The term "hacker" is often associated with illegal online activity. However, there are hackers who perform 100 percent legal services, which are based on evaluating the information infrastructures of companies. For those who hold the Certified Ethical Hacker certification from the EC-Council, there are several jobs to consider that come with attractive compensation. Some of the most common jobs for hackers holding the CEH certification include computer forensics, incidence response, penetration testing and security analysis. Penetration testing is the most common job for new hackers, but some later advance to become engineers or take on a wider variety of tasks.
Penetration Testing
Penetration testing, which is commonly called pentesting, involves several different methods of scanning servers, databases, network devices and software. A penetration tester or pentester must be hired by a company or have permission to access its information system. The goal of a tester is to thoroughly check the company's system for any vulnerabilities that might allow malicious hackers access to sensitive information. Network mapping is used to gain access to the company's computers, routers, switches, firewalls and servers. Ethical hackers may also test Internet sites and databases. When a penetration tester finishes his or her duties, a report is created to explain any vulnerabilities to the hiring company.
Incident Response
Ethical hackers who work in incident response deal with security breaches. To be successful in this type of work, ethical hackers must stay current with the latest threats. They must also analyze threats and understand how to deal with them. However, incident response involves more than just analyzing. Hackers must know how to prepare for attacks, contain them, defeat them and help a company recover afterward. In addition to being beneficial to hiring companies, the information ethical hackers gather from their analysis of attacks is useful to them for preventing future incidents with the same client or other clients.
Computer Forensics
For ethical hackers, this job is often similar to incidence response when a crime has occurred. Computer forensics specialists work with investigators to determine how reliable digital evidence is, and they assist in collecting evidence. They may use lab searches or work on site. After obtaining evidence, forensics specialists analyze the data to prepare for trial. They may also collect statements or set up interviews when needed.
Security Analyst
These hackers are responsible for ensuring the integrity and security of data. This is normally a job held only by experienced ethical hackers. They are responsible for protecting all of a company's most sensitive data, and they are required to ensure systems have solid enough security to prevent any attacks. To be successful, an analyst must be knowledgeable about every aspect of information security within a company. The main job of a security analyst is to review the security measures of a company to determine if they are effective. Most of these professionals work with IT employees and business administrators within the companies that hire them. In the event that there are any breaches, a security analyst must also create documentation to assist hiring parties in dealing with such issues.
Engineers may also perform the duties of security analysts. Both positions come with the largest amounts of responsibilities and the widest ranges of tasks. In the United States, ethical hackers may earn annual salaries as low as $55,000 to more than $80,000. Pay rates increase with years of experience, and many ethical hackers with more than 20 years of experience can expect to earn six-digit salaries. As a rule, the higher-paying jobs are in larger cities.
Get information on our certified ethical hacker certification training!