Career Advice

Cybersecurity vs Ethical Hacking Career Profiles

Are you great at providing step-by-step instructions?

Is it easy to walk people through complicated subjects or events without missing a beat?

Do you enjoy poking holes in strategies to find flaws and fix them?

Then, you have three of the most important skills you need to excel in a cybersecurity career. Even better, you don’t need to already work in IT or another technical field to start a cybersecurity career.

As Jan Carroll, a Lecturer in Cybersecurity with UCD Professional Academy says, “One of the best things about the cybersecurity industry is that there are so many roles which require a variety of skills, many of which are transferable from other roles. It’s one of the reasons I advise those thinking of a career change to consider cybersecurity.”

Cybersecurity 101: What Is Cybersecurity?

Cybersecurity is a skilled profession that involves using processes, controls, and technologies to protect organisations, networks, programs, devices, data, and individuals from cyber threats and attacks, like phishing, malware, ransomware, social engineering, and vulnerabilities in infrastructure, including hardware and software.

When you work as a cybersecurity specialist, you play a key role in identifying and managing risks through a set of identifiable controls. You might work in-house with an organisation or through a third-party cybersecurity or IT agency or service provider.

What is Ethical Hacking?

When you think of ethical hackers, you might think of popular television programs, like Mr. Robot or even famous black hat hackers who turned white hat, like Kevin Mitnick, Tsutomu Shimomura, Richard Stallman, or Sherri Sparks. But an ethical hacker is often a cybersecurity worker with a varied set of skills.

“A common misconception is that ethical hackers are young lads in hoodies sitting in their bedrooms, they’re not,” Carroll says. “Ethical hackers and security analysts are professional women and men, at the top of their game, who work hard to keep their clients safe and secure.”

Ethical hacking is a subset or specialisation within cybersecurity. It’s not a part of cybercrime; that’s where the ‘ethical’ aspect comes in.

Also known as penetration testing, pen testing, or white hat hacking, ethical hackers look for holes in security systems and share them with the rest of the cybersecurity team. You use many of the same cybersecurity skills and even black hat hacker skills but apply them differently.

Ethical hackers exploit weaknesses along an agreed parameter. Then, they support initial investigations, consult with their team and other stakeholders, and suggest patches and fixes. They can even help develop security software and additional programs.

Cybersecurity analysts will...Ethical hackers will...
Strategize, deploy, and manage cybersecurity toolsTest the strength of the cybersecurity strategy and tools using penetration tests
Identify, report, and inform on threatsCreate threats and reports on findings
Use audits to assess for inefficiencies and updatesUse NMap to identify and record security flaws and breaches
Suggest strategic solutions based on auditsProvide written suggestions for solutions based on penetration testing
Complement the work of ethical hackersComplement the work of cybersecurity analysts

What are Some Cybersecurity Jobs in Ireland?

Cybersecurity is like many other professions: there are many roles and specialisations within the field to choose from. A cybersecurity career comes in many forms including:

  • Security analyst

  • Security engineer

  • Security architecture

  • Systems and network administration insecurity

  • Information security

  • Web application security

  • Ethical hacking or penetration testing

The great thing about cybersecurity is that you can choose a field that makes the most of your interests and skills. Even better, you don’t need a technical background to work in cybersecurity. People from across many disciplines come to cybersecurity and bring their past and current skills with them.

The typical day of a cybersecurity professional depends on your field. For an analyst, it might be responding to an alert, opening tickets, informing the customers and team members, and collecting information through testing. In information security, you might install and improve security controls, including patching.

Where might you work? Some of the companies in Ireland recently hiring for their in-house cybersecurity teams include:

  • Bank of Ireland

  • Fidelity Investments

  • KPMG

  • PwC

  • Schneider Electric

  • McAfee

  • TikTok

  • Twitter

  • Amazon

  • Apple

  • Docusign

Cybersecurity vs Ethical Hacking: Which Side Will You Choose?

Ethical hackers are a subset of cybersecurity professionals, whose workflow differs but who work in conjunction with the rest of the cybersecurity and IT team. An ethical hacker is a cybersecurity analyst or engineer’s best ally.

So how do you decide to go into ethical hacking or penetration testing? It all depends on your interests, skills, and preferred career path.

What Skills Do You Need to be a Cybersecurity Specialist?

So, you want to work in cybersecurity? Well there’s good news: cybersecurity isn’t as highly-technical as many people think.

You’ll need your computer science basics and information management skills. You, of course, want at least one programming language, but the language you choose depends on your career path.

The most commonly used languages include:

  • JavaScript

  • C

  • Python

  • PHP

  • Assembly

Many professionals also pursue cybersecurity certifications both to qualify for a job and throughout their career. As Carroll tells us:

“Deciding on a certification to take depends on where you are in your cybersecurity career and where you want to go. There are many professional certs available and some go in and out of favour. If someone is new to the industry, they may consider CompTIA Security + and Certified Ethical Hacker (CEH). If someone is looking towards management, they may consider CISM or CISSP. A career in compliance would benefit from the CISA.”

“Some popular providers include CompTIA, EC-Council, ISC2, ISACA and CSA.”

In summary, you shouldn’t worry about trying to collect EVERY certification. Instead, get the most relevant ones, and then back up the certification with real knowledge and skills. Balance it all out with practical experience, and you’ll have a winning CV.

