non-discriminatory, socially.

 

You gave the same value to someone with no experience to someone with 5 years of experience.

 

Thus 2 years of a focus on IT education and 2 years of general education is equal to someone focused on doing the job you are hiring for for at least 5 years.

 

Did you use more of what you learned in school or more of what you learned on the job to be successful.  When I went to college, there wasn't even an Internet.

Baechle
Advocate I

Jonathan,

 

The tone of the conversation has changed from "is a degree required" to "the degree has no value other than to meet an arbitrary benchmark".

 


@brennj4 wrote:
Preaching to the choir mate, there is no reason to be disconcerted. I'm not doubting the value of a degree, I'm simply trying to show the others on this thread that it is not black and white. As I said in my original reply to this thread, a degree is still required. personally, after I recognized this myself, I continued after my BS and acquired a masters degreee, and then a number of certs including ITIL, PMP, Leadership, and now CISSP.

In reading your responses to the conversation it appears that you're echoing that a degree only holds that arbitrary value due to an old fashioned custom.  If that's not the case, then my apologies.  Your clarification above was sorely needed.

 

Tech skills, and tech experience alone does not make a good candidate.  In the case of a network tech position; I would interview both the person with 10 years experience and a CCNP, as well as the person with a 4 year degree in networking/telecommunications with 6 months of internship that I could put through the CCNP training.  The interview would be focused around how well that candidate could relay complex technical topics and configurations in plain layman terms over and over again (I would probably pretend I didn't understand about 4x times) without getting obviously flustered.  That's the guy that's getting the job.  I can train a robot monkey to cut and paste a config file on a router.

 

Sincerely,

 

Eric B.

brennj4
Newcomer II

I feel there is a middle ground in this debate, and I can see validity from both sides.   

On the one hand, I know for sure that not all college degrees are created equally, and just because someone holds a degree doesnt mean they will perform better than someone with only on-the-job training.  

I also know that the opposite of that is true, and often techs lack the soft skills you mention.   

I did learn a great deal in college, but I will say that it was mostly soft skills that retain the value over time. As Ravenshround indicated, technology moves so fast that formal learning really can only serve as a foundation on which you need to build using professional development and on-the-job training.   Most of the things that i actually do from day to day, i learned by doing rather than reading.   I learned COBOL in college... thats not helping me at all now and isnt really a valuable indicator of my ability.  

There is no truly right answer to this... we could debate it all day.   But at the end of that day, if employers still require a degree,  it is the paradigm in which we are forced to operate if we are to be truly successful (or not).  That is the tone that I was trying to convey.

Ravenshroud
Newcomer III

When you consider both candidates, you aren't a part of the socially discriminatory process concern that I have.  When companies make it a blanket policy not to interview people without degrees, particularly in a young field like cybersecurity, I have grave concerns. 

 

I do not believe formal education was a benefit or even an option in our field until maybe 5 years ago.  I am overly sensitive to discriminatory practices, particularly in a country where equality of opportunity is not a guarantee.  I apologize for the change of tone.

 

Companies that require a degree or experience are doing it just right.  Ones that assign arbitrary value for education to experience conversions or overemphasize education over experience are still a concern.  Companies that value all qualities of a candidate, via a post-interview evaluation, are doing exactly what they should do.

 

As a young industry, we should attempt to forgo the mistakes of the past and not use socially discriminatory hiring methodologies and evaluate on the value of candidates as many of you said that you do.

 

No need to defend the 'discriminatory' practice, if you don't participate in it.  If you are already doing the right thing, you aren't part of the problem, but thank you for trying to be a part of the solution.

Ravenshroud
Newcomer III


@brennj4 wrote:


There is no truly right answer to this... we could debate it all day.   But at the end of that day, if employers still require a degree,  it is the paradigm in which we are forced to operate if we are to be truly successful (or not).  That is the tone that I was trying to convey.


I agree.

 

I hope to help change that towards a more fair methodology where I can.

 

I remember learning that discrimination of all sorts isn't always conscious.  Sometimes we do it because we never developed sufficient empathy or critical thinking skills to evolve.

