Ethical hacking has become a popular career choice in recent year, both among those already in a professional IT setting, and those looking for a career change. There is an upward trend currently, with more and more people choosing to enter the ethical hacking field, and more and more businesses realizing the need for ethical hackers in their roster.
2018 saw some major data breaches and hacks that have cost companies millions of dollars. Hackers are becoming more sophisticated at exploiting business systems and gaining unlawful entry for their financial gain. This has led to a game of cat and mouse between hackers and businesses with both trying to outsmart the other.
This is where ethical hackers, otherwise known as penetration testers, come in. A global survey by Willis Towers Watson (WLTW) reveals that large firms typically spend around 1.7% of revenues on cyber resilience, but that 96% of board members don’t think it is enough.
In the past, it was typically government agencies that employed ethical hackers, and most other companies, even substantial ones didn’t see the need for one. That was certainly not the case in 2018, and onwards to 2019. Now almost every industry is looking to employ ethical hackers as black hat hackers become more aggressive with their practices.
What Did Ethical Hacking Salaries Look Like in 2018
According to INFOSEC Institute In the US, the average salary for a Certified Ethical Hacker is $71,331 per annum. The salary ranges from $24,760 to $111,502, and ethical hackers can also expect to see bonuses up to $17,500. This is the average salary across the US, but of course, certain places will support higher salaries for ethical hackers in that region.
It is also important to note that these salaries represent Certified Ethical Hackers, those with the Certified Ethical Hacker (CEH) qualification. The certification is obtained by demonstrating knowledge of assessing the security of computer systems by looking for weaknesses and vulnerabilities in target systems, using the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner.
The average salary for penetration testers in the US is $109,961, according to Indeed.
You may be unclear about the difference between Ethical Hackers and Penetration testers since the two are often used interchangeably. There is a subtle difference between the two, but some companies will not acknowledge the difference and your job title may be one, but still include the work of the other. The INFOSEC Institute defines the two as:
“Penetration testing is a formal procedure aiming at discovering security vulnerabilities, flaws risks, and unreliable environment.”
“Ethical hacking, on the other hand, is an all-embracing term that includes all hacking methods, and other related cyber attack methods.”
Location, Location, Location
New York: According to INFOSEC Institute, New York has the highest average salary for certified ethical hackers at $117,900.
California (Data from Indeed): While the average salary for a penetration tester in California $109,449, which is slightly below the average for the US, certain areas offer a very high salary.
- Palo Alto $120,000
- LA $128,119
- Irvine $132,941
Maryland (Data from Indeed): The average penetration tester salary in Maryland is $123,355
North Carolina(Data from Indeed): The average penetration tester salary in Maryland is $118,823
Texas (Data from Indeed): The average penetration tester salary in Maryland $126,885
Washington (Data from Indeed): The average penetration tester salary in Seattle Washington is $102,512
Washington DC (Data from Indeed): The average penetration tester salary in DC is $109,380
In the UK, the average salary for a penetration tester is £36,595 (USD 46,619). Entry level penetration testers can expect to earn £26k (USD 33,122), rising to £90k (USD 114,653) for those experienced in the field.
The average salary for a penetration tester in Australia is $124,749 (USD 89,683), with Sydney being slightly higher at $129,385 (USD 93,016).
Prospects for 2019
Salaries look to increase in 2019 as more companies expand their ethical hacker workforce. There is high demand for ethical hackers but too few ethical hackers on the market. This is why ethical hacking is a good career to start since prospects for the future look good and new qualifications continue to be available.