certified ethical hacker (CEH)
Certified Ethical Hacker (CEH) is a professional designation to describe hackers that perform legitimate services for organizations and IT companies. A certified ethical hacker is a skilled individual who uses the same knowledge and tools as a malicious hacker, but who does so in a lawful and legitimate manner to assess the security risks of a network or system.
Typically the CEH understands and knows how to look for weaknesses and vulnerabilities and will assess the security of computer systems, using penetration testing techniques.
Certified Ethical Hacker (CEH) Checklist
Jump to a topic in this article:Certified Ethical Hacker Job Description
How Do You Become a Certified Ethical Hacker?
Typical CEH Job Duties and Responsibilities
The main goal of a CEH is to prevent unauthorized intruders from penetrating computer systems they work with. To successfully do this, the CEH remains up to date on new software and hardware and the latest security threats including viruses, trojans, and other malware. They create scripts that will simulate network security breaches, to test both current and future network additions. These breaches or attempted breaches are reported in detail and analyzed to create a risk assessment.
The CEH must be completely familiar with the business operations and infrastructure of the company in order to ensure that damaging information is not accessed by intruders. This is essential in determining the client's security needs and effectiveness.
Part of the role of the CEH is to consult with clients; therefore strong interpersonal and customer service skills are required. The security assessments must be explained to the clients or managers, and shared with coworkers and other information security professionals. Due to the nature of the job, thorough problem solving skills are vital. Creating forward-thinking strategies to combat security system problems and writing computer programming code are fundamental skills required for the day to day duties of the Ethical Hacker.
Obtaining a bachelor's degree in computer science or another related field is a necessity to become a certified ethical hacker. Many employers require a CEH Certification or similar certification to enter the cyber security field as experts. Familiarity with a range of different programming languages and experience with coding is vital. It is not uncommon to see former "black hat" hackers, or hackers who illegally accessed data or attacked networks, to become CEHs. They know and understand cyber threats and can offer protection as opposed to attacks in the security of corporate networks.
Often, CEH professionals are required to conduct testing and risk assessment via scripts. For this reason a strong technical knowledge in several of these areas: tools, testing methodologies, security concepts, network architecture, programming languages, and computer architecture is desirable. Prospective employers also look for individuals with experience using tools such as NMAP, NESSUS, Wireshark, Metasploit, Nexpose, Whitehat and those with knowledge and experience in malicious software techniques and defenses.
Many online job ads highlight the following key skills, responsibilities and work demands when applying for the position of BI developer:
- Internal / external vulnerability assessment and penetration tests
- Application testing and penetration testing
- Exploiting SQL injection, cross-site scripting, parameter manipulation, session hijacking
- Social engineering assessments
- Wireless security assessment
- Network device configuration review
- Technical security assessments (Windows/Unix Based, Firewalls, Routers, Servers, etc)
- Develop low-level tools that improve security testing and monitoring
- Deliver detailed reports to different team members and executives that document security findings
- Analyze and recommend remediation strategies that will address vulnerabilities and mitigate risks
- Review and hire vendors to incorporate security systems
- Maintain current knowledge and expertise with relevant security, IT environment, and industry IT trends
- Set up security policies that help personnel use best practices
- Train staff and personnel on best practices for network security
Certified ethical hacking positions are challenging, interesting and pay well, due to the nature of the job and the expertise required. The average annual pay to a Certified Ethical Hacker is $71,331. Salary ranges from $24,760 to $111,502, however bonus payouts can be between $0.00 and $17,500, and therefore the total salary is approximately between $24,760 and $132,322 (USA 2018).
Similar jobs include the following:
- Security consultant
- Threat and vulnerability manager
- Cyber security consultant
- Information security specialist.
Webopedia's Top 10
IT Solutions Builder TOP IT RESOURCES TO MOVE YOUR BUSINESS FORWARD
Which topic are you interested in?
What is your company size?
What is your job title?
What is your job function?
Searching our resource database to find your matches...
Stay up to date on the latest developments in Internet terminology with a free newsletter from Webopedia. Join to subscribe now.
The following coding and IT boot camp facts and statistics provide an introduction to the changing trends in education and training programs. Read More »Top Cloud Computing Facts
The following facts and statistics capture the changing landscape of cloud computing and how service providers and customers are keeping up with... Read More »Texting & Chat Abbreviations
From A3 to ZZZ this guide lists 1,500 text message and online chat abbreviations to help you translate and understand today's texting lingo. Read More »
Java is a high-level programming language. This guide describes the basics of Java, providing an overview of syntax, variables, data types and... Read More »Java Basics, Part 2
This second Study Guide describes the basics of Java, providing an overview of operators, modifiers and control Structures. Read More »Network Fundamentals Study Guide
Networking fundamentals teaches the building blocks of modern network design. Learn different types of networks, concepts, architecture and... Read More »