When I tell people what I do for a living, I get mixed reactions. These range from, “So, you’re like a hacker or something?” to “Isn’t hacking illegal?” to “Oh, you’re that guy who won’t let me listen to Spotify on my work computer.”
The answer to all three of those questions is a resounding “it depends.”
As a Cyber Threat Intelligence Analyst, it’s my job to understand the countless potential avenues that malicious actors could use to find their way in to our networks. Part of that is knowing what those vulnerabilities are, and how they are exploited. So, in that sense I am a “hacker.”
But is that illegal? Well, yes, if I use that knowledge to access a computer system without permission.
Inside Ethical Hacking
As an ethical hacker, however, I can use my skills to test a network for its susceptibility to attacks by using the same techniques that a criminal would use – at the request of the network owner.
That permission is the key difference between a “white hat” hacker and her “black hat” counterpart, and the one thing that separates a routine part of a healthy network security policy from a prison sentence.
The world of network security is much larger than just finding cool ways to break into a network, though. It requires constant study into the latest vulnerabilities and technologies, which change almost daily.
If you love to learn new things and work within an ever-shifting landscape, it’s a great career to pursue.
Hacking Certifications and Understanding the Threat Landscape
Earning the Certified Ethical Hacker certification is only the first step. It proves you have the background and capacity for a career in network security, but the real meat of the job is understanding the threat landscape.
That’s where my job comes into play. I straddle the world of vulnerability management and security operations, enabling both by researching new threats and advising on courses of action to protect our networks.
I gather information from a variety of open and proprietary sources to provide insight not only into new threats and vulnerabilities, but also the malicious actors who might use them to attack our network. By keeping tabs on who might be lurking at the edges of our network, we can begin to anticipate what methods they may use to break through our defenses.
You know the saying, “Know your enemy!”
The other side of my job involves understanding our own network in an effort to make sure we are aware of where our own weaknesses are. This is achieved through a mix of automated scanning and manual auditing of our network configurations.
Knowing where we are vulnerable helps us prioritize our efforts with patching and other actions that mitigate those risks. After all, you can’t fix a leak until you know where it is.
So in short, yes, I am a “hacker.” No, what I do is not illegal (although unscrupulous individuals with the same skill set might very well use it for evil).
No comment on the Spotify thing.
Start Your Hacking Career
If you’re ready to advance your ethical hacking career, Modis is the right strategic partner for you. We can help connect you to exceptional companies all over the U.S. Contact us today to find your next tech job!
About the Author
“Daniel Bearl is a U.S. Army veteran, husband, and soon-to-be father from Jacksonville, Fla. He works as a Cyber Threat Intelligence Analyst within the financial industry. In his spare time he enjoys long-distance endurance training, coding, and swimming in Florida’s fresh water springs.”