Jobs You Can Get With the CEH (Certified Ethical Hacker)
The CEH is one of the most recognised offensive-security credentials on the market — it shows up across pentest, analyst, and government security postings. Here are the roles it actually opens, realistic US salary ranges by level, and the ladder from SOC analyst to offensive security lead.
01 The short answer
It is worth being realistic, though. The CEH is best understood as a door-opener and a résumé keyword rather than a substitute for hands-on skill. It teaches breadth across the attack lifecycle, but offensive-security teams also want to see practical proof — a home lab, boxes you have rooted, and often a hands-on cert such as the OSCP alongside it. Many people enter through a SOC or security analyst role first, then pivot into pentesting within a year or two. The CEH gets you past the résumé screen; demonstrable hacking gets you the offer.
02 Jobs you can target
These are the roles where the CEH most directly moves the needle. The seniority tag shows where each typically sits.
Penetration Tester
MidRun authorised attacks against networks, apps, and infrastructure, then report the findings. The role the CEH is built around.
Ethical Hacker
MidProbe systems the way an attacker would to expose weaknesses before criminals do. The job title the certification is named for.
SOC Analyst
EntryMonitor alerts, triage incidents, and investigate threats in a security operations centre. The most common entry point for CEH holders.
Vulnerability Analyst
MidScan, prioritise, and track remediation of weaknesses across the estate. The CEH attacker mindset helps you rank real risk.
Security Analyst
Entry–MidDefend networks, harden systems, and respond to incidents. A broad role where the CEH signals you understand the attacker.
Cybersecurity Consultant
SeniorAdvise clients on testing, risk, and security strategy at consultancies and assessment firms. Heavy on communication.
03 The career ladder
Security careers progress fast for people who keep getting hands on. Here is a typical offensive-leaning path with the CEH as your foundation — salary bands are US guides.
Entry — SOC Analyst / Security Analyst + CEH
Learn how real attacks look from the defensive side, build incident-response instincts, and earn the experience the CEH implies. Many enter here from an IT, help-desk, or networking background.
~$70K–$100KMid — Penetration Tester / Vulnerability Analyst
Move to the offensive side: run authorised tests, exploit findings safely, and write the reports clients act on. This is where the CEH most clearly pays for itself.
~$90K–$135KSenior — Senior Pentester / Red Team Operator
Lead engagements, simulate advanced adversaries, and develop custom tooling. Often the point where people add a hands-on cert such as the OSCP to back up the CEH.
~$130K–$170KLead — Offensive Security Lead / Security Consultant
Own the testing practice or consultancy book, set methodology, and shape security strategy for the whole organisation. Compensation here leans heavily on total package and clearances.
~$160K–$210K+04 Who is hiring
Offensive-security skills are in demand almost everywhere, because almost every organisation now needs its defences tested. The biggest employers of CEH holders cluster into a few groups.
| Employer type | Why they want the CEH |
|---|---|
| Government & defence contractors | The CEH is a DoD 8140 approved baseline, so it is named directly on cleared and federal security job requisitions |
| Security consultancies & pentest firms | Bill clients for assessments; recognised certifications are a credibility and procurement requirement |
| Banks & financial services | Heavily regulated and a prime target, so they staff strong testing, SOC, and vulnerability teams |
| Big tech security teams | Run internal red teams and product-security functions and need people who think like an attacker |
| Managed security service providers | Run SOCs and testing for many customers; certified staff are a selling point and an SLA backstop |
05 How to actually land the job
The certificate gets you noticed; these four moves get you hired.
06 FAQ
What jobs can you get with the CEH (Certified Ethical Hacker)?
It is most directly aimed at offensive-security roles such as Penetration Tester and Ethical Hacker, but it is valued across SOC Analyst, Security Analyst, Vulnerability Analyst, and Cybersecurity Consultant positions too. It appears on a large share of security job postings and is approved under the US DoD 8140 framework, so it strengthens applications well beyond the pentest title itself.
Is the CEH enough to get a penetration testing job?
The CEH is a strong door-opener and a recognised résumé keyword, but pentest roles also reward hands-on proof. The candidates who land offensive roles fastest pair the CEH with a home lab and practical platforms like Hack The Box or TryHackMe, and many add a hands-on certification such as the OSCP. Plenty of people enter through a SOC or security analyst role first, then move into pentesting within a year or two.
How much do CEH-certified professionals make?
In the US, CEH holders commonly earn a base in the region of $90K–$110K, with penetration testers typically landing around $90K–$135K and senior pentesters or red teamers reaching $170K or more. Figures vary widely by location, employer, clearance, and experience, and reported certification salary lifts of roughly 15–25% are commonly cited.
Is the CEH approved for US government and DoD jobs?
Yes. The CEH is an approved baseline certification under the US Department of Defense 8140 framework (the successor to the older 8570 directive), which makes it a common requirement on government and defence-contractor security job listings. That government recognition is one of the main reasons the CEH appears so often on US security job descriptions.
