How to Become a Pen Tester

Article Penetration Testing
How to Become a Pen Tester

 

I frequently get asked the question, “How do I become a pen tester?!” Although there is not a single correct path, I want to share how I hacked my way into this dream job and tips/resources that will aid one in becoming a penetration tester.

My career began when I started an associate degree program in IT Networking and Security Management. Being a student pursuing an IT degree helped me land my very first help desk position. I was so flustered with the vast number of applications that I was expected to support, and I didn’t know anything about them (~200 applications, many of them custom)! I sure am glad I stuck it out. Within three months, I was promoted to a Tier 1.5 position, then another three months later I applied for and was chosen for an on-site Tier 2 support position with a large manufacturer of agricultural and construction equipment. I was hungry for more, so I pursued a few certifications such as the Comptia A+, Net+, and Sec+. Next up was a Bachelor of Science (BS) degree. This degree and the few certifications I held led to my next job as a government contractor.

I was a fairly new domain administrator sitting in a network operation center. Hearing office banter and annoying laughs constantly coming from the other side of a cubical wall, I asked a co-worker who the guys on the other side were. This co-worker explained that they work for an organization that does incident response, monitors the network, and does penetration testing. I knew then that I wanted to be a part of that organization. I applied for a system administrator position with that organization a year later and was hired.

Still being hungry for information, I learned everything I could. I asked to shoulder surf whenever tasks were being performed by others that I didn’t know how to do and I chased more certifications. I was afforded the opportunity to cross train and become a “backup penetration tester” to lend a hand when the full-time testers were tied up and they needed extra hands on pen tests. Later I applied for and was offered a lateral transfer to a Network Analyst position, and about a year later moved to the Penetration Testing Team. Finally! I made it to where I wanted to be, but quickly realized I still had a lot to learn. Previously I had felt like chasing certifications would help me learn. It did a little bit, but the biggest thing it did was lend a little edge to my resume; until I learned of the OSCP.

The Offensive Security Certified Professional (OSCP) certification was like no other training/certification I had pursued. I learned so much and quickly realized that this intense, hands on, “show us what you know” type of exam really tested your skills and was a much more valuable certification than all the other dozen plus certifications that I held. I still wanted more. Working for this DoD organization, there were a lot of tactics and aspects of pen testing that we were not able to practice. I joined CampusGuard over 4 years ago, and love serving our customers. As a security consulting firm, we perform penetration testing on systems/networks with varying degrees of security maturity which forces us to keep our skills sharp.

I feel that my previous positions on a help desk, on-site support, domain and system administrator, and network analyst definitely all helped me prepare to become a better penetration tester. The certifications and degrees helped get me in the door for new positions and the OSCP helped me understand that I didn’t know what I thought I knew.

So back to the topic of “how do I become a penetration tester”, learn. Learn all that you can. Learn how to:

  • Administer Windows and Linux systems, active directory, network devices
  • Learn the common network protocols, how they work, and how to secure them
  • Follow other security researchers, penetration testers, and security professionals on Twitter (there is a WEALTH of information there!!)
  • Go to security conferences for the presentations, networking with like-minded individuals, and participate in capture the flag competitions
  • Download vulnerable VMs to hone your skills, sign up for Hack The Box or PentesterLab
  • Learn a coding language, start writing code to accomplish simple tasks or a tool for a particular purpose. Don’t worry if there are already 50 tools out there for the same purpose; you are doing it to learn
  • Start a blog!
  • Humblebundle.com often has bundles of e-books for cheap (at the time of this writing, there is a bundle of 14 python programming books for $15)
  • Learn online – Udemy.com has lots of training courses that cost very little

Bottom line is, learn all that you can, network with people in the industry, research what companies are looking for by analyzing open job postings, and hack your way into becoming a penetration tester.

Share

About the Author
Chad Wheeler

Chad Wheeler

OSCP, CEH, CISSP, PCIP, ASV

Manager, RedLens InfoSec

Chad Wheeler has more than ten years of extensive experience in delivering offensive security services, evidenced by the extreme nature of penetration testing exercises he performed against the Department of Army Systems across the nation and against US Army websites. As Manager of CampusGuard’s RedLens InfoSec team, a division of CampusGuard, Chad is responsible for the team of professionals that provide penetration testing, vulnerability scanning, social engineering, and security assessments to our customers. Chad has authored and restructured information assurance documentation, compliance reporting, and operating procedures during his time with the United States Army - leading the scanning, remediation, and hardening efforts for the infrastructure team during three Command Cyber Readiness Inspections and receiving "outstanding" scores for the Department of Army.