Careers in Ethical Hacking

Careers in Network Security and Ethical Hacking


orporationsneed trained professionals to ensure that their Internet, Intranet, VPN, network and database systems are safe.Government agencies , including military and law enforcement , need security specialists to keep their own systems safe. In addition, in the ongoing battle against cyberterrorism and cybercrime, security specialists are needed to track down and prosecute hackers, fraud artists and terrorists. Places like the Central Intelligence Agency , the National Security Agency and the Federal Bureau of Information need trained agents who are savvy in computer science.

Consulting firms need security specialists, engineers and technicians to provide professional expertise for corporations and government agencies. Or think about going into business for yourself as an independent security consultant.

Network Security Systems Manager: Manages all network security systems for LAN/WAN, telecommunications and voice systems.

Network Security Administrator: Troubleshoots network access problems and implements network security policies and procedures. Network Security Engineer: Evaluates, designs, integrates and develops computer security systems.

Systems/Applications Security Executive: Develops and implements security standards and procedures to ensure that all applications are functional and secure.

Web Security Administrator: Develops, implements and maintains technologies that keep an organization’s website secure.

Web Security Manager: Creates and maintains security measures to support the information and data security needs of a web site.

High Salaries in IT Security Careers: Network and Internet security are two of the fastest-growing industries around and they need technology graduates immediately

Certifications in Network Security: CEH, CISA, CISSP, CHFI, MSS, SCNP and many more…

Specialising in Net security

Q.I wish to specialise in the field of Internet Security. What is the scope for ethical hacking in India? Where can I get the required training?

A. How do credit card companies acquire foolproof safety? Who ensures safe access to bank accounts over the Net, and security of messages on local computers and servers. Hackers (as opposed to crackers) are the experts whose services are hired by organisations to test the robustness of their network security systems. What differentiates ethical hackers from crackers is that the former are actually paid to find a security breach in an organisation’s network. It is “ethical” or legal because it is done with the client’s permission. With more and more organisations moving their offline transactions online, e-security has emerged as a major issue. Almost every Fortune 500 company employs hackers to protect their critical data from possible cracker attacks. They also educate government, defense services, banks and law enforcement bodies on how to better use technology to get their jobs done securely.

To be a good hacker, you need to be an experienced and intelligent programmer in the first place. You need to know at least one operating system inside out. You have to be comfortable with networking, TCP/IP and various other protocols. There are no shortcuts and the best approach is to get hold of as many technical manuals. You can learn hacking techniques from three main sources: The Net, books, and hacking clubs. However, the best training is on the job, which requires expertise in different tools and techniques.

As a fresher you would require rigorous training on various networking technologies, operating systems, scripting, languages, security tools etc.

Experts in this field command huge salaries. Starting salaries would be higher than standard networking and software professionals.


Thursday, January 14, 2010

What is the entry level post? Network Security Administrator, Application Security Tester, Forensics Tester, Ethical Hacker, Junior Security Auditor, Security Certified Programmer , Security Certified Information User

What is the starting salary?

In India the starting salaries are of the range Rs 15K-50k depending on qualifications. For e. g- A person who has done B. Tech computer science along withh a security certification like MASE will normally get around Rs 30K as a starting salary and a person who has done diplomas etc with security certification like MASE will get around Rs 15K once he completes the probabation period. Then he moves on to drawing higher salaries with time and experience. Security sector is one of the highest paid sector in the world and for India it will be no different. The salaries go up to infinite range and security experts earn 15 lakh per annum and company’s CISO ( Chief Information Security Officer ) earns around Rs 25 lakhs per annum

What is the growth curve like starting as a

fresher,where can he go?

    • Network Security administrator Network Security Manager Security Officer Chief Information Security Officer
    • Ethical Hacker/Penetration Tester Security Consultant and Manager Chief Information Security Officer
    • Application Security Tester Application Security Developer Application Security Manager Chief Application Security Officer
    • Forensics Tester Forensics Manager Forensics head
    • Junior Security Auditor Security Auditor
    • Secured Programmer Security Project Manager

And many more…

CEH Newsletter

Identity Theft 911 Adds Ondrej Krehel as Information Security Officer

SCOTTSDALE, Ariz.–(BUSINESS WIRE)–Identity Theft 911, America’s leading identity management and identity theft education and resolution services provider, has hired Ondrej Krehel as the company’s Chief Information Security Officer. The move will enable Identity Theft 911 to strengthen its internal protections and broaden the company’s data breach preparation and remediation services.

“Ondrej’s extensive technical expertise and hands-on data forensics experience will enhance our client offerings,” said CEO Matt Cullina. “He will give us the ability to better assist our clients and their customers’ data breach preparedness and response programs, aiding them in determining the vulnerability of their informational assets.”

Krehel will manage Identity Theft 911’s information security program and will augment the company’s existing data breach client services. With almost a decade of network and computer security experience investigating intellectual property theft, massive deletions, defragmentation, anti-money laundering and computer hacking, Krehel brings a broad range of knowledge to the company.

Previously, he was a digital forensic examiner in the New York office of Stroz Friedberg, a computer forensics, investigations and electronic discovery technical firm, where he led computer security and forensics projects internationally and in the U.S., and was instrumental in helping clients detect, investigate and combat intrusions and data breaches.