Baechle
Advocate I


@brennj4 wrote:

There is no truly right answer to this... we could debate it all day.   But at the end of that day, if employers still require a degree,  it is the paradigm in which we are forced to operate if we are to be truly successful (or not).  That is the tone that I was trying to convey.


I believe I understand your perspective.  I think a good understanding of where academic degrees are valuable comes with understanding that there are several career tracks that are both markedly White Collar and Blue Collar work.  Both tracks have senior positions attainable with or without degrees; although the white collar tracks are significantly harder to attain without a degree.

 

Information Technology work, and Information Security work, and Computer Security work has evolved.  It is both a White Collar profession and a nouveau Blue Collar trade.  Yes, it is possible, as it once was with factory work to begin as a tradesman and work up toward a foreman (the fence line between factory White and Blue Collar work).  It has become harder and harder to work through that barrier into management and administration (business admin, not system admin).

 

IT, IS, and CS work for years has been considered an advanced trade.  The only two major academic lines that were available were Electronic Engineering (Hardware) and Computer Science (Programming/Software).  Professional academics surrounding the topics of system administration, telecommunications (networking) and computer security has only become a mainstream departure from these E.E. and C.S. roots in the last 15 years or so.  Prior to this, the only way to enter the profession was as a technician gaining on the job experience.  

 

Entering the workforce as a technician and working your way up is still very valid, but the dichotomy between this "Blue Collar" workforce and the academically trained "White Collar" workforce is still growing.  Businesses have learned that on average, you can't take someone that is skilled in the procedural application of security controls as a technician and drop them into White Collar business risk management analyst positions without formal training (or someone with a lot of natural talent).  The technicians lack the vocabulary to communicate upward to management, they lack the business mindset to make good risk decisions (leaning toward 100% mitigation, over responsible cost-control), and quite frankly lack many of the social nuances to get along with others outside of their clique (being the stereotypical angry IT security nerd).

 

This barrier is where academic experience comes in.

 

So, if you have no interest other than being a senior technician, there is no real need for an academic experience.  You can work your way up if your favorite interaction is you and a set of security appliances.  There are a few with natural talent and developed social skills that will break this barrier on their own.  There are still fewer that will bypass this barrier by creating their own company.  If you fall into either of these two later categories, then your reputation will precede you.  You aren't the one applying for jobs, you're the one recruiters already know by name and are actively seeking out.  So, unless there's a headhunter calling you every week or two offering you a VP or C-suite job... that ain't you.  Go to school.

 

Sincerely,

 

Eric B.

brennj4
Newcomer II

@Baechle wrote:



there are several career tracks that are both markedly White Collar and Blue Collar work.  Both tracks have senior positions attainable with or without degrees; although the white collar tracks are significantly harder to attain without a degree.



This says it in a nutshell.   

Good post/.


 

rslade
Influencer II

> Ravenshroud (Newcomer III) posted a new reply in Career on 07-23-2018 12:29 PM

> I love it when companies put X education or Y comparable experience.   What is
> odd is that the math you chose gives more value to the degrees than real
> experience.

Not necessarily. I used to tell my seminars that the test was to see if they actually
had five year's worth of experience, rather than one year, five times over. It's
very easy, in a job, to simply do the same things over and over again. (You don't
have to, but it's easy. It's harder to stretch yourself.) It's a bit harder to do one
year, four times over, in university.

>   When I went to college, there wasn't even an Internet.

Really? The Internet turns 50 next year ...
https://community.isc2.org/t5/Industry-News/On-the-Internet-nobody-knows-how-
old-you-are/m-p/12139

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
If we want things to stay as they are, things will have to change
- Giuseppe di Lampedusa
victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links
http://blogs.securiteam.com/index.php/archives/author/p1/
http://twitter.com/rslade

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Ravenshroud
Newcomer III

Cool, which browser did YOU use 50 years ago?  IE or Chrome?

 

What a poor comment that was.  You know what I mean.  This isn't the political websites you must visit to troll like that.