I have been focusing primarily on Application Security for the past twenty years, from low-level system code in C to Web applications.
I received formal training in Cryptology back in 1997. (Cryptography, which appears to be a more popular term, and cryptanalysis are both applications of cryptology.)