Study computer and information systems security on a course that combines academic teaching, industry input and practical skills development.
The course has four main focuses
This course is ideal if you are already working in an information technology environment or if you wish to specialise in the field of information security. After successfully completing it, you gain industry-recognised certifications that will assist you in progressing further in this field.
You focus on both the technical and managerial aspects of information security. The technically-focused modules involve you exploring a range of systems, tools and techniques at the cutting edge of technology. The managerial-focused modules give you an appreciation of the role information security has in an organisation and how it can be implemented and managed.
On this course you
Free training and certification exam
Thanks to our association with BSI Learning, you are entitled to attend the BSI ISO27001 Lead Auditor course and take the official exam which allows you to become accredited as a BSI certified lead auditor.
Our ethical hacking module is aligned with the CREST Practitioner Security Analyst (CPSA) syllabus providing graduates with industry recognised and desired skills.
BSI lead auditor qualification
• ISO27001 Lead Auditor
BSI courses are delivered by approved BSI trainers and qualified ISO27001 lead auditors. As part of the course you receive the same course material as the official BSI training courses.
Guest Speakers from industry
Due to our strong ties with industry we regularly have special guest speakers. Recent speakers have included industry professionals from Mozilla, South Yorkshire Police, RSA and Blackberry.
In 2014 Sheffield Hallam hosted the North of England's first Ethical Hacking Conference Steelcon. This is set to be an annual event with 2015's event already booked.
We developed this course along two main lines.
The first covers the principles and issues of security design concerning systems and systems integration, web and operating system based applications and communication networks.
The second addresses the methodologies and development of skills required to perform security assessments of complex information systems.
Semester one modules
Semester two modules
Semester three modules
You study research methods and do a substantial research project leading to a dissertation.
Group and individual coursework. You also do a range of
On this course, you gain the knowledge, skills and experience you need to work in many different positions, from technical to management roles.
The Institute of Information Security Professionals (IISP) has highlighted the following specialisms in the area.
Strategy, policy, governance
• strategist • policy manager • information technology services officer (ITSO) • department security officer (DSO) • chief information security officer (CISO)
Risk management, verification and compliance
• risk analyst • risk assessor • business information security officer • reviewer • auditor
Incident and threat management and response
• incident manager • threat manager • forensics (computer analyst, mobile and network analyst) • computer security incident response team (CSIRT) • attack investigator • malware analyst • penetration tester • disaster recovery • business continuity
Operations and security management
• network security officer • systems security officer • information security officer • crypto custodian • information manager
Engineering, architecture and design
• architect • designer • development • secure coding • software design and development • applications development • security tools • implementation
Education, training and awareness
• security programme manager
• security researcher
Successful graduates of this course have gone on to work for companies such as HSBC, Citrix, and Price Waterhouse Coopers.
This course builds on your previous knowledge of computer science and Information Technology (IT), and aims to provide you with an in-depth specialism in the fields of cyber security, cyber threat intelligence and digital forensics. You will gain advanced and in-depth knowledge of penetration testing, cyber forensics, malware reverse engineering and software vulnerability and will exploit research using a very hands-on approach. You will gain practical and real-world skills in all major areas of cyber security including penetration testing, digital forensics, cyber warfare and threat intelligence. Moreover, you will learn how to apply your skills in analysis, testing and maintenance of software systems or enterprise networks from a cyber security perspective.
You will use your penetration testing and vulnerability assessment skills in finding weaknesses in existing devices and applications and to advise developers or network administrators to secure their application or environment. Your cyber forensics skills can be used to identify, collect, preserve and analyse a wide range of digital evidences and present them in the court of law. You will use your knowledge of programming to analyse different malwares to determine how they work and how countermeasures can be developed. Only a small percentage of cyber security professionals are capable of analysing advanced persistent threats and are capable of understanding and managing malware campaigns. Finally, your cyber threat intelligence knowledge and skills will help you to strategically fight against organised cyber crimes, understand and analyse cyber warfare activities and propose appropriate defensive and offensive mechanisms to reduce or eliminate those risks.
You will have close and active contact with industry experts with the opportunity to attend regular industry guest lecture programs in cyber security while you operate within a well-formed professional and ethical framework.
Graduates from this course can work in a wide variety of technical security roles within business, banking, software, networking, government, consultancy, etc. This would include roles such as malware analyzer, penetration tester, information security manager, security consultant, forensics investigator or security programmer. There is a significant worldwide skills shortage in this area, particularly for graduates with the in-depth technical knowledge and skills that are developed by this course.
This course has contacts with local industry such as software companies (such as Web Applications UK), infrastructure providers (such as UKFast) and security consultants (such as KPMG). These companies will provide you with a real-world perspective to help you appreciate the barriers that exist and the compromises that must be made to manage conflicting demands (known as the C-I-A triad).
Your MSc project will need you to demonstrate “originality in the application of knowledge”. Given a suitable topic, this may be able to be developed into an area where you can undertake a higher research degree to demonstrate “an original contribution to knowledge” which is the target for a PhD. You will get a chance to learn about the research interests of the University’s research active staff in order to help you develop a suitable topic. This may be directly in a security field, or applications of other fields of computing such as artificial intelligence or big data in cyber security and cyber forensics.
Protecting digital information from unauthorised access and use, and ensuring the resilience of the underlying network infrastructure and systems, are key challenges for the continued technological development of our society.
The science behind our Information Security MSc connects various disciplines; from computer science, electronic engineering and mathematics, to design concepts, mechanisms and technologies for effective protection of digital information, communication infrastructures and computing systems.
Focused on key information security concepts, mechanisms and technologies, our programme examines fundamental and advanced topics in important areas of modern information security, striving to achieve a balance between theoretical foundations and practical experience.
This programme is studied full-time over one academic year and part-time over three academic years. It consists of eight taught modules and a dissertation.
Example module listing
The following modules are indicative, reflecting the information available at the time of publication. Please note that not all modules described are compulsory and may be subject to teaching availability and/or student demand.
The programme will:
Knowledge and understanding
Students will gain:
Intellectual / cognitive skills
Students will leave the programme with the ability to:
Professional practical skills
Students will gain the ability to:
Key / transferable skills
Students will have:
We often give our students the opportunity to acquire international experience during their degrees by taking advantage of our exchange agreements with overseas universities.
In addition to the hugely enjoyable and satisfying experience, time spent abroad adds a distinctive element to your CV.