About the course
Study computer and information systems security on a course that combines academic teaching, industry input and practical skills development.
The course has four main focuses
- information security management
- ethical hacking
- system hardening
- computer forensics
This course is ideal if you are already working in an information technology environment or if you wish to specialise in the field of information security. After successfully completing it, you gain industry-recognised certifications that will assist you in progressing further in this field.
You focus on both the technical and managerial aspects of information security. The technically-focused modules involve you exploring a range of systems, tools and techniques at the cutting edge of technology. The managerial-focused modules give you an appreciation of the role information security has in an organisation and how it can be implemented and managed.
On this course you
- develop the knowledge, understanding and skills to work as a computing security professional.
- learn the concepts, principles, techniques and methodologies you need to design and assess complex networks, systems and applications.
- develop the practical experience you need to plan, perform and direct security audits of information systems to the level required by standard security frameworks.
- develop the effective and appropriate communication skills you need to be a security professional.
Free training and certification exam
Thanks to our association with BSI Learning, you are entitled to attend the BSI ISO27001 Lead Auditor course and take the official exam which allows you to become accredited as a BSI certified lead auditor.
Our ethical hacking module is aligned with the CREST Practitioner Security Analyst (CPSA) syllabus providing graduates with industry recognised and desired skills.
BSI lead auditor qualification
• ISO27001 Lead Auditor
BSI courses are delivered by approved BSI trainers and qualified ISO27001 lead auditors. As part of the course you receive the same course material as the official BSI training courses.
Guest Speakers from industry
Due to our strong ties with industry we regularly have special guest speakers. Recent speakers have included industry professionals from Mozilla, South Yorkshire Police, RSA and Blackberry.
In 2014 Sheffield Hallam hosted the North of England's first Ethical Hacking Conference Steelcon. This is set to be an annual event with 2015's event already booked.
We developed this course along two main lines.
The first covers the principles and issues of security design concerning systems and systems integration, web and operating system based applications and communication networks.
The second addresses the methodologies and development of skills required to perform security assessments of complex information systems.
Semester one modules
- Information security concepts and principles
- Network security
- Systems and application security
- Web applications and e-commerce security
Semester two modules
- BSI ISO27001 lead auditor
- Group-based case study with capture the flag
- Computer forensics and incident response
- Information security management
- Incident handling and hacking techniques (ethical hacking)
Semester three modules
You study research methods and do a substantial research project leading to a dissertation.
Group and individual coursework. You also do a range of
- problem solving assignments
- practical projects
- research activities.
On this course, you gain the knowledge, skills and experience you need to work in many different positions, from technical to management roles.
The Institute of Information Security Professionals (IISP) has highlighted the following specialisms in the area.
Strategy, policy, governance
• strategist • policy manager • information technology services officer (ITSO) • department security officer (DSO) • chief information security officer (CISO)
Risk management, verification and compliance
• risk analyst • risk assessor • business information security officer • reviewer • auditor
Incident and threat management and response
• incident manager • threat manager • forensics (computer analyst, mobile and network analyst) • computer security incident response team (CSIRT) • attack investigator • malware analyst • penetration tester • disaster recovery • business continuity
Operations and security management
• network security officer • systems security officer • information security officer • crypto custodian • information manager
Engineering, architecture and design
• architect • designer • development • secure coding • software design and development • applications development • security tools • implementation
Education, training and awareness
• security programme manager
• security researcher
Successful graduates of this course have gone on to work for companies such as HSBC, Citrix, and Price Waterhouse Coopers.