Skip to Main Content

Professional Hackers

The Job

When the word “hacker” is mentioned, most people conjure images of criminals breaking into people’s and organization’s information systems to steal credit card information, access trade secrets, shut down or deface Web sites, and steal top secret government intelligence. These hackers are also known as black hat hackers. But there’s another type of hacker known as a professional hacker (or white hat hacker) who uses his or her skills to benefit society. With the permission of companies, government agencies, and individuals, they hack into software applications, web services, network infrastructure, and mobile devices to test their vulnerability to black hat hackers. Duties for professional hackers vary by the type of employer and job title, but most have the following responsibilities:

  • conduct risk analyses of hardware and software systems
  • use software applications such as Metasploit to conduct simulated attacks (called pentests) to test an organization’s defensive measures
  • send fake “phishing” e-mails in an attempt to induce the organization’s employees to enter their user names and passwords, which the hacker then uses to break into the system
  • prepare vulnerability assessment reports or record their hacking actions to show how they were able to access an organization’s computer systems
  • recommend corrective actions to address security threats
  • work closely with software architects, software developers, hardware engineers, and other computer professionals to develop custom software or systems to help organizations remedy these issues
  • identify and develop new tactics, tools, and procedures for targeting and addressing new threat scenarios
  • stay up to date on industry developments regarding new attack strategies and defense mechanisms
  • develop tools that improve security testing and monitoring