An ethical hacker career : Tips to gear up for this option


An ethical hacker career : Tips to gear up for this option

Today, the ethical hacker career is a great opportunity worth exploring if you are an information security professional (or plan to become one). Wearing the 'white hat', the ethical hacker has to test security systems and

Continue Reading This Article

Enjoy this article as well as all of our content, including E-Guides, news, tips and more.

By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Safe Harbor

look out for critical vulnerabilities just as hackers do, but for good purposes. If you plan to pursue a career as an ethical hacker, career options in India include those such as becoming a forensic analyst, intrusion analyst, or a security manager. All these jobs are very much in demand. In this column, I'd like to outline some ways in which you can prepare for an ethical hacker career.

To start off with, ethical hacking is also known as penetration testing or intrusion testing. There are multiple ways to get into ethical hacking. You can be an auditor and go on to make a career as an ethical hacker. A good ethical hacker is one who knows technology inside out. He should have knowledge about operating systems and networks. The ethical hacker should understand the working of different protocols and services, as well as how different applications interact with each other. In case of a security incident, he should give viable solutions based on his knowledge, experience and industry best practices.

The ethical hacker should be able to scan a system and give out valid suggestions in case of raised vulnerabilities. Also, if you plan to choose a career in ethical hacking, you should understand the used tools, as well as how they work. There are many manuals available for checking the reports, but these are only available at a commercial level. Also, an ethical hacker needs to have programming and scripting knowledge.  At the end of the day, if the ethical hacker is not a techie, he will not understand these aspects, which will cause difficulties in his career.

Ethical hacking certifications available in India
If you plan to pursue the ethical hacker career, certifications are also available to this end. For someone who is looking at an ethical hacking career, certification acts as an advantage. Certifications teach you not only technical aspect, but also the legal angle. If a person isn't certified, there are possibilities that he may face legal problems in case of an incident.

Ethical certifications range from anywhere between a week's time to three months, and cost between Rs 50,000 to Rs 1,50,000. The various ethical hacking certifications available today include:
• Certified Ethical Hacker, a professional certification provided by International Council of E-Commerce Consultants (EC-Council.)
• Certified Hacking Forensic Investigator offered by of E-Commerce Consultants (EC-Council.)
• GIAC certified penetration tester (GPEN),  offered by SAN (security, audit and network)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC certified forensic analyst (GCFA).

These ethical hacking certifications will certainly help you gain knowledge and experience. It will also help you get an entry into the ethical hacking career. However, do remember that just certifications won't help. There's no substitute for hands-on experience.
About the author: Deepayan Chanda is GCIA, CHFI, CEH certified, and is a lead consultant at security practice company.
(As told to Anuradha Ramamirtham)

This was first published in July 2010

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.