Skip to main content

Academic Programs

Academic Resources


Student Services

About GPS


Corporate Partners

877-881-7313 | REQUEST INFO
Mobile Menu
Master of Science in

Information Security

Fill out the form below to learn more about M.S. in Information Security at Brandeis GPS.
All fields required.


By clicking submit above, I agree Brandeis University may email me or contact me regarding educational services by telephone and/or text message utilizing automated technology at the telephone number(s) provided above. I understand this consent is not required to attend Brandeis University. If I reside outside the U.S., I consent to the transfer of my data to the U.S. Brandeis University’s privacy policy governs the submission and handling of this data.

Slide 1

Advance Your Career in Information Security.
Apply by April 14th for May Start!

Cyber-security sectors are poised for exponential growth

High job security in Cybersecurity - 89% of IT security staffers say they feel at least somewhat secure in their jobs - From

With the pervasive growth of Cloud computing, mobile devices and Web-based applications, Information Security issues are of growing importance, both nationally and internationally. As news about severe security breaches tops the headlines on a regular basis, virtually every business, governmental organization and enterprise must be proactive in protecting themselves against malicious security attacks, while still preparing for disaster survival and recovery.

Information security professionals are increasingly in demand in both the private and public sectors as massive amounts of sensitive personal and business data migrate to the vast array of cyber networks that are growing exponentially each year.

The Master’s Program

Advancing the future of Information Security

Information Security is no longer the bailiwick of insurance companies, hospitals and governments. Virtually every company, governmental organization and business enterprise in existence today is entrusted with increasingly sensitive data, and must provide for the security of their systems, software, networks and data accordingly. Technology professionals with specialized knowledge pertaining to current security methodologies, techniques and disaster recovery plans designed to protect cyberspace and global information are increasingly in demand.

And going beyond simply understanding the tools and tactics involved, technology professionals who possess both the business acumen and analytical skills necessary to plan and implement programs regarding privacy, compliance, audits, business continuity and disaster recovery are poised to lead the industry as it continues to develop.

The Information Security program in the Division of Graduate Professional Studies not only provides its graduates with both the business and analytical skills necessary for leadership, it prepares them to address the unique security vulnerabilities and countermeasures facing the current digital age, including such aspects as Cloud-based computing, mobile and app-driven security, digital forensics and more.

Graduates with a Master of Science in Information Security are prepared to:

  • Assess risks to the security of proprietary information in an organization.
  • Understand the technical, organizational and human factors associated with these risks.
  • Evaluate information technology tools designed to protect against threats facing organizations.
  • Assess the impact of security policies on existing complex systems and organizational objectives while simultaneously considering regulatory requirements and compliance.
  • Oversee the information security life cycle of an organization, including planning, acquisition, development and evolution of secure infrastructures.

Required Courses

Foundations of Information Security provides an understanding of the fundamental elements and technology “building blocks” of information assurance and computer security. The objective of the course is to provide coverage from the ground up on applied security concepts and technologies related to IT infrastructures, along with the attacks, threats and vulnerabilities currently faced by organizations. This course will expose students to fundamental security technologies and concepts in the areas of access control, cryptography, telecommunications and network security, application development security, and physical (environmental) security. This course provides the foundation for the remaining courses in the Information Assurance program.

At the end of the course, students will be able to:

  • Identify IT security requirements and categorize IT security attacks, threats and vulnerabilities.
  • Explain the fundamentals of access control principles and models, and differentiate among common authentication methods, such as passwords, tokens and biometrics.
  • Analyze the fundamental elements and role of encryption processes in information assurance, and illustrate an example scenario where encryption processes are applied.
  • Identify the threats and vulnerabilities related to IT networks, and explain the concepts of managing and defending network attacks.
  • Identify the common software-related threats and vulnerabilities, and describe the best practices and methodologies for software assurance.
  • Describe the common physical access control threats and vulnerabilities, and explain how to control access to the physical resources of an organization.

Foundations of Information Security Management will expose students to higher-level security concepts, infrastructures, standards, protocols and best practices that are necessary for today’s Information Assurance professional. Building on the knowledge of fundamental security technologies covered in Foundations of Information Security, students will develop an understanding of the fundamental tenets of information assurance solutions for businesses, government agencies and enterprises which require the establishment of a comprehensive security strategy and execution plan. This course will expose students to key concepts and principles in security operations; security architecture and design; information security governance and risk management; business continuity and disaster recovery planning; and topics in legal, regulations, investigations and compliance.

