Hey buddies I am back with a new Informative post, In this post, we will know what a hacker is + what they do, so if you also want to be a Hacker then you really want to know about their positions, salaries and responsibilities, so stay with me and keep reading.
 |
What is a hacker? |
Generally, a hacker is a person who uses their technical skills to overcome an obstacle in a computerized system.
But a "hacker" is a broad buzzword, and now you will learn what that means.
Hackers are divided into three main categories.[If you like Hacking then you already know about it]
- White hat
- Black hat
- Grey hat
White hat Hackers (also known as ethical hackers) are the exact opposite of black hats | They use their skills to do good and defend companies from black hats.
White hat guy's will penetrate websites, applications, and computer systems with permission from the owner, in exchange for money. Also known as penetration testing.
Black hat hackers are the bad guys | They use their skills for evil, usually by phishing, stealing and blackmailing. These are the ones we need to protect ourselves from. [😁I know some of you wanted to be a Black Hat Hackers]
Grey hat Hackers are a mixture of the other two | While they are usually on the good side | They try to break into websites and applications without consent.
If they find a vulnerability, they report their findings to the owners without causing any harm to the systems.
After they report the vulnerability, they wait until the owners fix their security vulnerabilities | And then release them to the public,
They mostly do this to get a name for themselves or to practice their skills.
[Many persons want to be a Grey Hat Hacker (According to my opinion) Comment On this post which type of Hacker you want to be😉]
Some companies are not too keen on random people trying to break into their systems, while others offer actual money for hackers who find anything interesting | This is called Bug Bounty Hunting.
So now we are gonna talk about rolles of Ethical Hackers.
Ethical Hackers are split into two groups | Blue and Red teams.
The blue team is in charge of the defensive side while the red team focuses on the attacking side; a cyber security company will usually have both.
Blue team
•SOC analyst
Security Operations Center is broken into tiers; the 1st is the analysts, who are in charge of monitoring the SIEM systems (Security Information and Event Management), they are the first line of defense against cyber attacks, and their job is to monitor these systems.
In case of an attack, they will escalate the situation to the 2nd tier, incident responders.
1st tier SOC is the entry position in the cyber security realm. If you're interested in starting, this is most likely where you will end up first. After some experience, you will either get promoted to the following tiers, or you could expand your knowledge and apply for another cyber security position.
•Incident Responder
Incident responders (IR) are the 2nd tier in the SOC team.
They are more experienced than the 1st tier and use computer forensic tools to analyze, investigate and respond to cyber incidents reported by the 1st tier.
•Threat Hunter
Threat hunters are the 3rd and last tier in the SOC team and are usually very experienced professionals.
The threat hunter's job is to monitor activity patterns to detect threats; The hunter proactively detects cyber threats before they can damage the systems.
The average salary for 2nd and 3rd tier SOC in the US as of 2022 is about $111,000 per year and about $76,000 for 1st tier positions
•Threat Intelligence
Cyber threat intelligence analysts ( Also; CTI ) are in charge of collecting information about threat actors to prevent a company from potential attacks.
They do so by gathering intelligence using OSINT(open source intelligence) tools such as google Dorking, the dark web, and social media.
The average salary for CTI in the US as of 2022 is about $88,694 per year
•Security Researcher
Cyber researchers have one of the most exciting jobs out there!
They analyze and reverse engineer all types of malware to prevent cyber attacks.
They are typically very experienced and have a vast knowledge of all cybersecurity-related topics such as penetration testing, malware analysis, networks, and reverse engineering. They also usually have experience in both blue and red teaming.
the average salary for a security researcher in the US as of 2022 is about $120,712 to $141,925 per year
•Security Consultant
A Security consultant is in charge of evaluating the security issues in a company and implementing solutions to defend against threats.
In some cases, their job includes penetration testing, but mainly, it relies more on writing reports and less on actual hacking.
the average salary for a cyber security consultant in the US as of 2022 is about $118,553 per year
•CISO
The CISO (chief information security officer) is a senior-level cyber security executive.
They are in charge of everything to do with cyber security in a company, including implementing the strategy and architecture to deal with threats.
the average salary for a cyber security consultant in the US as of 2022 is about
$182,607 per year.
Red team
•Penetration Tester
A penetration tester (also; pen tester) is what you would call a "classic" hacker, like the one you see in movies and such; for people interested in hacking, this is probably your dream job.
A pen tester is a white hat hacker who legally and consensually breaks into a company's applications and products to find vulnerabilities in their cyber defense.
their job requires a comprehensive set of tools, including a broad knowledge of computer networks, operating systems, a programming language (preferably Python), and a good understanding of web application security (OWASP top 10)
the average salary for a penetration tester in the US as of 2022 is about
{ $119,952 per year }
Conclusion
So now that we have a general idea about what a hacker is,
The next step is to choose the path you seem to be the most interested in. Are you more into red teaming and penetration testing? Or maybe you're more into dissecting and researching malware?
I hope you all enjoyed that post, and if you liked it, you might want to get me a cup of coffee.