Ethical hacker

Computing and ICT
Discover

Career outlook for

Figures and forecasts for roles at the same level, which require similar skills and qualifications.

Average UK salary

Currently employed in Scotland

Jobs forecast

This information is supplied by LMI For All, where data is currently available for Scotland.

What's it like?

You’d be employed to protect networks and computers from attacks from unethical hackers, who illegally access computers with the intention of accessing confidential information.

Delivering security testing using advanced software, you’d attempt to ‘penetrate’ a company’s systems in much the same way as a hacker – with the goal of uncovering any weak areas in the system.

You would:

  • Find and suggest patches for weaknesses in the system
  • Ensure that the system is firewalled
  • Put security protocols in place

Conducting advanced penetration tests, you’d need to be familiar with the company’s infrastructure and would have the ability to assess the risks to the organisation, inserting measures to control vulnerable areas.

By simulating breaches to network security and developing measures to lock down risks, you'd ensure that confidential, financial or reputational damage information wouldn't fall into the wrong hands.

 

Working conditions

Hours

Typically, you’d work around 40 hours a week – but this can vary depending on the client and the job.

Environment

Some work can be performed from home or the office, where as others are required to be delivered on client sites.

Travel

You will normally travel between client sites, and you may occasionally work away from home for some clients.

UK employment status

Full-time

Part-time

Self employed

Here are some of the skills needed for this job. Sign in to see how your skills match up.

  • Ethical
  • Taking responsibility
  • Taking initiative
  • Attention to detail
  • Working with technology
  • Written communication
  • Researching
  • Observation
  • Problem Solving

Build your skills

Your skills can help you choose the career that’s right for you. You can build your skills through work, study or activities you do in your spare time.

To understand more, have a look at what are my skills?

Keep track of your skills in your account and find the jobs, opportunities and courses that suit you.

Click here to view / add your skills

Getting in

Entry requirements for courses can change. Always contact the college, university or training provider to check exactly what you’ll need.

Qualifications

There are different routes to this role or similar roles in cybersecurity. You'll need the ability to identify, assess and deal with complex information security risks. You'll also need to build relevant experience and qualifications to demonstrate this.

You can gain skills and qualifications in the work place through options such as Modern Apprenticeships or Graduate Apprenticeships (combining work and college/university study) in:

  • Information Security (SCQF level 6 / SCQF 8)
  • Cyber Security (SCQF 10 / SCQF 11)

Apprenticeships are advertised as job vacancies and, like any vacancy, entry requirements will vary. Relevant experience and qualifications, such as National 5s or Highers, will be helpful but may not be essential if you can show you would be the right person for the job.

Useful subjects

  • Maths or Physics (required by most courses, valued by employers)
  • Computer Science or Information Systems (required by most courses, valued by employers)
  • Other science subjects
  • English and Social studies subjects, such as business management, geography or psychology (valued by employers)
 
If you are considering a combined studies option, such as computer science and a language, you should consider subjects that are relevant to all area of study.

You will also need

To be able to pass any security checks or assessments, i.e. no criminal record.

This is a quickly evolving and expanding area of work, so on-going training will be needed.

Industry recognised certificates in ethical hacking or cyber security may be included as part of a course or work-base learning programme or an employer may be willing to support the right employee to gain certification.

Examples of relevant industry qualifications you may see in job adverts include:

  • Offensive Security Certified Professional (OSCP)
  • Global Information Assurance Certificate (GIAC)

Helpful to have

Any qualifications or experience that show a genuine interest in and practical understanding of technology, business ethics and security, such as a Foundation Apprenticeship in IT: Software Development (SCQF level 6), Cyber Security Fundamentals Award (SCQF level 4) or Cyber Security National Progression Award (NPA SCQF 4, 5, and 6).