At the end of the course, students will be able to:

  • Evaluate security controls, operations and maintenance and explain how to create sustainable operational security
  • Describe and evaluate security policies, procedures, baselines and guidelines.
  • Explain core security characteristics, such as Confidentiality, Integrity and Availability.
  • Develop strategies for assessing risks, performing risk analysis and trade-off analysis.
  • Explain the basics of business continuity management and strategies, along with the concept of disaster recovery planning.
  • Assess how laws, regulations and compliance play a role in the security of information, and illustrate at least one regulation that deals with protecting privacy or protecting commercial transactions.

Prerequisites: It is suggested that students complete RIAS 101 prior to taking RIAS 102.

This course covers the concepts, applied mechanisms, and practices of using cryptography and access control techniques in software applications. These techniques address security requirements such as confidentiality, integrity, authentication, authorization, and accountability, and have become the vital part of all business applications and electronic transactions. Concepts explored include common IT security challenges; critical application security exploits; the role of cryptography and its applied mechanisms; access control principles and techniques related to personal identification and strategies for enabling stronger authentication using Public-Key Infrastructure (PKI), smartcards, and biometrics; enterprise identity management concepts; industry standards for enabling identity provisioning, single sign-on, and federation.

At the end of the course, students will be able to:

  • Develop examples illustrating substitution and transposition ciphers.
  • Develop a conceptual architecture including cryptographic requirements to support secure communication channels ensuring confidentiality, integrity, authentication, and non-repudiation.
  • Analyze digital signatures of email messengers currently in use.
  • Develop a conceptual architecture including transport-level security requirements to support an Internet portal with confidentiality, integrity, and authentication of all data in transit between a web server and its connecting peer web browser.
  • Develop a conceptual architecture with transport-level security requirements to support the security of a company’s credit card transactions with its banks.
  • Develop a conceptual architectural solution for a web portal that aggregates access to multiple business applications residing within their network and over the Internet in partner organizations. Identify the security standards and technology components that need to be in place to ensure that the overall security and access control are not compromised.
  • Analyze strategies for enabling the multi-factor authentication using Smart cards and Biometrics.

Prerequisites: It is suggested that students complete RIAS-101: Foundations of Information Security

Network security is a broad term that can refer to the security of devices that comprise the network infrastructure, the traffic sent over that infrastructure, the hosts (clients and servers) attached to the infrastructure, the applications that utilize the network, the user community and the policies that govern usage of that network.

In this course, we will use the first four layers of the OSI protocol stack (physical, link, network, and transport) to introduce many aspects of network security. In particular, we will consider how devices at each layer provide “defense in depth” by securing communications traffic as well as preventing unauthorized access. Our examination will be enhanced by using various security tools to observe network traffic that illustrates how security can be applied throughout today’s enterprise.

At the end of the course, students will be able to:

  • Identify security services used at layers 1-4 of the OSI protocol stack, and compare and contrast the benefits and disadvantages of implementing security services at each layer.
  • Differentiate between secret key and public key encryption, list the elements of a Public Key Infrastructure, and analyze the challenges of implementing a key management system.
  • Apply general security design principles to a network infrastructure, and demonstrate how design patterns can provide a basis for those decisions.
  • Enhance security by demonstrating how VLANs and Private VLANs can segregate traffic at the link layer.
  • Compare WEP, WPA, and WPA2 security, with respect to authentication and authorization issues that arise in the course of implementing a wireless LAN (WLAN).
  • Justify the use of router ACLs as a means of protecting the network perimeter
  • Research the security effects of introducing IPv6 into an enterprise
  • Integrate firewalls and application gateways into the overall security infrastructure.
  • Utilize packet analysis software to identify and analyze suspicious network traffic.

This course covers key bodies of knowledge and specializations in security, privacy, and compliance associated with enterprise information systems. The course explores the management of various technologies in emerging areas of information assurance including computer and network security, digital forensics, cryptography, and biometrics. Course concepts include cost/risk tradeoffs; technical, physical, and administrative methods of providing security and compliance; current privacy legislation; and technical means of providing privacy and IT compliance.

At the end of the course, students will be able to:

  • Describe threats to information security, and identify methods, tools and techniques for combating these threats.
  • Identify types of attacks and problems that occur when systems are not properly protected.
  • Explain integral parts of effective information security practices.
  • Identify and discuss issues related to access control.
  • Describe the need for, and development of, information security policies, and identify guidelines and models for writing policies.
  • Define risk management and assess its importance as a component of information security strategy and practice.
  • Describe types of contingency plans and the steps involved in developing them.
  • Identify security issues related to personnel decisions and the qualifications of security personnel.


Choose 5.

This course covers both the principles and practice of digital forensics. It investigates the societal and legal impact of computer activity including computer crime, intellectual property, privacy issues, legal codes; risks, vulnerabilities, and countermeasures; forensic tools and techniques to uncover illegal or illicit activities left on disk and recovering files from intentionally damaged media; specific manifestations of cyber crime, including hacking, viruses, and other forms of malicious software; methods and standards for extraction, preservation, and deposition of legal evidence in a court of law. The course maps to the objectives of the International Association of Computer Investigative Specialists (IACIS) certification to provide credible, standards-based information.