Before that, Krehel was an IT technical security project leader at Loews Corporation, where he implemented technical security solutions, and was responsible for providing the first line of response for all cases involving the compromise of networking equipment, servers and end user machines. He began his career as a computer analyst at the government-owned utility company Slovenske Elektrarne A.S., in Bratislava, Slovakia, where he focused on information security and emergency security incident response for their nuclear, water energy and coal power plants.

Krehel has an M.S. degree in Mathematical Physics from Comenius University in Bratislava, and an Engineering Diploma from Technical University in Zvolen, Slovakia. He has also completed various courses in intrusion and forensics training, including AccessData BootCamp, and Niksun forensics training. He is a member of the High Technology Crime Investigation Association (HTCIA), the Information Systems Security Certification Consortium (ISC) and the International Council of Electronic Commerce (EC Council). He also is an (ISC) Certified Information Systems Security Professional (CISSP) and a Certified Ethical Hacker (CEH).

Cyber Meet in Chandigarh

What makes hacking a hot career


In the Cyber Security Forum in Chandigarh, Cyber security experts believe that every institution needs trained hands to ensure foolproof safety for their systems and this industry can offer huge job opportunities.
“In this hi-tech era when everyone is on one or the other social networking site and everything is available online, we cannot take internet security for granted. Even our politicians and celebrities are not safe on the internet and in some cases it can also pose a serious national security threat.”
“Therefore we have to take steps by disseminating knowledge about these hackers and about ways to pre-empt them. In the 21st century, we surely need a strong workforce of ethical hackers and we cannot afford to ignore it at any cost.”

An ethical hacker is an expert in computer securities and network systems, and is hired to check the vulnerability of an organisation’s computer system to an outside breach or hacking.

He uses the same techniques that an unscrupulous hacker may apply. He then identifies the problems or loopholes in the system and drafts a solution for it.

“Hackers are seeing India as an easy target because we are not paying much heed to this area as compared to other countries like China. In India, we have good cyber laws but normally people are not aware about them and easily fall victims to cyber attacks. “Unfortunately our police personnel are also not conversant with the required skills,”

The experts said the industry of ethical hacking is growing at a tremendous pace and offers a plethora of lucrative job opportunities for youngsters. Last year it was estimated to be a $3.8 billion industry in the US alone.

“According to NASSCOM findings, India will require at least 1,80,000 IT Security professionals and over 70,000 ethical hackers by 2015, whereas at the moment we are producing only 15,000 in a year. Therefore it is still an unexplored field,”

Jobs in Ethical Hacking

SECURITY is a major concern these days. Not only physical but also in the cyber space. Today our lives stand exposed to the innumerable opportunities of the cyber world: e-commerce, easy access to huge amount of reference material, e-mail and new avenues of information distribution and many such opportunities.

A recent survey done says that the demand for information security professionals in India by 2010-11 stands at 2,00,000 and companies such as Wipro, Infosys, IBM, TCS, Tech Mahindra, HCL, Airtel, Reliance and more companies are always looking for good ethical hackers

Internet security & Networking are two of the fastest-growing industries around and they need technology graduates immediately To become an ethical hacker, being computer savvy is an important pre-requisites. There should be a keen interest in the Internet and basic knowledge of networking and programming and desire to stay updated in the field of ethical hacking and cyber crimes.

Today large Corporates need trained professionals to ensure that their Internet, Intranet, VPN, network and database systems are safe.

Government agencies such as military and law enforcement agencies, need security specialists to keep their systems safe. In the ongoing battle against cyber-terrorism and cybercrime, security specialists are needed to track down and prosecute hackers and terrorists. Places like the Central Intelligence Agency , the National Security Agency and the Federal Bureau of Information need trained agents who are savvy in computer science.

Some of the known Certifications in Network Security are CEH, CHFI,ECSA/LPT, CISA, CISSP, and many more…

The kind of jobs/opportunities available are Network Security Systems Manager, Network Security Administrator, Systems/Applications, Security Executive, Web Security Administrator, Web Security Manager etc.

Although the starting salary for ethical hackers in India ranges from Rs 3 lakh to Rs 4.2 lakh per annum, the annual salary can be between Rs 27.7 lakh to Rs 32.5 lakh post currency conversion.
So this a right time to be work in the IT security domain and help the nation in securing our assets….Jai Hind

Security Certification

Survey: Security Certifications Hot Among IT Pros

By Joan Goodchild, CSO
November 05, 2009 11:32 AM ET

Security certifications are the most sought-after area of specialty among information technology professionals, according to a new study.

The survey of more than 1,500 IT workers found that 37 percent intend to pursue a security certification over the next five years. Another 18 percent of IT workers said they will seek ethical hacking certifications during the same time period, while 13 percent identified forensics as their next certification target.

“Given the growing reach of security, with threats becoming more pervasive and dangerous and with no business or industry immune to those threats, it makes sense that many IT professionals view this as a must-have for career advancement,” said experts.

The results fall in line with a survey conducted earlier this year that found more companies are requiring IT security certification. In that research, the number of organizations where IT security certification is required has increased by half and is continuing to grow; 32 percent of employees were required to have certifications in 2008, compared to 20 percent in 2006. Other technology areas where survey respondents said they will seek new certifications over the next five years include green IT, healthcare IT, mobile and software-as-a-service.

Economic advancement and personal growth are key drivers for seeking IT certifications. Eighty-eight percent of certification holders indicated they pursue a certification to enhance their resume. An identical 88 percent said personal growth is a major or minor reason in their decision to pursue a certification.