This article was published on July 14, 2022

How to develop a lucrative career as an ethical hacker

It's time to join the dark side


How to develop a lucrative career as an ethical hacker

This article was originally published on .cult by XSS Rat. .cult is a Berlin-based community platform for developers. We write about all things career-related, make original documentaries, and share heaps of other untold developer stories from around the world.

Cybersecurity is like any field of discipline, there are a range of jobs with many different skills you can specialize in. You could be a malware analyst, a pentester, a freelance hacker, and everything in between. But in order to prove your ethical hacking skills and knowledge, you’ll need to acquire a couple of industry-backed hacking certifications.

There are loads of ethical hacking certifications out there, but not all are going to apply to you and your cybersecurity specialization — especially when starting out!

So to help you save some confusion, I going to explain some of the most popular ethical hacking certifications and which pathways and roles they apply to. Then I’ll talk about other ways to certify yourself in the infosec community! Hopefully, with this article, you’ll get a clearer idea of how to become a certified ethical hacker.

NOTE: Before we dive in, let me explain the two main categories that differentiate ethical hacking jobs. We have Red Teaming which is the offensive side of hacking, and Blue Teaming which is the defensive side of hacking. Now, this is the first step in your hacking journey, think about where your skills lie and what interests you the most, then choose a side!

Best ethical cybersecurity certifications

Cybersecurity and hacking certifications will be important if you’re pursuing a career in the infosec industry. Like I said before, there are a lot of certifications to choose from and, if you’re just starting out, you should start with the most important and recognised ethical hacking certifications. I’ll go through the top five cybersecurity certifications and explain a little about what you can expect and who they’re for.

1. Offensive security certified professional (OSCP)

At number one, we have the OSCP. This certification is one of the most recognised cybersecurity certifications in the community. If you’ve successfully completed the examination, you’ll be able to prove to employers that you can hack five machines within 24 hours.

Now, it’s not an entry-level certification, you’ll have to be quite prepared and ready to get creative with your problem-solving. I recommend this certification if you’re interested in red teaming and more specifically pentesting servers rather than websites.

Who is it for?

  • Infosec professionals transitioning into penetration testing
  • Pentesters seeking an industry-leading certification
  • Security professionals
  • Network administrators
  • Other technology professionals

What to expect on the day:

  • 24-hour exam
  • Proctored
  • You should have a solid understanding of TCP/IP networking
  • Reasonable Windows and Linux administration experience
  • Familiarity with basic Bash and/or Python scripting

Learn more about the exam

2. Certified Ethical Hacker (CEH)

So the CEH has garnered a bit of a bad reputation in the past, but recently I think with version 11 the certification has redeemed itself. They’ve made a bunch of updates, now you’ll find a very modern and practical exam that the industry again recognizes and appreciates. You can also achieve mastery with the addition of the 6-hour practical examination to further show your hacking proficiency.

The exam for the CEH certification will test your skills in Information Security Threats and Attack Vectors, Attack Detection, Attack Prevention, Procedures, Methodologies, and more. The syllabus looks similar to OSCP but also contains things like Cloud computing and Operation technology. The exam contains 125 questions over the span of 4-hours plus the six-hour practical challenge for those looking to attain mastery. This cybersecurity certification is going to be a requirement for red teaming jobs.

Who is it for?

  • Information Security Analyst/Administrator
  • Information Assurance (IA) Security Officer
  • Information Security Manager/Specialist
  • Information Systems Security Engineer/Manager
  • Information Security Professionals/Officers
  • Information Security/IT Auditors
  • Risk/Threat/Vulnerability Analyst
  • System Administrators
  • Network Administrators and Engineers

What to expect on the day:

  • Number of Questions: 125
  • Test Duration: 4 Hours
  • Test Format: Multiple Choice
  • Test Delivery: ECC EXAM, VUE
  • Exam Prefix: 312-50 (ECC EXAM), 312-50 (VUE)

3. Certified Information Systems Security Professional (CISSP)

At number three we have the first blue team hacking certification. This certification is for hackers who aspire to build structures and systems that other hackers will later attack! The CISSP is an industry recognized program proving you have what it takes to effectively design, implement, and manage a best-in-class cybersecurity program.