At the end of the course, students will be able to:

  • Investigate digital forensics issues related to information technology.
  • Communicate the results of digital forensics investigation to colleagues
  • Effectively address both current and future digital forensics challenges.

This course covers applied security concepts, technologies, techniques, patterns, best practices and checklists intended for securing Web based applications, XML Web services and SOA. The course illustrates the real-world security challenges in IT applications and drills down on strategies for identifying security threats and risks; adopting a security design methodology; implementing security architecture using patterns and best practices; and performing security testing and production deployment.

At the end of the course, students will be able to:

  • Describe and demonstrate proactive and prescriptive approaches to applying security in Java applications, XML Web Services and SOA.
  • Develop security requirements for a Web-based Auction Portal application that delivers multiple services intended for performing public auction over Internet, and identify and mitigate related security risks.
  • Deploy a sample Web application, implementing FORMS based authentication, adding users and defining roles/groups, defining role-based authorization based on user access and privileges, and implementing transport-layer security using SSL for the deployed application.
  • Develop a logical security architecture for a Web-based Financial Application Portal that acts a XML Web services provider infrastructure of an organization, and identify and mitigate related security risks.

This course presents methods to identify vulnerabilities and take appropriate countermeasures to prevent, mitigate, and manage information failure risks for an organization. The course provides a foundation in disaster recovery principles, addressing concepts such as incident response; disaster recovery planning; risk assessment; policies and procedures; roles and relationships of various members of an organization; implementation of the plan; testing and rehearsal of the plan; and actually recovering from a disaster to insure business continuity.

At the end of the course, students will be able to:

  • Prepare an incident response plan that addresses preparation, organization, prevention, detection, notification, reaction, recovery, and maintenance.
  • Prepare a disaster recovery plan that addresses preparation, implementation, operation, and maintenance.
  • Assess enterprise-level risks related to disaster recovery.
  • Develop policies and procedures related to disaster recovery.
  • Prepare a business continuity plan addressing preparations, implementation, operations, and maintenance.

In the past, enterprise security focused almost exclusively on the network perimeter. Enterprise security was network security: protecting the corporate network via firewalls, routers and IDS/IPS. Information lived within the confines of the corporate IT infrastructure, and attackers were focused on breaching that perimeter to gain access to information. Today, with improved perimeter security in the form of reverse proxies, stateful packet inspection firewalls, and intrusion detection and prevention system, the focus of attacks has changed. Attacks are now against software applications rather than against accessing the network per se. This is especially true with the advent of Web-based applications, but it is also true for attacks against any software that can be exploited as a stepping-stone to reach further and further inside the network. The model now is “inside-out” rather than “outside in:” have the user inadvertently download malicious software (“malware”) that then exercises vulnerabilities in other software to either 1) expose critical data, or 2) increase privileges in order to obtain a base system for further attacks.

In this course, we will focus on two critical areas of software security assessment: auditing software to determine if security vulnerabilities exist (static analysis), and then testing software to determine if additional run-time (operational) vulnerabilities exists. Auditing an application is the process of inspecting an application (either source code or binary) for vulnerabilities; in contrast, testing (whether black box or grey box) usually involves developing an attack scenario and then testing to see if the attack succeeds.

The course first will address the importance of a security development process, and demonstrate how security testing is a critical component in that process. We will focus on threat modeling techniques and patterns, and then determine how to create tests to determine that these threats have been mitigated, using a combination of case studies and lab exercises to demonstrate the effectiveness of these tests. We then will consider issues of secure deployment and secure communications once the software is delivered, and conclude with a discussion of integration of ongoing security testing within an organization’s security posture.

The course is designed to support the efforts of the following individuals.

  • Someone who will be managing an information security department.
  • Someone leading a software development team for whom software security is a requirement.
  • Someone who is part of a QA/Test organization and needs to be aware of software security vulnerabilities and know how to develop a testing program to indicate that these vulnerabilities have been mitigated
  • Someone responsible for performing a software security assessment (internal or external).

At the end of the course, students will be able to:

  • List the steps of a security development lifecycle, and the reasons why each step is critical for software security success.
  • Contrast software auditing with software testing, and indicate when each technique is more effective.
  • Describe common software vulnerabilities, their impact on software security, and how to develop tests to uncover these flaws.
  • Perform tests to determine vulnerabilities

The advance of virtualization technologies couple with Cloud computing has irrevocably changed the face of enterprise computing in the 21st century. The CAPEX and OPEX advantages of these technologies, whether singly or together, have made their adoption almost inevitable, and has opened the possibility for highly elastic and infinite computing power and scalability that supports the delivery of enterprise applications and services. Yet with this adoption comes the risk of negatively affecting the security posture of the organizations that chose to implement these technologies. Do the same security concerns and controls apply and/or scale between the physical and virtual worlds? Are there new security issues that need to be addressed in the virtual world that didn’t exist or weren’t considered high priority in physical architectures?

