How did you choose your job in the field?

Hello, I'm asking this question because I'm really confused between two professions in the security industry. I'm confused between malware analyst and penetration tester. So how did you choose your profession. You choose it because of the salary, because you like it or the fate choose it for you?

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

gbdavidx

try them both? do one job and if you like it stick with it, if not go the other route

codedwar

Fate mostly chose my profession as I got into the industry by joining the military as a Network/crypto tech. I chose the job but really had no idea what it was. I have always thought penetration testing would be pretty cool to get into.

N2IT

Fate with a little bit of unguided direction.

To be honest until I had a true professional mentor, advocate in my life I was lost. I saw someone in action and literally went up to them and said I want to do things the way you do them. I had ~2 years with that individual and that impacted my career more than any degree or certification, in fact any other job I have ever had.

Disas_main

gbdavidx wrote: »

try them both? do one job and if you like it stick with it, if not go the other route

I'm really flattered that you are intrested in my career path, but I'm still very young I'm only 16 years old. But both proffesions are too different. This summer I have opportunity to work for the ISP in my town, I will help to the network administrator so I hope that this will help me to choose because this is more closer to penetration testing than malware analysing. If I like it I will try as pen tester or security analyst, but for now pen tester is on first place since the salary is bigger.

Antonio72

My first tech job I got shortly after getting my A+, it was as a technical assistant and was only the second interview I had been called for in the almost 3 months I had been applying for jobs. The first interview didn't go all that well, for the second they hired me right on the spot. I thought it was more of a tech support type of position and that I would one day work into more of the networking side. But I was wrong, the position was actually a for a programming assistant, I had no clue about programming anything and just took the job because I needed the money. From there I moved my way into programming and found that I really loved it. Now I'm trying to learn more programming languages and getting my degree so I can get an actual decent paying job.

So basically, I found my passion purely by accident.

linuxlover

I don't believe in fate and it doesn't exist for me. I chose my job because I liked it, wanted it and worked hard for it. If I was looking to make a lot of money I would've become a plastic surgeon or a market analyst.

certoi

Well, I think it all depends on where your passion truly lies. Go into some study material in both studies and see which one more interest you.You don't want a job that you hate doing and being left with a conscience of remorse later on.

paul78

@Disas_main - Judging from your earlier posts, it sounds like you are still very very early in your career and presumably you haven't even entered the workforce. Great for you for thinking of the future. It's probably very premature to consider such differences. The fact that you know that you like IT and specifically security aspects is a good step. You have probably 40 years of a career to look forward to - and a lot will change - so my best advice is to be flexible.

Welcome to IT and the TE forums. Hope you enjoy the journey.

ITforyears

In the military, security professionals are expected/trained to do both and personally; I lean towards pen testing. But working for the DoD, I am more of a malware/security analyst than anything else (e.g. IDS, honeypots, etc).

Disas_main

certoi I ask from curiosity not about my career. paul78 I prefer not too look back, only forward. ITforyears I think your wanted your job and as linuxlover said "I liked it, wanted it and worked hard for it."

paul78

@Disas_main - I'm not suggest that you look back - what I was suggesting is that you don't lock yourself into a future because you have a perception of some particular role in IT today. I.e my comment about being flexible.

LionelTeo

Its all about doing what you like to do, and not for the pay. If its for the salary, we will all be in the financial role now. For clarification, Pentester did not earn more than malware analyst, they earn the same as forensic analyst. Malware analyst earns about the same as exploit researcher. If you are not doing what you like, eventually you would stop to even wanting to work in that industry, and thus put a halt to your career and salary growth in anyway.

I got in IT Security by mere luck in my first work, decided to break into pentest but focus on SOC as its an enjoyable work. I push up the career rest on my own. There is still interest for me to move to pentest, exploit research or incident handling in the future, but still keeping in under consideration. Everything has its place in this world.

philz1982

My career naturally progressed towards IT. I chose my initial role as a BAS Programmer because it was that or working at a glass factory or soap factory post military.

RHEL

I chose it based on my interests. I have been a Linux geek for quite a while on a end-user level and made a point to find a job after graduation that utilized Linux. Although I've been with three companies now over 4.5 years, the only IT position I've held (full-time) has been a UNIX/Linux systems administrator. Wouldn't have it any other way