Cybersecurity is 50% Soft Skills

Soft skills are equally as important as technical skills. Your success in your cybersecurity role isn’t just in identifying or preventing a threat. It also lies in communicating it.

As Carroll says, “[Skills are] role dependent, but non-technical skills which help in cybersecurity include: communication skills, report writing, presentation skills, project management, organisation skills, leadership, teamwork and an important one is problem solving skills.”

Additionally, cybersecurity requires a commitment to continued learning. Cyber criminals are constantly iterating and security-related functions improve in meaningful ways on a regular basis. You need to know what’s happening to stay up to date with your own tools and with tools coming down the pipeline. For example, many professionals say that the cloud has made firewalls obsolete.

What are the Basic Requirements to Become an Ethical Hacker?

The skills involved in ethical hacking are very similar to general cybersecurity skills: you’ll need computer skills, Linux skills, computer networking skills. Python is generally required, and you need to become familiar with Kali. Many people also choose to pursue the Council Ethical Hacker Certification (CEH).

Some people veer straight for ethical hacking specialties and bypass other cybersecurity functions. However, doing so can limit you in some important ways. For example, without a foundation in other areas of cybersecurity, you run the risk of running a script but not understanding what’s happening behind the scenes. It’s often said the best ethical hackers and the ones who see the most success understand how exploits work and know what’s happening on the other side of the curtain.

As with cybersecurity generally, soft skills are very important. Your report writing skills will make or break your career. Ask an ethical hacker, and they’ll tell you that report writing takes up 75% of your time and demands more from you than a technical or coding project. Technical writing skills for ethical hackers help you document your processes. In other words, your writing skills help you share what vulnerabilities you found, how you exploited them, how others could exploit them, and considerations for patching the problem.

Is Cyber Security a Good Career? Three Reasons to Enter the Field

The great thing about cyber security is there’s plenty of room to enter the field, even without a highly-technical background.

If you’re starting from scratch or even if you’re self-taught, taking a course such as the Professional Diploma in Cybersecurity offered by UCD Professional Academy is an excellent starting point. Carroll recommends it to all entry-level cybersecurity workers because it gives an overview of all the areas of cybersecurity as well as where to go after finishing the course to continue your journey.

So why choose cybersecurity? There are four great reasons to get started in this field.

1 - Cybersecurity Engineers Earn €85,283 on Average

Cybersecurity professionals in Ireland are well-compensated for their efforts. According to the Economic Research Institute the average cybersecurity engineer salary in Ireland is €85,283, and it’s projected to grow to €93,699 by 2026.

According to Brightwater, recruitment specialists in Ireland, the average salary across all industries grew by 3-5% in 2019. It jumped by 10% for cybersecurity professionals.

Why do cybersecurity professionals earn so much? There are a few reasons:

  • A skill shortage makes the market more competitive. Companies will outbid each other for access to talent.

  • You have many opportunities to advance your technical and soft skills during your career, making it easier to specialise or advance to senior-level positions.

  • Experts predict cybercrime will cost the world $10.5 trillion USD annually by 2026; organisations are willing to spend to protect their assets and compete for the best talent.

2 - You Have Incredible Opportunities for Career Growth

One of the key indicators of a good career is the opportunities for career development and advancement, both in your technical skills, management abilities, and pay. And cybersecurity offers a trifecta.

Let’s start with career development. In the cybersecurity field, you advance by choosing a specialisation and moving into a senior role.

When you become a senior cyber security worker, you do things like help define and refine security strategy and communicate security analysis to executive leadership while keeping teams at the forefront of the latest technologies and strategies

What’s more, your cybersecurity skills will also give you a foundation to pivot into other IT roles, if you choose, and help future-proof your role so long as you commit to upskilling regularly.

3 - Job Numbers Grow at an Incredible Rate

Tired of fighting for roles in an industry with more talent than available jobs? You won’t find that issue in cybersecurity. There was a projected 350% global growth in open cybersecurity positions between 2013 and 2021. The European cybersecurity market will grow another 10% by 2030.

Trying to get your foot in the door at a top firm? A few suggestions for job hunters include:

  • Follow experts, professionals, and even enthusiasts on Twitter and engage with them

  • Contribute to open source projects to learn, practice, and have experience to show to employers

  • Go to cybersecurity conferences and meet-ups to network. A few groups in Ireland include: InfoSec Dublin, OWASP Dublin, OWASP Cork, Cybersecurity Enthusiasts, and InfoSec Dublin. Find your local ethical hacker or cybersecurity group on Meetup.

4 - You Can Impact Cybersecurity for the Better

As with any job, cybersecurity benefits from workers from diverse backgrounds. However, as Carroll says, “There is a diversity problem or more correctly, a lack of diversity problem in the cybersecurity industry.”

According to the International Consortium of Minority Cybersecurity Professionals (ICMCP), only 14% of cybersecurity professionals are women. And ethnic minorities are poorly represented, too.

“The diversity problem is everyone’s problem,” Carroll says. “A diverse workforce is a more secure workforce as we all bring our own unique experiences and frames of reference to the table.”

Get Started in Cybersecurity with UCD Professional Academy

A career in cybersecurity is closer than you think. There are now many undergraduate and graduate degrees available that will help you create a strong foundation in cybersecurity. But you don’t need to commit to four years of learning. You can also take all the skills you already have and combine them with core computer science and soft skills and enter the field much sooner with a foundation course from UCD Professional Academy.