This course will provide coverage from the ground up on applied security concepts and technologies related to IT virtualization and cloud infrastructures as well as the accompanying threats and vulnerabilities faced by organizations. Building on an understanding the basics of virtualization and cloud infrastructures (Public, Private and Hybrid Clouds) and delivery models (Software As A Service – SaaS, Platform As A Service – PaaS, Infrastructure As A Service – IaaS) the course focuses on the development of security practices, policies, awareness and compliance program, and examine accompanying legal and regulatory issues. We also learn how to deal with non-trivial issues in the Cloud such as load balancing, caching, distributed transactions, and identity and authorization management. Students will come away from the course having learned the benefits of virtualization and cloud computing, as well as how to cope with the unique demands that such environments make on the overall security posture of organizations.

The field of Information Assurance and Security is continually evolving. New standards are introduced, organizations adopt novel approaches and refine existing methodologies for protecting information. This Special Topics course facilitates the introduction of cutting-edge assurance and security practices as they are introduced in the industry along with topics not covered by the required and elective courses.

Special Topics are offered periodically. Please refer to the Course Schedule page of the GPS website found from Online Programs > Course Schedule.

This course provides an opportunity for students to focus on leadership and the applicable skills needed to function as a leader in an organizational setting. The course looks at leadership as a process by which one person influences the attitudes and behaviors of others. It looks at leadership of organizations and groups, including teams. Concepts covered include various leadership theories and models, leadership across cultures, leadership ethics and attributes, organizational change/development, and, the role of the leader in establishing organizational culture and facilitating change. The course encourages self-assessment through group projects and leadership simulations.

At the end of the course, students will be able to:

  • Describe the nature of leadership and assess the basic functions of management and the complexities of leadership.
  • Analyze the role of ethics and its role in organizational and team decisions.
  • Examine multiple viewpoints for differing frames of reference, perspectives, and orientations to the same situation.
  • Employ leadership, team-building and decision-making concepts; examine how teams make high-stakes decisions in stressful situation, why individuals and teams make flawed choices and how leaders shape the context and the process through which teams make decisions.
  • Critically reflect on leadership style and your own experience within a team and its leadership.
  • Understand the role of leaders in setting strategic focus and direction.

This course focuses on the important legal, ethical, and societal issues associated with managing information technology resources, from multiple perspectives: technical, social, and philosophical. It examines the different ethical situations that arise in IT and provides practical techniques for addressing these issues. Concepts addressed include file sharing, infringement of intellectual property, security risks, Internet crime, identity theft, employee surveillance, privacy, and compliance.

At the end of the course, students will be able to:

  • Define ethics and convey the importance of acting according to a code of principles.
  • Analyze why business ethics have become increasingly important.
  • Assess practices that corporations have adopted to improve business ethics.
  • Develop approaches to ensure ethical decision making.
  • Analyze trends that have increased the risk of using information technology unethically.

Business continuity is the processes and procedures organizations use to help ensure that vital functions continue to effectively function during and following a disaster. Business continuity planning is an organizational activity designed to avert interruptions of vital organizational functions and to restore normal organizational functions as expeditiously and efficiently as possible.

At the end of the course, students will be prepared to:

  • Use Risk Management techniques to anticipate organizational risks and threats.
  • Use Business Impact Analysis techniques to identify probable consequences to organizations that experience a disaster
  • Apply Project Management techniques to manage the development, testing, delivery and maintenance of a Business Continuity plan
  • Develop an emergency response plan
  • Develop a disaster recovery plan
  • Use Crisis Communication methods to communicate with key stakeholders impacted by the organizational disaster

This course will explore secure software development and engineering processes through a set of activities performed to develop, maintain, and deliver a secure software solution from ground up. The course will dig deep into the concepts and applied techniques of how to incorporate security throughout software development life-cycle processes including Architecture, Design, Testing, and Maintenance. This course will deliver both theoretical and practical security guidance for developing the various process components in the context of both waterfall and iterative application development models.

Awareness of the risks related to confidential information, intellectual property, and the consequences of disruptions to our IT infrastructure is going mainstream. But security leaders still must bridge an important language gap in their discussions of risk, by making a business connection between the “unrewarded” risks of security and compliance, and the “rewarded” risks of operations, innovation, and growth. This course will review practical methods for quantifying the uncertainties related to business decisions about information security, and for making risk-based decisions based on reducing those uncertainties by measurement and observation.

