I want to be an ethical hacker … what will my salary be?
Job: Ethical hacker
The role: While hackers seek to exploit holes in cybersecurity systems for malicious purposes, ethical hackers are employed by the creators of those systems to help identify vulnerabilities before they can be breached.
Most of the major technology vendors have similar bounty programs that offer cash rewards to those who report vulnerabilities in their system.
While such programs offer one way for ethical hackers to earn an income, many are employed full-time by larger organizations to test systems and software internally, both before and after it is released to the public.
“There’s freelance jobs, there’s jobs as part of a consulting firm and there’s companies that have specific teams in-house who are only built of ethical hackers to test internal systems,”.
Although ethical hackers are often required to submit a report on any liabilities they discover, they are typically not responsible for fixing vulnerability themselves.
Salary: Ethical hackers typically begin their careers earning between $40,000 and $50,000 a year, while those at the top of the field can earn $150,000 to $180,000 annually.
“It doesn’t really matter if you have a computer science degree or a master’s degree, it just matters if you have the skills, if you have a good reputation and you’re constantly finding [vulnerabilities],”.
When major technology vendors update their systems to protect against a newly discovered gap in their defense, they publicly announce the name of the ethical hacker that identified the vulnerability. As a result, salary expectation in the industry is often tied to reputation.
Technology vendors often host events and challenges that offer cash prizes as high as six figures to those that identify previously undiscovered vulnerabilities, which some ethical hackers use to supplement their income.
Education: Those who are yet to receive public recognition for their abilities can instead pursue internationally recognized certification, such as the Certified Ethical Hacker designation offered by the International Council of Electronic Commerce Consultants.
“This can be a good start for someone who wants to learn about ethical hacking and get exposed to different types of network attacks and the tools that can be used for that purpose,”.
“Most of the skilled researchers are self-taught, but it is recommended to start with the basics, like computer science, and then branch out from there,”.
Job prospects: As more companies utilize more advanced technology systems, both within the technology industry and beyond, the need for ethical hackers is only expected to grow .
Furthermore, as a job that can typically be completed remotely, ethical hackers are often not bound by geography or local economic conditions.
Challenges: Playing defence against increasingly sophisticated and well-funded opponents requires ethical hackers to stay on top of quickly evolving industry trends. As a result, “the hardest part is actually just staying up to date.”
The best way for ethical hackers to do so is by participating in industry events and conferences.
Why they do it: While staying up to date on a complex and ever-changing threat landscape has its challenges, most are motivated to enter the industry out of a love for solving complex puzzles and making a positive impact.
Misconceptions: Even with the word “ethical” in the title, many mistakenly associate it with illegal hacking. “Ethical hackers are out there to help make things better, help vendors fix their bugs and help technology owners find vulnerabilities in their system,” .