MC Blogs

Insights from Head of Coaching

18.08.2023 Today’s Insights on Ethical Hacking (AKA Information Security) Careers from Springboard Tech Blog

18.08.2023 Today’s Insights on Ethical Hacking (AKA Information Security) Careers from Springboard Tech Blog
Dear Students,
 
Has the term “ethical hacker” ever struck you as an oxymoron?
 
“Well, yes,” you might think, “and that’s exactly what makes the idea so much fun! I can poke and prod a company’s computer system as much as I’d like, trying to break through all of its cybersecurity measures, all the while knowing that I’m doing it for a morally-correct reason – to help my global employer to protect itself!”
 
Ethical hacking careers are on the rise, and they may well appeal to you or one of your friends, who have been tinkering with such projects perhaps since high school or earlier. With ethical hacking events regularly conducted both online and in-person, why not check out this professional direction?
 
As the Springboard blog highlights, there are a variety of roles to consider in this space:
 
“Ethical Hacking Job Titles
 

Here’s an overview of some of the most common job titles related to ethical hacking.

Penetration Tester

A penetration tester is a computer and network security professional who tests the security of computer systems, networks, applications, and systems by simulating real-world phishing attack scenarios. Penetration testing is used to identify vulnerabilities and assess the safety of a system or application. 

Vulnerability Analyst

A vulnerability analyst is a cybersecurity specialist who identifies, analyzes, and assesses the risks posed by vulnerabilities and advises the organization on ways to mitigate these risks. Vulnerability analysts are also responsible for reporting security incidents.

Security Auditor

Security auditors evaluate an organization’s security policies and procedures, network architecture, and security systems to identify potential security weaknesses and recommend corrective measures to improve security. They also review audit logs and investigate any security incidents that occur.

Information Security Analyst

An information security analyst is responsible for developing policies and procedures to ensure the safety of sensitive data, and they may also suggest hardware and software upgrades to improve security.”

While becoming an ethical hacker may seem fairly straightforward (assuming the appropriate technical expertise is in place), our Mandarin Consulting coaches also want to ensure that eager new grads like you recognize the critical power skills required for success in this field. As author Maria Muntean reminds aspiring talent like you, In addition to technical skills, ethical hackers must be creative and have problem-solving skills. They must also have good communication skillsand a strong sense of ethics. Moreover, ethical hackers must understand the organization’s security policies and procedures to identify potential threats and vulnerabilities.”
 
To this essential list, we will also add the following skills, that students like you will develop in the MC coaching process:
  • Critical thinking – ability to ask the right questions, challenge patterns and assumptions and approach current and potential issues in unintuitive ways
  • Initiative – willingness to present a case/argue on behalf of a personally-established theory, concept or idea that may resolve an existing problem
  • Innovation – competency in “seeing past” the traditional routes for addressing a bug and devising a creative work-around, new approach, etc.
  • Teamwork – skill in enlisting experts to partner on time- or politically-sensitive issues requiring an “all-hands-on-deck” effort
  • Resourcefulness – receptivity to learning new angles that haven’t been previously tried, but could be explored given existing tools, in-house knowledge, etc.
  • Persistence – openness to taking the “Edison” approach, of identifying the “9,999 ways that didn’t work” until the 10,000th way succeeds
  • Learning agility – commitment to using the aforementioned persistence in both linear and non-linear fashion, to identify a solution
  • Continuous learning orientation – dedication to staying abreast of new hacking approaches, both ethical and unethical, to enhance personal and team effectiveness
  • Commercial awareness – remaining business-driven, staying tightly-focused on how the problem relates to the business or function vs getting distracted by the next shiny new technology
  • Leadership – courage to speak out about serious concerns requiring immediate solutions, and stepping up to recommend appropriate steps
…and many others.
 
For candidates like you, who are eager to contribute to a global organization in this increasingly valuable arena, the Bureau of Labor Statistics endorses such pursuits, writing that: “…information security experts will employ 33% more individuals by 2030, which is far quicker than projected.”
 
(And a career in the information security space is indeed a way to “do well by doing good,” from a financial perspective, as well!)
Wishing you a safe and hack-free weekend.