At the end of the course, students will be able to:

  • Develop risk assessments in the security context of protecting value, defending assets, and minimizing downside
  • Describe and connect such risk assessments in the business context of creating value, enabling assets, and maximizing upside
  • Frame decisions about information security risk in terms of uncertainties
  • Inform better decisions about information security based on using measurement and observation to reduce uncertainties

This course appraises vulnerabilities and threat vectors associated with Mobile Computing Devices. Specific emphasis on mitigation techniques including security configurations as well as security software.

Topics will include the following:

  1. Mobile Computing Overview
  2. Wireless Communications Infrastructure Vulnerabilities
  3. Wireless Communications Infrastructure Vulnerabilities Mitigation Techniques
  4. Mobile Platform Vulnerabilities
  5. Mobile Platform Vulnerabilities Mitigation Techniques
  6. Mobile App Vulnerabilities
  7. Mobile App Vulnerabilities Mitigation Techniques
  8. Mobile Device Vulnerabilities
  9. Mobile Device Vulnerabilities Mitigation Techniques
  10. Organizational Mobile Device Security Policy Requirements

This course addresses security, privacy, and compliance issues as they impact health information systems. The course explores and evaluates the moral and ethical concepts of information security. Students will explore security issues including restricted access and physical security of hardware/software along with the evaluation of information security tools. The course covers health data integrity, risks, and audit ability techniques along with regulatory compliance, confidentiality and privacy of patient data. The overall goal of the course is the evaluation and implementation of security in health information systems.

At the end of this course, students will be able to:

  • Recognize the role of information security, key concepts and the functions it plays on the business, organizational structure, healthcare industry and everyone involved in health care.
  • Understand the healthcare industry’s key concepts, security standards, healthcare applications and systems.
  • Recognize the need and ongoing maintenance of the information security program and how the information security function is positioned within organizations.
  • Identify the technical, organizational and human factors associated with information security.
  • Evaluate information security tools and perform regular audits to protect against threats facing healthcare organizations.
  • Differentiate between regulations, laws and ethics and understand the role of culture as it applies in information security and healthcare.
  • Assess risks to the security of data in a healthcare organization to minimize information security risks in the organization.
  • Understand how incident response planning, disaster recovery planning and business continuity are related to business contingency planning.
  • Oversee the systems development lifecycle (SDLC) for secure application systems design.

There are two tracks for the Information Security Degree- Technical and Managerial. Students should take the Five Required courses plus these suggested electives:

Technical Track

  • RIAS 120 – Securing Applications, Web Services and Software-As-A-Service (SAAS)
  • RIAS 130 – Software Security Testing and Code Assessment
  • RIAS 140 – Securing Virtualized and Cloud Infrastructures
  • RIAS 155 – Secure Mobile Applications and Data
  • RIAS 145 – Secure SDLC (Secure Software Development Lifecycle)


  • RIAS 115 – Information Technology Forensics and Investigations
  • RIAS 125 – Principles of Incident Response and Disaster Recovery
  • RMGT 110 – Organizational Leadership and Decision-making
  • RMGT 120 – Legal & Ethical Practices in IT
  • RMGT 180 – Principles of Business Continuity Planning
  • RIAS 150 – Principles of Risk Management in IT Security

CIO Talk Radio – Stronger Security with Big Data

with Derek Brink

In the same way that new security measures can help organizations better enable Big Data, utilizing Big Data can help improve and transform enterprise security practices on the whole. If we think about security in the context of Big Data, the proper utilization of data can help organizations achieve better insights and become more predictive and proactive in their security measures overall. So what are the steps to making this security transformation possible?

Listen now

There are many options to fund your education. Please note that tuition is subject to change annually. With 30 credits required to graduate, the program tuition is currently anticipated to be $31,500.

Tuition and Fees
Graduate course (three credits) $3,150
Late Registration Fee $70
Application fee (master’s or graduate certificate programs) $50
Application to graduate fee $100

Featured Faculty

Industry experts teach tomorrow’s security leaders

Charles L. Brooks

Charles Brooks is the owner and principal consultant at Security Technical Education, which offers course development, training, delivery and technical writing and reviewing services. He has a broad background in information security, including network forensics, VPN technologies, PKI, LAMP and secure software development. His current interests lie in network forensics analysis, securing virtualized environments, and examining the common threads that unite security testing, hacking, and malware analysis.

Ramesh Nagappan

Ramesh Nagappan

Ramesh Nagappan is a Technologist at Sun Microsystems. He has extensive experience with, and remains focused on, securing applications, XML Web services, and identity management technologies. He is the co-author of Core Security Patterns (Prentice Hall) and four other books on topics related to J2EE, EAI and XML Web services.