The exam takes six hours and includes a mix of multiple-choice and advanced innovative questions. You’ll find plenty of training resources to get you prepared for the exam, but just make sure the certification aligns with your career goals, it’s really not for everyone and is targeted for more experienced hackers and cybersecurity professionals.

Who is it for?

  • Chief Information Security Officer
  • Chief Information Officer
  • Director of Security
  • IT Director/Manager
  • Security Systems Engineer
  • Security Analyst
  • Security Manager
  • Security Auditor
  • Security Architect
  • Security Consultant
  • Network Architect

Requirements:

  • Have a minimum of five years’ experience in two or more of the eight CBK domains.
  • Pass the CISSP examination.
  • Complete the endorsement process and subscribe to the (ISC)² Code of Ethics.
  • Maintain certification through continuing professional education (CPE) credits.
  • Source: https://www.itgovernance.eu/de-de/cissp-de

4. CompTIA Security+

What’s cool about this certification is that it’s approved by the US Department of Defence! Coming from a government agency, you can be sure they assess every detail to make sure things are in order and secure.

The exam itself consists of around 90 questions with a duration of 90 minutes. Do not underestimate this certification though. It takes hard work and practice to pass this exam — even though it’s shorter than the other exams mentioned. That being said, this is an entry-level cybersecurity certification for ethical hackers, as it focuses on the core cybersecurity skills needed in the profession. The CompTIA Security+ is for red teamers.

Who is it for?

  • Security Administrator
  • Systems Administrator
  • Helpdesk Manager / Analyst
  • Network / Cloud Engineer
  • Security Engineer / Analyst
  • DevOps / Software Developer
  • IT Auditors
  • IT Project Manager

What to expect on the day:

  • Number of Questions: 90
  • Test duration: 90 minutes
  • Test Format: Multiple Choice
  • Passing Score 750 (on a scale of 100-900)
  • Recommended Experience: CompTIA Network+ and two years of experience in IT administration with a security focus

5. eLearnSecurity Junior Penetration Tester (eJPT)

The eLearnSecurity Junior Penetration Tester is a cybersecurity certificate for beginners. Its main focus is making sure you’re comfortable with penetration testing and information security essentials. The great thing about it is that it’s not a theory-based exam. Instead, you’re expected to perform an actual penetration test on a corporate network. So if you successfully complete the exam, you’ll be able to prove yourself in the real world.

This cybersecurity certification is usually the first stepping stone for cybersecurity professionals and hackers. All you need to get started is a VPN and a stable internet connection — oh yeah, and $200… This is a red team certification.

Start building your social media presence

It doesn’t matter where you are in your journey, social media is going to be important. While exams and tests certify you on paper, in the real world you’ll need to be certified by other people. Social media is a great way to do that!

Not only is it great for engaging with the infosec community but it’s a great way to connect with recruiters and future employers. Recruiters are all over social media, having a presence can make you stand out from the crowd or just show your passion and enthusiasm for hacking.

LinkedIn — this is where you’ll find most employers and recruiters. If you don’t have one already, create a page and make it shine by filling in all those details! Put everything there, even things like community or volunteer work. Make sure to add any of those cybersecurity certifications we just talked about as well, it doesn’t matter if it was a free course or through Udemy, put it up there. Languages are also going to be super attractive to recruiters, even if you’re inexperienced being bilingual will double your chances!

Medium — I don’t know if this is considered a social media site, but whatever. Writing and posting about it is a great way to document your journey. It’s a paper trail. It’s evidence of social proof which is obviously far better than just saying you know how to do something. It’s also a great way to learn and cement your understanding. Believe it or not, a lot of people have actually found me through my Medium account.

Twitter — Twitter is more about building and engaging with a community. You can use it to network or create an awesome community around you. Again, having a community and being engaged is social proof to a future employer. It doesn’t take a lot of effort, just make sure you post regularly and share information that helps!

