Are you considering a career as an ethical hacker or are you recently qualified with a CEH certification? Perhaps you are considering a career change or looking for a step up the ladder in your current security job? Here are some answers to your burning questions about the many options in your cybersecurity career (also consider checking this perfect guide for cyber security certification) (as well as the kind of money you can expect as a bona fide, certified ethical hacker).
A much-asked question: how much do ethical hackers make? The short answer, a lot. In fact, more than enough to make up for the cost of getting certified and credentialed.
The certified ethical hacker exam endorses individuals in the network security discipline of ethical hacking from a vendor-neutral perspective. It demonstrates graduates’ knowledge about information gathering, carrying out attack exploits, and social engineering techniques.
Read more about the CEH qualification: What are the Top 7 Security certifications?
What makes the latest version of CEH certification unique is that it focuses on an offensive, rather than a defensive, approach to cybersecurity. New modules for CEH v10 include Vulnerability Analysis, Malware Threats, and IoT Hacking.
Read more about CEH v10: The new CEH v10 (Certified Ethical Hacker)
The CEH certification can be a stepping-stone to a wide range of top-tier positions that require CEH skills, including Information Security Analyst, Computer Forensics Analyst, Homeland Security Specialist, Cyber Security Analyst, Penetration Tester, Security Engineer, Security Auditor, Vulnerability Tester, Information Security Manager, Security Consultant, Intrusion Detection Analyst, and Network Security Analyst, among others.
"The results of different salary surveys often provide only an unhelpfully wide range and can be confusing"
How much do certified ethical hackers make? The certified ethical hacker salary range varies by location, position, organization, and experience. To muddy the waters, the results of different salary surveys often provide only an unhelpfully wide range and can be confusing. Let us unpack the data, primarily provided by Payscale and Indeed, both excellent resources for CEH jobs and to investigate typical salary ranges for qualified ethical hackers.
Entry-level (0 to 5 years) – $50,000 - $100,000
Junior (5 to 10 years) – $100,000 - $120,000
Senior (10 years+) – $120,000+
You can add up to 9 percent to the above salaries if you have passed the CEH exam, and up to 10 percent if you are a certified penetration tester.
Surveys indicate that ethical hacking jobs are paid highest by firms in San Francisco (up to $150 000), and lowest by firms in Minneapolis ($97,000).
California – $103,459
Washington, D.C. – $97,081
Maryland – $93,768
New York – $92,606
Virginia – $92,056
Begging to differ, the United States Department of Labor claims that New York City pays out the highest average salary for CEH professionals ($11,140).
CEH job titles may vary even for the same type of role, but specialization – e.g. networking, applications security, or forensics – may give you an edge on your competitors. You do not have to take on a strictly ethical hacking job to command a high income if you have CEH certification.
Cyber Security Analyst – $48,083 - $118,990 including bonuses (median of $74,716)
Penetration Tester – $50,845 - $127,713 including bonuses (median of $81,097)
Security Engineer – $56,016 - $132,537 including bonuses (median of $88,170)
Information Security Manager – $73,249 - $153,163 including bonuses (median of $108,662)
Information Security Analyst – $48,521 - $107,004including bonuses (median of $70,817)
Forensics Computer Analyst – $42,685 - $118,615 including bonuses (median of $69,460)
Network Security Analyst – $41,361 - $106,829 including bonuses (median of $65,832)
If you look at the salary range for a specific position, e.g. Penetration Tester, you can work out from the above averages what you can expect to command depending on your level of experience:
Entry-level (0 to 5 years) – $50,845
Junior (5 to 10 years) – $50,845 - $127,713
Senior (10 years+) – $127,713+
Besides a CEH qualification, an ethical hacker should have the following skills:
Analytical skills to painstakingly review and dissect large amounts of complex data
Interpersonal and communication skills to clearly convey information to an organization’s stakeholders, often in non-technical language
Problem solving and logic skills to reverse engineer software and break it down into its component parts
Computer language skills to dissect software code and follow processing logic
Advanced knowledge of networks and programming, security protocols and common operating systems, exploits and countermeasures, cryptography and encryption techniques, and telecommunications
Patience to keep making repeated attempts to infiltrate a system, much as a black-hat hacker would by, for example, attempting to crack passwords
Software skills to quickly learn how to use new tools and applications, e.g. port scanning tools or penetration testing techniques
Social engineering and psychological insights to be able to “get into the mind of a black-hat hacker”
Conceptual understanding of cybercrime terminology and common threats
Reported by Reuters, a study by Stratistics MRC (paypwall) found that the Global Security Testing Market accounted for $3.36 billion in 2016 and was expected to reach $11.97 billion by 2023.
If you want to jump on the bandwagon, and are new in the cybersecurity game or have a grand ambition to become a digital super sleuth, you can get a good idea of your future financial prospects in the industry by doing a browser search on “cyber security jobs entry level salary” or “cybersecurity starting salary.”