Derek Brink

Derek Brink is a Vice President and Research Fellow covering topics in IT Security and IT GRC for Aberdeen Group, a Harte-Hanks Company. In his work, he helps organizations improve their security and compliance initiatives by researching, writing about and speaking about the people, processes and technologies that contribute to leading performance.

How We Teach

A student-centered approach

Graduate Professional Studies has been applying online course development and delivery best practices for more than a decade.

Learning online with GPS means that you will:

  • Engage in Small Classes with professionals in your field, discussing and applying practical techniques you can bring back to your job.
  • Collaborate with Experienced Instructors who also work in your fields, bringing their experiences directly into the online classroom
  • Participate when Convenient for you. You will not be required to participate or “attend class” on a particular day or time.  There is a weekly pace, and discussion posts and other assignments are due through the course week.
  • Learn Online with Confidence. Before your first online course begins, you will complete an orientation course through which you will become comfortable with our approach, our standard course structure, and the learning management system (Moodle).
  • Experience Brandeis Standards of Excellence.  Your courses and program go through layers of reviews as part of our quality infrastructure, including course & instructor reviews, internal reviews by faculty, and external reviews by Professional Advisory Boards.
  • Receive Personal Support  from your assigned Student Advisor who will help you navigate your graduate experience, serving as your main point of contact from admission through graduation.

Our Graduates

Their success stories

As an online learner at Brandeis GPS, I found the coursework and support resources convenient and accommodating. In fact, I rarely felt as though my studies were an interruption. What I learned was immediately applicable, and I continue every day to benefit from the understanding the courses gave me. I was offered a new job during coursework, and I later discovered that one of the primary reasons I received the offer was because I was enrolled in the program. I’ve found that, when making new connections, having a degree from Brandeis earns you a great amount of initial trust.

Scott Paddock

The curriculum was challenging and real-world related. The principles of project management I learned can really be applied to almost any field and aspect of life, but my new knowledge gave me the confidence to start my own business and apply Project Management tools and techniques to non-traditional fields. I loved the flexibility of the classes. I was able to complete my degree from across the country while working and starting a family, and the distance learning requirements created a highly structured and engaging format, requiring students to be involved in the subject matter almost daily.

Michelle Welsh

When I started to look for graduate programs, I had been out of school for 11 years. I have a very demanding job, so I needed a program that fit into my already busy lifestyle. The curriculum was complete! They covered everything I could ask for as an aspiring Project/Program Manager, and I was able to use materials taken directly from the courses at my current position. During my time in the program, I was impressed with the level of dedication of the staff and instructors. I have never experience the level of commitment instructors showed helping me learn and improve from my mistakes. My experience at Brandeis GPS laid out a professional path I didn’t even know was there.

Lydia Vanessa Cotto Cora

Apply Online Today

How to Apply

Admission Requirements

To be eligible to apply for admission, students must hold a bachelor’s degree from an accredited U.S. institution or its equivalent.

Students may take up to two courses prior to applying to a degree program. Individuals interested in applying for admission to a master’s degree program are required to apply by the end of their second graduate level course in order for all applicable courses to count towards their degree.

Applications for admission will not be reviewed until all required documents have been received at the GPS office. Admissions decisions are usually made within four to six weeks of receipt of a completed application.

To be eligible for admission, the following documents must be submitted:

  1. Completed online master’s degree applicationNew applicants should use the “Create an Account” option to begin your application process. If you can’t complete your application in one sitting, use the “Save and Complete Later” function. When you have more time, log in (returning users) to finish your application. You will receive a confirmation number when the application is submitted.

    If you have applied for admissions to a master’s degree program, you may login to view the progress of your application file.  You may also contact your Enrollment Advisor or the GPS admissions office.

    Slate Application Center Change

  2. Nonrefundable application fee of $50The application fee may be paid online during the online application process via the university’s secured server. The university accepts Visa, MasterCard, Discover and American Express credit cards. You may also mail a check to the GPS office.
  3. A four-year bachelor’s degree from a regionally accredited U.S. institution or equivalent. 
  4. Official transcript(s) from every college or university attended. 

    Transcript(s) must be submitted in sealed, signed envelopes and mailed directly from your institution to:Online Education Center On Behalf of Brandeis University
    1515 W. Cypress Creek Road
    Fort Lauderdale, FL 33309

  5. Resumé or curriculum vitae 
  6. Statement of Goals 
  7. Letter of recommendation 
    Please note that your letter of recommendation should be requested from a current supervisor, manager, or employer who has the ability to assess your performance in a workplace environment.
  8. TOEFL, IELTS or PTE (for non-native English speakers)
    Applicants whose first language is not English or who have not graduated with a bachelor’s degree from an English-speaking institution in Australia, Belize, the British Caribbean and British West Indies, Canada (except Quebec), Great Britain, Guyana, Ireland, Liberia, New Zealand, or South Africa must take and submit scores for the TOEFL or IELTS, with guidelines and exceptions noted below. Test scores should be no more than five years old.Strong communication skills including the abilities to read and write effectively in English are essential for student success in our programs, particularly our distance learning programs. The purpose of these requirements is to ensure that students are equipped to participate in and perform the work required by their courses.

