Network Security Researcher Himanshu Sharma on Everything You Ever Wanted to Know About a Career as an Ethical Hacker
Job Profile and Responsibilities
I work as a security manager at FileIce LLC to secure the company’s web server from any attack by a hacker. I need to be an honest person because I know about all the confidential codes and files on the servers and it’s my responsibility to never use any information for destructive purposes. I can be considered just like a code tester or like a developer who checks the code standards and develops the software, but my job is to check the security of the servers, find vulnerabilities and then suggest how to patch them.
The Best Thing About the Job
I get to learn new things everyday. We come across a lot of errors. At times, we have to sit and work for hours trying to figure out a rectification. I like that!
Additional Perks
I often get to meet new people. Recently, I had two cases where I recovered the fan page of a wellknown singer from Pakistan Zaain Ul Abideen and the email account of Harbhajan Singh. I am still in contact with them and I feel really lucky to have spoken to them. Also, I get to see many Indian cities as I attend various ethical hacking conferences held across the country.
Growth Opportunities
Referring to the article in the Times of India posted a while ago , last year ethical hacking was estimated to be a US$ 3.8 billion industry in the US alone. According to Nasscom, India will require at least 77,000 ethical hackers every year whereas we produce only 15,000 a year. Ethical hacking is growing at a tremendous pace and offers a plethora of lucrative job opportunities.
Remuneration
The remuneration per project varies with specifications of the client’s environment. On an average, payment can be around $4,000 to $ 45,000 per project as we tend to work for a lot of companies abroad.
The Challenges
I have to be alert all the time since hackers can attack anytime. I need to be prepared with all the backups, intrusion detection and prevention systems. Publically posted exploits are not major concerns, but private 0 day bugs are always a major concern for us. In case an attack happens and unknown vulnerability gets exploited, applying patches becomes more difficult for us as we have to find the bug first.
A Typical Day at Work
I work at home as I have my studies going on side by side. So my day at work usually comprises sitting on computers going through hundreds of lines of codes and huge log files checking for suspicious activity. I also scan the server for vulnerabilities and apply patches if necessary.
Qualities and Skill Set
As a network security researcher, one needs to have really good knowledge of various operating systems, networking, programming languages and also knowledge relating to setting up and configuring servers.
Educational Background
I am pursuing a bachelor of technology and am currently in the 3rd semester. To be honest, I am not too good in academics. Math and physics are just not my kind of subjects. When I was in class 11 and was trying to learn more about ethical hacking and other security-related courses, although I was quite good with computers, I was rejected from various institutions as they required me to clear class 12 first. I was told that only after I complete class 12, I can be eligible for the ethical hacking courses. Since then, I have been learning and improving my skills.
Scope in India
Indian companies like Google India and PayPal India have started bug bounty programs where security researchers are paid to report a bug. I think companies have now started to realise the importance of security and the need for security researchers.
Volume 2 Issue 2
