Ethical ‘White-hat’ Hackers
Hackers are often plagued by their bad reputation, no thanks to the juvenile delinquents and criminals who use their skills and knowledge to cause chaos in the cyber world.
The title ‘white-hat hacker’ refers to the good guys who assess the weaknesses of existing computer systems and ensure that sensitive information is protected from malicious intruders.
Degree in computer science, software engineering, ICT security certifications (Certified Information Systems Security Professional (CISSP), Information Security Certification (GIAC), Certified Ethical Hacker (CEH))
In-depth knowledge in web technologies (AJAX, SOAP, XML etc), operating systems (Linux, UNIX, Solaris, OS X, Windows etc), network security, HTTP proxying tools (Burp, Charles, Fiddler, WebScarab etc), web server and application software (IIS, Apache Tomcat, WebLogic, WebSphere etc), application and vulnerability scanning tools (AppScan, ClickToSecure, Sentinel, WebInspect etc), programming languages (C/C , Java, Perl, Python, Ruby etc).
Roles and Responsibilities
Ethical hackers use their extensive software knowledge to hack into their employers’ and clients’ computer systems the same way regular hackers do, in search of loopholes. They then implement security measures to prevent future unauthorised intrusions.
What It Takes
Many working hackers are self-taught so you do not necessarily need formal qualifications to land the job. However, due to the extensive knowledge required for the job, a university education and professional certifications will certainly be of great help in preparing you for a career in the field. Work experience in various areas of ICT is also highly advantageous.
Plenty of self-learning is required to stay abreast on all things software, network, virus and malware related. You will also need lots of patience, trustworthiness, professionalism, and excellent problem-solving and analytical skills.
Work opportunities are available at commercial organisations, IT security companies, ICT consultancies, the government etc.