Wednesday, 22 October 2014

5 incredible jobs for a Certified Ethical Hacker


By 


EC-Council’s Certified Ethical Hacker certification opens doors for IT security professionals. Take on the CEH and you’ll get comprehensive ethical hacking and network security training – you’ll learn to think (and hack) like a hacker.

And like most certifications, the CEH is only a stepping stone to your dream career. The experience you’ll get from becoming a CEH can be applied across a huge variety of job roles. Let’s take a look at some of the most impressive ones:


1. Penetration Tester 

Average advertised salary - £55,000*


Just like malicious hackers, penetration testers attack IT systems to locate security flaws. But, unlike hackers, penetration testers are White Hats - their aim is to protect systems, not exploit them.

The only difference between penetration testing and hacking is whether you have the system owner’s permission. If you want the thrill of hacking and enjoy the challenge of breaking into networks, penetration testing could be an incredibly rewarding career for you.

"pssst, what's Frank's password?"
If you can find a vulnerability during your simulated real-life cyber-attack, then you’ve earned your wages.

You’ll establish the viability of attack vectors (also known as an ‘attack-surface’), research known vulnerabilities within the client’s hardware and software stacks and identify weaknesses using common hacking tools.

And you might even find yourself using social engineering to legally con client’s employees, e.g. trying to solicit employee passwords from other employees.


2. Forensics Analyst

Average advertised salary - £42,500*


This ultra-modern role involves analysing the way in which intruders breach IT infrastructure. You’ll be assessing the full extent of any malicious breaches in order to identify additional systems / networks that have been compromised.

Investigating the minute traces left by complex Black Hat attacks requires an IT expert proficient in cutting edge forensic and reverse engineering skills. You’ll need to think and act like a hacker in order to identify the ways they breached your client’s system. 

You'll be using a hacker's malware as evidence for his crimes
Image courtesy of Stephen Miles
To be a successful forensic expert you’ll need to master prevention / detection, hacker exploit techniques and reverse engineering of malware.

Perhaps most importantly, you’ll need to stay at the cutting edge of attack methodologies. Hackers won’t get complacent, so neither can you. If you can keep your security knowledge and skills up-to-date, you’ll find success as a Forensics expert.

And whilst many job postings advertise the CEH certification as a desired qualification, EC-Council also offers a specific digital forensics course. It’s called the Computer Hackings Forensics Investigator (CHFI) and will teach you everything you need to know about investigating, recovering and tracking cybercrime.


3. Internet / Network Security Administrator

Average advertised salary - £47,500*


Internet security administrators are responsible for protecting vulnerable computer systems and networks against attack. Also known as security specialists, the security administrator handles all aspects of information security.

You’ll be the go-to professional for all aspects of an organisation’s information security. As well as teaching your colleagues about computer security, you’ll check for security violations, research and install protection software and defend/take action against cyber-attacks.

If the breach is serious, you may even find yourself providing evidence of cyber-attacks to prosecute individuals for breaching security.

You’ll have a great deal of responsibility and as a result, you’ll need good communication skills and the ability to react exceptionally fast to security problems. You might even be expected to work on-call in case of emergencies. 


Pictured above: a visual metaphor for network security.
sidewinder123 / MorgueFile


4. Application Security Architect

Average advertised salary - £65,000*


Application security architects work with development and computer architecture teams to create security applications.

You’ll likely find yourself testing programs for security weaknesses and performing vulnerability scans. You’ll be responsible for creating effective security applications and will work closely with software development teams, providing security guidance and expertise.

To succeed in this role you’ll need great problem solving skills and the ability to anticipate vulnerabilities in new software. And, as with most security roles, you’ll also need a deep understanding and appreciation of emerging cyber security risks.


5. Computer Network Defense Analyst

Average advertised salary - £40,000**


Computer network defence analysts work with cutting edge cyber-security technologies to provide expert opinions on current and emerging network security threats.

Get it? Program...
DogertonSkillhause / MorgueFile
You’ll create security threat analysis reports and briefs that describe the risks of potential threats and the risks these threats may pose to your organisation networks.

Tasks could include:
  • Analysing network traffic to identify anomalous activity
  • Determining appropriate response to anomalous network activity
  • Studying identified malicious activity to determine weaknesses exploited
  • Examine network topologies to understand data flows through the network
  • Provide daily summaries and news, events and activities and distinguish these incidents and events from benign activities.



Secure your dream security job

The CEH certification is great for any information security professional. Secure it (in only 5 days?) and prove you can defend your organisation from malicious attacks; you’ll be well on your way to your dream job.

*data from ITjobsWatch.co.uk
*data from simplyhired.com



About the Author:       
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry.