Computer Science
Master of Science in Computer and Information Systems Security
Cybersecurity is a national security priority — and the professionals who can defend it are in critical demand. The Master of Science in Computer and Information Systems Security (MS-CIS-X) at VCU prepares you to design, analyze and protect secure computing environments against sophisticated, evolving threats across industries ranging from defense and healthcare to finance and critical infrastructure.
The VCU College of Engineering is among the best graduate programs in the nation as ranked by U.S. News and World Report. Combined with our national industry connections and access to Richmond-area businesses, VCU Engineering is a solid foundation for your continuing education. The 30-credit program can be completed in as little as one year by full-time students, with a flexible part-time pathway available for working professionals.
What you’ll learn
Our curriculum integrates rigorous computer science training with systems-level and organizational perspectives, giving you the technical depth and broader awareness needed to address real-world cybersecurity challenges. You will develop expertise in applied cryptography, operating systems security, network and system security, and application security — while also exploring the ethical, legal and policy dimensions that shape cybersecurity practice.
The program’s updated core curriculum is aligned with national cybersecurity workforce standards and operational needs, ensuring your skills are current and ready for advanced security roles.
Focus areas include:
- Applied cryptography
- Operating systems and network security
- Software analysis, testing and verification
- AI and adversarial machine learning security
- Cloud and mobile/IoT security
- Memory and malware forensics
- Ethical, legal and policy dimensions of cybersecurity
Etched into the landscape of Richmond, VCU Engineering gives students access to a culturally vibrant, diverse city with close proximity to major government and industry centers — including federal agencies, defense contractors and technology firms that are among the largest employers of cybersecurity talent in the region.
Master’s program students also have access to benefits like:
- A technically rigorous core in software security, operating systems, applied cryptography, network and system security, and ethical, legal and policy issues in cybersecurity.
- A flexible elective structure spanning multiple cybersecurity domains — digital forensics, blockchain, mobile security and more — so you can tailor your degree to your career goals
- Interdisciplinary expertise that combines deep computer science training with systems-level thinking, policy perspectives and real-world problem-solving
- Dedicated Career Services department that supports internship and employment opportunities with employers across government, defense and the private sector
- Flexible scheduling designed for both full-time students and working professionals, with part-time enrollment available
Reference the VCU Bulletin for a full list of computer science classes. Master’s program courses are 500 level and above (for example, CMSC 525). Below are a few signature courses from the program:
- Introduction to Software Analysis, Testing and Verification (CMSC 525): Learn systematic approaches to analyzing software for security vulnerabilities. Topics include static and dynamic analysis, program verification, fuzzing, and techniques for identifying and mitigating flaws before deployment.
- Ethical, Social and Legal Issues in Computer and Information Systems Security (INFO 535): Analyze the policy, legal and ethical frameworks that govern cybersecurity practice. Topics include privacy law, security regulation, professional responsibility and the broader societal implications of cybersecurity decisions.
- Applied Cryptography (CMSC 620): Explore the mathematical foundations and practical applications of modern cryptographic systems. Topics include symmetric and asymmetric encryption, cryptographic protocols, hash functions and their role in securing communications, data and systems.
- Network and System Security (CMSC 622): Study the principles, architectures and techniques used to secure networks and computing systems. Covers threat modeling, intrusion detection, firewalls, secure protocols and strategies for defending against attacks at the network and system level.
Cybersecurity professionals are in high demand across virtually every sector of the economy. Graduates of the MS-CIS-X are prepared for advanced roles in:
- Government and defense
- Healthcare systems and biomedical technology
- Financial services and fintech
- Technology and software development
- Energy, utilities and critical infrastructure
- Consulting and cybersecurity firms
Consider possibilities like:
- Security Engineer: Designs, implements and maintains secure systems and infrastructure. Responsibilities include threat analysis, vulnerability assessment, security architecture and collaborating with development teams to build security into products and platforms.
- Information Security Analyst: Monitors and protects organizational networks and systems against threats. Responsibilities include security monitoring, incident response, risk assessment and implementing controls to prevent unauthorized access or data breaches.
- Cloud Security Engineer: Secures cloud-based infrastructure, platforms and applications. Responsibilities include identity and access management, security configuration, compliance and building automated defenses for cloud environments.
- Digital Forensics Specialist: Investigates cybercrimes and security incidents by collecting, analyzing and preserving digital evidence. Responsibilities include malware analysis, memory forensics, incident reconstruction and reporting findings to legal and technical stakeholders.
- AI Security Engineer: Addresses security risks in AI and machine learning systems. Responsibilities include adversarial robustness testing, model auditing, securing AI pipelines and evaluating the security implications of intelligent systems in production.
- Chief Information Security Officer (long-term trajectory): Leads organizational cybersecurity strategy, policy and operations. Responsibilities include risk governance, compliance, executive communication and building enterprise-wide security programs.
With the help of our Career Services team, VCU College of Engineering graduates have many opportunities to network with alumni and industry professionals. Our students work at companies like:
- CACI
- Capital One
- MITRE Corporation
- NT Concepts
- Federal Reserve Bank of Richmond
- Microsoft
- Micron Technology Inc.
- CoStar Group
- Genworth
- UST
How to apply
VCU offers an online, self-managed application process. See what’s needed to apply for an engineering graduate program and reference our list of Frequently Asked Questions (FAQ).