18.08.2023 Today’s Insights on Ethical Hacking (AKA Information Security) Careers from Springboard Tech Blog
Here’s an overview of some of the most common job titles related to ethical hacking.
Penetration Tester
A penetration tester is a computer and network security professional who tests the security of computer systems, networks, applications, and systems by simulating real-world phishing attack scenarios. Penetration testing is used to identify vulnerabilities and assess the safety of a system or application.
Vulnerability Analyst
A vulnerability analyst is a cybersecurity specialist who identifies, analyzes, and assesses the risks posed by vulnerabilities and advises the organization on ways to mitigate these risks. Vulnerability analysts are also responsible for reporting security incidents.
Security Auditor
Security auditors evaluate an organization’s security policies and procedures, network architecture, and security systems to identify potential security weaknesses and recommend corrective measures to improve security. They also review audit logs and investigate any security incidents that occur.
Information Security Analyst
An information security analyst is responsible for developing policies and procedures to ensure the safety of sensitive data, and they may also suggest hardware and software upgrades to improve security.”
- Critical thinking – ability to ask the right questions, challenge patterns and assumptions and approach current and potential issues in unintuitive ways
- Initiative – willingness to present a case/argue on behalf of a personally-established theory, concept or idea that may resolve an existing problem
- Innovation – competency in “seeing past” the traditional routes for addressing a bug and devising a creative work-around, new approach, etc.
- Teamwork – skill in enlisting experts to partner on time- or politically-sensitive issues requiring an “all-hands-on-deck” effort
- Resourcefulness – receptivity to learning new angles that haven’t been previously tried, but could be explored given existing tools, in-house knowledge, etc.
- Persistence – openness to taking the “Edison” approach, of identifying the “9,999 ways that didn’t work” until the 10,000th way succeeds
- Learning agility – commitment to using the aforementioned persistence in both linear and non-linear fashion, to identify a solution
- Continuous learning orientation – dedication to staying abreast of new hacking approaches, both ethical and unethical, to enhance personal and team effectiveness
- Commercial awareness – remaining business-driven, staying tightly-focused on how the problem relates to the business or function vs getting distracted by the next shiny new technology
- Leadership – courage to speak out about serious concerns requiring immediate solutions, and stepping up to recommend appropriate steps