Navigating Cybersecurity Growth with CEH: Interview with Jan-Sebastian Schönbrunn
This interview explores the importance of the Certified Ethical Hacker (CEH) certification in fostering professional development, refining practical skills, and enhancing organizational security. Jan-Sebastian Schönbrunn, an information security and risk management expert, discusses CEH’s role in building offensive security expertise, enhancing credibility, supporting career transitions, and complementing modern cybersecurity practices, including the responsible use of AI tools in ethical hacking.
What motivated you to pursue the Certified Ethical Hacker (CEH) certification?
The CEH certification is essential within the cybersecurity field. If you’re running a business focused on ethical hacking, it’s essential to have a solid foundation that encompasses the basics, methodologies, and tools involved. That’s why I began with the CEH certification.
CEH helped me grasp how things work and what is required, and it served as the starting point for building greater skills in other cybersecurity domains.
How did the CEH certification contribute to your career goals?
The CEH certification helped me to have a good overview over all topics related to penetration testing, especially as it gave me the theoretical foundation I needed. I initially started my career in ISMS consulting and later moved on to developing and leading a penetration testing team. CEH was a step I took later to be sure to know about all aspects. Today, as a CEO working in sales and consulting, I’m glad to have this certification because it allows me to clearly understand and communicate with penetration testers and ethical hackers.
What aspects of the CEH program were most valuable to you, and how did they support your professional development?
The most valuable aspect of CEH is its focus on attack vectors. Cyberattacks are now a daily reality for organizations, and CEH equips both my colleagues and me to understand how attackers think, what techniques they use, and how to secure an organization accordingly.
How widely recognized and respected is the CEH certification in the cybersecurity industry? How does your organization view it?
CEH is widely recognized and well-respected among cybersecurity professionals, including in Germany.
Have you completed other cybersecurity courses? How does CEH differ from other certifications in terms of skills, career growth, and overall value?
Yes, I have completed additional certifications, including CISSP, CISM, and Security+. CEH stands out because it combines theoretical knowledge and practical labs. I appreciate that it goes beyond multiple-choice questions and includes hands-on testing. This balance makes the EC-Council approach particularly valuable.
How does CEH differ from Security+ and other entry-level certifications?
I have completed the Security+ certification and also serve as a trainer for it. Security+ covers a broad set of topics, including governance, cryptography, identity and access management, and defensive basics.
CEH, on the other hand, is more specialized, focusing on ethical hacking, attack vectors, attacker methodologies, and the tools used.
While Security+ provides foundational knowledge of defense, CEH emphasizes offensive security.
How critical is CEH training for career development in cybersecurity or IT?
Practical skills are essential in cybersecurity, but at a certain point, understanding the theory behind them becomes equally important. CEH offers a robust theoretical framework that complements practical experience, accelerates learning, and reflects a recognized standard of knowledge in the field. It is highly valuable for anyone serious about progressing in cybersecurity.
Should IT professionals pursue the CEH certification? Why is it significant today?
Yes, IT professionals should strongly consider this certification.
Without understanding how attacks are executed, it’s difficult to build meaningful defenses. In today’s threat landscape, this knowledge is indispensable.
Tell us about your journey as a cybersecurity professional.
I began my career in IT project management, where I gradually became more involved in cybersecurity. Wanting to return to a more technical path, I moved into information security and cybersecurity consulting. There, I gained hands-on experience implementing solutions, building secure infrastructures, and helping organizations achieve compliance.
Later, I shifted into penetration testing and built a testing team in Germany. Eventually, I became self-employed. Today, I lead teams of consultants, integrators, and penetration testers, helping organizations improve their security posture every day.
How has the integration of AI tools enhanced your ethical hacking skills and efficiency?
My penetration testers utilize AI tools to expedite simpler scripting tasks, but complex challenges still require human expertise. AI outputs must always be validated, as they are not yet reliable for advanced problem-solving. However, I am optimistic about future AI developments. Given the significant cybersecurity skills gap, AI has the potential to play a meaningful role in reducing it.
Conclusion
CEH remains a highly relevant and respected certification that strengthens both theoretical understanding and practical cybersecurity skills. It empowers professionals to think like attackers, improve defensive strategies, and advance their careers. As cyber threats evolve and AI capabilities grow, CEH provides a strong foundation for addressing today’s security challenges with confidence.
About the Interviewee
Jan-Sebastian Schönbrunn
CEO, Schönbrunn TASC GmbH
Jan-Sebastian Schönbrunn is the founder and managing director of Schönbrunn TASC GmbH, specializing in strategic, structured, and sustainable information security. A certified CISSP, CISM, CISA, CGEIT, CEH, and ISMS auditor, he advises organizations on cybersecurity strategy, governance, risk management, and compliance, creating pragmatic security solutions that strengthen resilience and business value.
