How much can a Certified Ethical Hacker earn in 2018?


Are you considering a career as an ethical hacker or are you recently qualified with a CEH certification? Perhaps you are considering a career change or looking for a step up the ladder in your current security job? Here are some answers to your burning questions about the many options in your cybersecurity career (also consider checking this perfect guide for cyber security certification) (as well as the kind of money you can expect as a bona fide, certified ethical hacker). 

A much-asked question: how much do ethical hackers make? The short answer, a lot. In fact, more than enough to make up for the cost of getting certified and credentialed. 

What is the CEH certification? 

certified ethical hacker
Image source: Security by IAmMrRob. Licensed under CC BY 2.0

The certified ethical hacker exam endorses individuals in the network security discipline of ethical hacking from a vendor-neutral perspective. It demonstrates graduates’ knowledge about information gathering, carrying out attack exploits, and social engineering techniques. 

Read more about the CEH qualification: What are the Top 7 Security certifications? 

What makes the latest version of CEH certification unique is that it focuses on an offensive, rather than a defensive, approach to cybersecurity. New modules for CEH v10 include Vulnerability Analysis, Malware Threats, and IoT Hacking. 

Read more about CEH v10: The new CEH v10 (Certified Ethical Hacker)

Ethical hacking job titles and career paths 

Ethical hacking job titles and career paths
Image source: Cyber Security by TheDigitalArtist. Licensed under CC BY 2.0

The CEH certification can be a stepping-stone to a wide range of top-tier positions that require CEH skills, including Information Security Analyst, Computer Forensics Analyst, Homeland Security Specialist, Cyber Security Analyst, Penetration Tester, Security Engineer, Security Auditor, Vulnerability Tester, Information Security Manager, Security Consultant, Intrusion Detection Analyst, and Network Security Analyst, among others. 

What is the salary range for CEH certification jobs? 

What is the salary range for CEH certification jobs?
Image source: Hackers-lab by Wikimedia Commons. Licensed under CC BY 2.0

"The results of different salary surveys often provide only an unhelpfully wide range and can be confusing"

How much do certified ethical hackers make? The certified ethical hacker salary range varies by location, position, organization, and experience. To muddy the waters, the results of different salary surveys often provide only an unhelpfully wide range and can be confusing. Let us unpack the data, primarily provided by Payscale and Indeed, both excellent resources for  CEH jobs and to investigate typical salary ranges for qualified ethical hackers. 

Based on years’ experience 

  • Entry-level  (0 to 5 years) –  $50,000 - $100,000 

  • Junior (5 to 10 years) – $100,000 - $120,000 

  • Senior (10 years+) – $120,000+ 

You can add up to 9 percent to the above salaries if you have passed the CEH exam, and up to 10 percent if you are a certified penetration tester. 

Based on location 

Surveys indicate that ethical hacking jobs are paid highest by firms in San Francisco (up to $150 000), and lowest by firms in Minneapolis ($97,000). 

  • California – $103,459 

  • Washington, D.C. – $97,081 

  • Maryland – $93,768 

  • New York – $92,606 

  • Virginia – $92,056 

Begging to differ, the United States Department of Labor claims that New York City pays out the highest average salary for CEH professionals ($11,140). 

Based on job title 

CEH job titles may vary even for the same type of role, but specialization – e.g. networking, applications security, or forensics – may give you an edge on your competitors. You do not have to take on a strictly ethical hacking job to command a high income if you have CEH certification. 

  • Cyber Security Analyst – $48,083 - $118,990 including bonuses (median of $74,716) 

  • Penetration Tester – $50,845 - $127,713 including bonuses (median of $81,097) 

  • Security Engineer – $56,016 - $132,537 including bonuses (median of $88,170) 

  • Information Security Manager – $73,249 - $153,163 including bonuses (median of $108,662) 

  • Information Security Analyst – $48,521 - $107,004including bonuses (median of $70,817) 

  • Forensics Computer Analyst – $42,685 - $118,615 including bonuses (median of $69,460) 

  • Network Security Analyst – $41,361 - $106,829 including bonuses (median of $65,832) 

If you look at the salary range for a specific position, e.g. Penetration Tester, you can work out from the above averages what you can expect to command depending on your level of experience: 

  • Entry-level  (0 to 5 years) –  $50,845 

  • Junior (5 to 10 years) – $50,845 - $127,713 

  • Senior (10 years+) – $127,713+

Are you the right fit for current certified ethical hacker jobs? 

Are you the right fit for current certified ethical hacker jobs?
Image source: Multi-tasking by mohamed_hassan. Licensed under CC BY 2.0 

Besides a CEH qualification, an ethical hacker should have the following skills: 

  • Analytical skills to painstakingly review and dissect large amounts of complex data 

  • Interpersonal and communication skills to clearly convey information to an organization’s stakeholders, often in non-technical language 

  • Problem solving and logic skills to reverse engineer software and break it down into its component parts 

  • Computer language skills to dissect software code and follow processing logic 

  • Advanced knowledge of networks and programming, security protocols and common operating systems, exploits and countermeasures, cryptography and encryption techniques, and telecommunications 

  • Patience to keep making repeated attempts to infiltrate a system, much as a black-hat hacker would by, for example, attempting to crack passwords 

  • Software skills to quickly learn how to use new tools and applications, e.g. port scanning tools or penetration testing techniques 

  • Social engineering and psychological insights to be able to “get into the mind of a black-hat hacker” 

  • Conceptual understanding of cybercrime terminology and common threats 

What’s next? 

Reported by Reuters, a study by Stratistics MRC (paypwall) found that the Global Security Testing Market accounted for $3.36 billion in 2016 and was expected to reach $11.97 billion by 2023.

If you want to jump on the bandwagon, and are new in the cybersecurity game or have a grand ambition to become a digital super sleuth, you can get a good idea of your future financial prospects in the industry by doing a browser search on “cyber security jobs entry level salary” or “cybersecurity starting salary.” 

Master the Hacking Skills - Become Certified Ethical Hacker (CEH v10) Now!

About Author
Penny Hoelscher