White Hat Hacker – What kind of is a hacker’s workday?

Being a hacker sounds like a fascinating profession, but what’s it really like to be a hacker? What kind of is a hacker’s workday at 2NS? What tasks do hackers have? What is an on-site day and office day?

Our white hat hacker Jani wrote a post about his workday at 2NS. Jani tells us more about his work and what his typical day as a white hat hacker looks like. Read more!

Hacker’s on-site day

Hacker’s day at 2NS can be divided into on-site days, office days and remote workdays. During on-site days hacker works at a customer’s location, during office days at 2NS’s office and on remote workdays one can work from home, summer cottage or even from a sailboat! On-site day’s tasks vary depending on the case and are often diverse as cases tend to be different for each client. On-site days usually consist of tasks such as auditing the client’s services in their internal network or reviewing the information security of the client’s software and processes.

During the on-site day my task was to make a risk analysis for the client’s system in the internal network and its processes. As I had previously worked at the same client, practicalities and contact person were already familiar to me. After the initial procedures, I have been able to define my own workdays and  working times during on-site days, excluding of course meetings and tasks where other people’s schedules had to be taken into account. On-site days bring in a nice variety compared to the office-days and they also give a broader perspective on the work. At 2NS, I have had on-site days quite regularly and so far, I have been able to affect on my work tasks as well as choosing different type of tasks. I have always wanted to have work task on broad scale, so I’ve been quite happy with the on-site days and have been working on-site quite early on since starting at 2NS.

Usually I try to have as much information as possible from the upcoming work task as this enables me to estimate the workload most accurately. Today I walked to work while listening to an e-book around 8-9am. My id badge and other practicalities were already done on the previous week, so I didn’t have to worry about that. Usually the workday on the client’s location starts with preparing my computers and other needed equipment. Today the morning went by quickly while sorting out the customer’s remote access problem and having a meeting with the client where we went through the details of the project. In the meeting we discussed the services and other detail functionalities of the system which I was working on. The problem was fixed, and I was able to start installing the needed tools to the test computer. While installing the tools I also communicated to the client’s employees by e-mail and read the information I was given by the client.

On the afternoon I decided to have a lunch break. Usually I go out for lunch, but this time I brought my own lunch. Afternoon went by effectively while I was building the review, writing a report and communicating with client’s different account managers. Today I had a little bit longer day since yesterday I had to leave a bit earlier, so my day ended around 6pm.

Office day at the 2NS’s office

Our white hat hackers work at 2NS office when the client’s project doesn’t need to be done on their premises. Depending on the work task, remote work is also possible. Office days are usually different from on-site days content wise, but tasks are as versatile as on-site days.

Office day often means a bit more relaxed workday. When you get to work, you have time to make a cup of tea or even eat breakfast. A single client project, for example web applications information security test, usually takes time from few days up to two weeks, depending on its scope. Start of the office day varies depending on whether I’m starting a new client project or continuing a previous one. When starting a new project, it’s nice to read more about the project plan in the morning with a cup of tea and at the same time install the needed tools and updates to my computer. If I’m continuing previously started project, it’s good to review previously made tests and possibly read articles about the topic. Sometimes I even read articles about different topics on my free time, since I’m interested in them, but this of course isn’t required by the employer. I try to actively read about news and articles about infosec, as it indirectly helps in developing my skills. During commute I also often listen to e-books or podcasts about infosec.

The content of workdays varies quite a lot and no two days has been the same. Every project is different and almost every time you need to research a new tool, software or protocol. I like the fact that you get to research new things and develop your skills every day. Generally, you can also choose what is your working time, so it’s not always 9 to 5. Of course, you need to take into account meetings and other tasks where you need to be available during office hours. The company also has created an environment where bureaucracy is in minimum, which I appreciate a lot. This way each employee gets to develop their skills according to their own wishes and everybody’s opinion is taken into account equally.

Did you find Jani’s post about his work interesting? Are you interested in a position of white hat hacker at 2NS? Then get in touch!