I am working on a magazine article on the job roles of ethical hackers. It
is supposed to include what an ethical hacker does, the skills and
certifications that might be required, and the typical career path. I
wanted to see if anyone on the list could provide some useful information.
Here is what I have so far.
Skills:
Knowledge of a number of programming languages, such as C, C++, Perl, and
Python
Intimate knowledge of networking protocols, especially the TCP/IP suite
The ability to think ?out of the box?
Certifications:
CEH, ECSA, and LPT from EC-Council - I also mention that the validity of
these certifications has been questioned recently
Certified Pen Testing Specialist (CPTS) from mile2
OSSTMM Professional Security Tester Accredited Certification (OPST) from
ISECOM
Background:
I wasn?t really sure here. I?m sure that ethical hackers/penetration
testers come from a variety of backgrounds in the IT field. I specifically
mention programmers and network administrators.
Career Opportunities:
This is another area I am not real sure on. I mention penetration tests as
the primary job role with a penetration test defined as trying to gain
illicit access to a network for purposes of finding and resolving problems
before the bad guys. (I?m trying to keep it simple.) Of course, most often
a penetration tester would either be an independent contractor or work for a
security service provider.
I am extremely concerned with making sure that I provide accurate
information in this article, so any corrections or additions to what I have
here would be greatly appreciated. Depending on the response I get, I might
quote the reply in the article, with the permission of the author.
Thanks,
Steve Fletcher
MCSE (NT4/Win2k), MCSE: Security (Win2k), HP Master ASE, CCNA, Security+
Email: safletcher@insightbb.com
Web: http://safletcher.home.insightbb.com