YouTube — A good way to show your love for the community is by making videos about the things you learned. It’s one thing to know how to do something and another to be able to explain/teach it. You really need a rock-solid understanding of what you’re talking about. I find that when I make videos it refines my hacking skills and knowledge.

Here is a list of websites I recommend getting an account on to increase your chances of standing out:

  • LinkedIn – For showing the world who you are and what you know
  • Blogging – For knowledge sharing in the form of a written blog, usually with more in-depth information than youtube
  • Youtube – For knowledge sharing in the form of more shallow informational videos
  • Twitter – For knowledge sharing when posting short tweets or promoting other posts on medium for example
  • Facebook – For knowledge sharing when posting tips and tricks around hacking
  • Reddit – For knowledge sharing, but be careful to post in the correct subreddit
  • Github – For storing your projects

3. Community work

Doing any kind of voluntary work shows commitment — if you can relate the work to cybersecurity, it’s a bonus. Sometimes I sell course bundles and give 100% of the profit to Brothers Of Solidarity or Innocent Lives Foundation. These guys do a great job at taking care of homeless people in Brussels, which is a huge issue.

When you show this kind of work it indicates to future employers that you’re committed to what you do and are willing to go above and beyond to bring out the best version of yourself and others. It doesn’t have to be huge, even small things can make a difference. Collect garbage or volunteer at an animal shelter — get out there and show your human side!

4. Networking is very important

You don’t have to do it all alone. When you’re alone you’re easy to push over, when you’re part of a bond it’s much harder to fall. As a hacker, you never know when you’ll need someone with a different specialty until you need them!

Networking within the hacking community is easier than ever thanks to social media, forums, and online groups. I joined a Slack group called ‘The W0lf Pack’ and I can honestly say the group has contributed so much to who I am today. I met new friends and joined hacking competitions, I also started my YouTube channel to answer all the questions I kept getting. Since then I’ve moved into some discord channels where we hackers help each other out!

There are so many opportunities to network, you can attend meetups, and conventions or stick to the online communities. I’ve met a host of wonderful people at events, most of whom I’m still in contact with 10 years later!

Places you can start networking

A great place to start networking is in the regular events that HackerOne organises both virtually and online.

Another great place to meet similarly minded people is in a hackerspace. A hackerspace can be any room where hackers and tinkerers gather to explore their hobbies and while initially, it might seem daunting, it’s worth exploring. Some of the best work I’ve done is with other hackers found through sites like hackerspace.

Another place you might not think to look is in the free training events in your area! In my area, there are several venues that offer free or heavily discounted courses mostly aimed towards self-improvement and soft skills. Everyone is at these courses to learn, but also to have a good time and support their own network.

If none of these options sound appealing or if you’re wondering how you can find more virtual or real-life conferences and meetups, try using Meetup. If you’re in a city you’ll certainly find a like-minded group!

If you want to stick to online learning and networking, try Discord. There are a bunch of practice groups for newcomers, here are a few to start with:

https://discord.com/invite/tryhackme
https://discord.com/invite/hackthebox
https://discord.com/invite/offsec3

5. Capture The Flag (CTFs)

CTFs are games where hackers fight to see who can solve different challenges first. It’s a great way to put your skill to practice and learn from more experienced hackers. You can do it solo but I suggest you join a team and try to participate in some CTFs. Who knows, you might even rank! It’s great fun, plus employers are sure as hell to notice.

While participating in a CTF you can come across any hacking challenge relating to a web application or server. There’s a hell of a lot you can learn in these real-world learning challenges plus it shows a hunger to grow in your role!

Make your resume stands out!

I can’t stress this enough! In my role, I also have the pleasure of assessing resumes that land on my desk. And I hate it when I see just a list of cybersecurity certifications and places they’ve worked — I don’t care if it’s flashy. I personally don’t think a resume needs to look fancy as soon as you can show me something interesting from your background. Do you have a website or YouTube channel?

It’s not always about being a certified ethical hacker, there are other great ways to stand out from the crowd even if you don’t have a lot of experience.

Get the TNW newsletter

Get the most important tech news in your inbox each week.