    TOEFL (Test of English as a Foreign Language): Applicants must achieve a minimum score of 100 on the Internet-based (iBT) TOEFL, with a minimum of 24 on each of the four sub-scores; (or 600 on the paper-based (PBT) TOEFL with a minimum of 58 on the reading and writing sub-scores, and a 4.5 or higher on the essay writing score (TWE).

    IELTS (International English language Testing System): Applicants must achieve a minimum score of 7.0 on the individual band scores for academic reading and academic writing.

    PTE Academic (Pearson Test of English Academic): Applicants must achieve a minimum score of 68 on the PTE Academic English Language Proficiency test.

    All submitted score records must include the segmented point distribution among the parts of the test, along with the total. Scores should be sent directly to the Division of Graduate Professional Studies, using the institutional code 0253.

    Exceptions are made for applicants whose bachelor’s degree was earned in many “American Universities”, such as American University in Cairo or AU in Paris, among others.,

  9. Education Credential Evaluation (if bachelor’s degree was earned outside the United States) 

    Applicants who earned their bachelor’s degree outside the United States must submit their records for a course-by-course evaluation (official transcripts/mark sheets) by Education Credential Evaluators (ECE) of Madison, Wisc. Information regarding the evaluation process is detailed at the ECE Web site. Applicants are responsible for the evaluation fee.

Upcoming Registration and Application Deadlines

  • April 14
Recommended Application Deadline for Summer 2015 
  • April 7 – April 13
Summer Registration Period Begins 
  • April 14 – May 10
Late Registration (Last week for Summer 2015 Registration)
  • May 20
First week of Online Classes (Summer 2015)

Tuition & Payment Options

2013-2014 Academic Year Tuition and Fees (Fall 2013 – Summer 2014)

Tuition and Fees
Graduate course (three credits) $3,150
Late Registration Fee $70
Application fee (master’s or graduate certificate programs) $50
Application to graduate fee $100

Payment Options

Acceptable forms of payment include:

  • Personal check
  • Visa, MasterCard, Discover and American Express credit cards
  • Electronic bank draft

Students must be prepared to pay tuition in full. Student registration will not be considered complete unless full payment of tuition and fees is received.

Course Withdrawal and Refund Policy

Students who wish to cancel their registration and receive a tuition refund must state their intention to withdraw by withdrawing from their course online using SAGE or by completing a course Drop Form and submitting it to the Division of Graduate Professional Studies. Tuition will be refunded according to the following schedule:

  • Withdrawal before the first Wednesday of the term, 100 percent refund
  • Withdrawal between the first Wednesday and following Tuesday of the term, 75 percent refund
  • Withdrawal on or after the second Wednesday of the term, no refund
  • Late Registration Fees are nonrefundable in all cases

Students who wish to receive a refund must submit a request using the Credit Release form. Otherwise, the amount will remain on the student’s account and be applied toward a future tuition payment. Refunds will be in the form of a check and processed within 10 business days. When applicable refund policies of the state where distance learning students reside will be used to calculate any applicable refunds. Click here for state policies.

Tax Deductions

Some students may be eligible for an income-tax deduction or a tax credit. Consult the appropriate state or federal agency or your own tax adviser for further information.

Financial Aid

Federal Loans:

GPS students may be eligible for federal loans as long as they are enrolled in a master’s program, registered for at least two courses each term and actively working toward completing their degree requirements. We do not offer financial assistance in the form of Federal Work-Study, teaching assistantships or other grants. A variety of federal loan programs, including the Federal Direct Unsubsidized Stafford Loan and the Federal Direct Graduate PLUS Loan, may be available to GPS students who meet the above enrollment criteria. The Unsubsidized Stafford loan is not need or credit based, however, the Graduate PLUS loan is credit based.

All students who wish to apply for financial aid must complete a Free Application for Federal Student Aid (FAFSA) online at, and notify GPS in writing of the date on which the FAFSA form is submitted. When completing the FAFSA form, students should list Brandeis University (federal code 002133) as a recipient of the data.

Students requesting financial aid also must complete a Federal Direct Stafford Loan Application for Graduate Professional Studies. This form must be submitted to the Office of Student Financial Services before the start of the term so that loan funds may be applied.

2013-2014 Federal Direct Stafford Loan Application for Graduate Professional Studies (PDF)

If a student would like to apply for a Graduate PLUS loan in addition to the Stafford loan, you can follow the instructions on the Office of Student Financial Services webpage:

Private Loans:

Students who are enrolled in only one class a semester, or who take classes as a non-degree student, may still be eligible for private loans. Private loans are always credit based. To see which loan programs you could be eligible for, we recommend using the website to compare loan options.  We strongly suggest that students also do their own research on private loans as well.

Contact Information:

For more information about loan options and eligibility, please contact Francine Davis in the Office of Student Financial Services at (781)736-3713. We also highly suggest reviewing the Graduate and Professional Studies Financial Aid Instruction Sheet  form for detailed loan application instructions.

Additional Satisfactory Academic Progress Requirement for Students Receiving Financial Aid

Federal regulations require that a student receiving federal assistance make satisfactory academic progress in accordance with standards set by the university. The Division of Graduate Professional Studies is responsible for monitoring academic progress within its graduate programs. To receive federal funding, a student must successfully complete two courses (B- or higher) in each semester in which he or she receives federal loans. If he or she fails to successfully complete two courses in a semester in which he or she receives federal loans, he or she will be allowed to receive federal loans for the next semester but will be placed on probation. If he or she fails to successfully complete two courses during the probationary semester, he or she will lose eligibility for federal loans from this point forward. A student may submit an appeal if there are extenuating circumstances that prevented him or her from successfully completing coursework for two subsequent semesters.

Employer Reimbursement

Many employers offer some form of tuition reimbursement to their employees. Contact your company to determine tuition benefits. Please be advised that tuition reimbursement constitutes a private arrangement between employer and employee. Full payment of tuition and fees must be received upon registration, regardless of the terms of such an arrangement between the employee and employer. If you need a financial statement for reimbursement purposes, you may submit a request online using the Request Itemized Statement form.

Once you have submitted an application for admission, your application will be processed within 24 to 48 hours of receipt. However, your application file will not be reviewed for admission until the Graduate Professional Studies (GPS) office has received all required documents.

If you have applied for admissions to a master’s degree program, you may login to GPS Application Management Center to view the progress of your application. You may also contact your Enrollment Advisor or the GPS admissions office.

The admissions committee typically makes admissions decisions within four to six weeks of receiving a completed file. Decision letters are mailed to all applicants.

Application Note

How many letters of recommendation are required?

Only one letter of recommendation from an employer/supervisor or instructor is required. You may submit additional letters of recommendation if you wish.

Please note that your letter of recommendation should be requested from a current supervisor, manager, or employer who has the ability to assess your performance in a workplace environment.

Are the GREs or GMATs required for admission?


When can I apply for admission?

GPS offers rolling admission; however, there are recommended deadlines if you are seeking admission for a specific semester. Those deadlines are June 15 for fall admission, Oct. 15 for spring admission and Feb. 15 for summer admission. Students wishing to pursue a master’s degree must apply by the end of their second course.

Do I have to enroll in a GPS course prior to applying to a program?

No, you may apply for admission without enrolling in a GPS course. Please refer to the Apply for a Master’s Degree page for eligibility requirements.

I completed my undergraduate degree outside the United States. Must I have my marksheets/transcripts evaluated?

Yes, all students who studied outside of the United States must complete a course-by-course evaluation through Educational Credential Evaluators. If you completed a graduate degree at a U.S.-accredited institution, you will not be required to complete a course-by-course evaluation of your undergraduate degree.

I have my own copy of my transcripts. Is this acceptable to submit for admission?

No, only official copies of transcripts sent directly from your college/university in sealed, signed envelopes to the Graduate Professional Studies offices are acceptable. If you studied outside of the United States, notarized copies of your official transcript may be accepted.

Are the programs offered by GPS full-time or part-time?

GPS programs are only offered part time, with courses available in the evenings (on campus) or online.

How long does it take to receive an admissions decision?

Admissions decisions are typically reached by the Admissions Committee within four to six weeks of receiving a completed application.

Next Virtual Open House

Please join us for our next Virtual Open House (VOH). Check out our Admissions Events to see a listing of program-specific Virtual Open Houses. Connect with Brandeis GPS Program Chairs and Staff.

Admissions Events

Get Advice

Brandeis GPS is committed to giving our student the help they need to navigate their degree programs. From the moment you begin the application process to the day you receive your degree, our advising staff is there to support you. Schedule a call with an enrollment advisor today.

Schedule a Call

Request More Info

All fields required.


By clicking submit above, I agree Brandeis University may email me or contact me regarding educational services by telephone and/or text message utilizing automated technology at the telephone number(s) provided above. I understand this consent is not required to attend Brandeis University. If I reside outside the U.S., I consent to the transfer of my data to the U.S. Brandeis University’s privacy policy governs the submission and handling of this data.