Looking For Advice on Next Steps For Pen Test Field

aderon

My goal has always been to get into a strictly pen testing role and I've been working towards that for a while now. I'm at a point where I have a few branching options I can choose from to work towards that goal, but I'm unsure of which direction I should take.

My Background: To sum it up, I have 4-years work experience in linux, networking, and scripting, but none directly in security. I've also got a BS in IT - Security and some certs (Under my avatar on the left). My only direct security experience is study and lab-related.

These are the three options I'm considering and I've listed what I believe to be the pros and cons of each. I'm looking for input as to which path you would pursue or any guidance/advice you might have for me?

Path 1) Immediately look for pen test jobs across the US (Willing to move anywhere to get the job)
Pros: Immediately get into the field and start racking up knowledge and experience.
Cons: Will likely come in at a low salary due to limited security experience and no pen test knowledge. This could also be a complete waste of time as I'm not sure if I can even land a pen test job yet. Chances are, that if I did land anything at this point, it would be at an extremely low level or potentially just an internship.

Path 2) Look for ANY general IT security job in my area. Work that job for ~9 months while I earn my OSCP and then look for pen test jobs across the US
Pros: Gives me a little bit of general security experience that I think will benefit me when I look for a pen test job. I've seen a few postings that want some direct security experience. Also, having the OSCP will make the job search much more time efficient and I think I can leverage the knowledge from it to negotiate a higher starting salary. Also, I believe the number of jobs I would qualify for would be much higher.
Cons: This is the longest option and delays my efforts to break into the field by about 9 months. Also, it could look like I'm job hopping.

Path 3) Stay where I'm at and use all the extra time I have (I've got about 4-6 hours of study time per day available while at work) to finish up the OSCP in about 4-6 months.
Pros: Quickest route to getting the OSCP. I think the knowledge from the OSCP will help open up a lot more positions for me and will most likely make the job search more time efficient.
Cons: This means I'll have no general security experience when I'm applying for pen test jobs which means I could possibly get low-balled or disqualified due to the job requirements.

Sorry for the obnoxiously long post lol. Any tips/thoughts would be appreciated!

636-555-3226

Resume notes - I'd change "in-depth knowledge of..." - that doesn't jive with 4 years of IT experience. I'd change in-depth knowledge to something like "10 years of" or however long you've been doing it

Also you get a new job every year - be prepared to explain that, esp. if you've moving into a consultant's world where security guys jump ship every 6 months.

I'm glad you're going for the OSCP, but that isn't going to be the end all be all of the job of your dreams. It's a help, but make sure you're well rounded in all pentest aspects. familiar with all of the standard tools? it sounds like you're real knowledgeable about linux, but you need a strong windows & powershell foundation, too. web app testing is also fairly standard nowadays. also don't learn just how to hack into things - you need to know how to fix them, too. if you tell me my workstations are susceptible to some random LLMNR hack - what's that mean? how can I fix it? what might that break? are there any alternatives?

any of those paths are possible, but i'll give you a few notes re: each:

path 1 - you'll probably have an easy time getting a pen test job, esp. if you're looking nation-wide. people are sucking up anybody with any interest in security and you won't have a hard time finding a "hot" market. yes, you'll get the entry-level salary, and if you're working at a big firm you're basically going to be some higher-ups bi*** doing the junk work. small- to mid-size firms you'll be a little more free, maybe.

path 2 - general security jobs are also relatively easy to come by, esp. if you can go anywhere. OSCP isn't going to help you much, 95% of security departments/people have no idea what it is. it's very surprising to me that most people who work in this field have such a narrow viewpoint where they don't see anything (willingly or otherwise) outside of their immediate work environment. i'm sorry to say the OSCP isn't going to give you much salary negotiation room for a basic security role, esp. if pentesting is your forte and you haven't been using a siem, ips, av, firewall, etc for years with that expert-level knowledge that can indeed demand a higher salary. oscp qualifies you for red teaming, but that's about it for general security work, and nearly all employers don't have a red team unless it's a large organization with a mature security program (not as many of those around as you'd think).

path 3 - oscp isn't going to magically open doors. it will help with applying for pentesting jobs.

636-555-3226

sorry, didnt' mean to be a debbie downer. you're on a good path and you're interested in working in a hot field. i think the OSCP is great, and I'd recommend also brushing up on other infosec basics. if nothing else, download and play around at least a little with splunk, snort, nessus, turn two-factor on everywhere, etc. round out the skills and that well-roundedness will really help with any security job, not just a red team job. also pentesting is a lot of fun so i'd definitely recommend sticking to it and pursuing it further.

aderon

636-555-3226 wrote: »

path 1 - you'll probably have an easy time getting a pen test job, esp. if you're looking nation-wide.

That's encouraging news. I'm thinking perhaps it might be worth testing the waters for a few weeks to see what kind of responses I'm getting. Worst case scenario, I waste a few weeks, but the potential upside seems to be really good with this option.

636-555-3226 wrote: »

path 2 - OSCP isn't going to help you much, 95% of security departments/people have no idea what it is... ... I'm sorry to say the OSCP isn't going to give you much salary negotiation room for a basic security role, esp.

I just meant that I'd seen a few pen test positions where they're looking for things like 1-3 years of work experience with firewalls, IDS/IPS, SIEM, IPSec and SSL VPNs, etc. I've studied and labbed those things, but have no work experience in it.


I guess my thought process was that even if I didn't have 1-3 years of it, perhaps getting a general security job temporarily where I could do those things for a bit (While studying for the OSCP and eventually leaving the general security job to look for a pen test job) might be beneficial. Like you said though, I've already had quite a few job changes and joining a company just to get a little bit of experience and then leaving for the job I actually want (pen test job) probably would not look good and could burn some bridges.

636-555-3226 wrote: »

sorry, didnt' mean to be a debbie downer. you're on a good path and you're interested in working in a hot field.

Haha no worries! I didn't take it that way at all. I actually found this really encouraging. I'm also not easily discouraged. I know that if I keep focused and learn as much as possible, eventually I'll be able to do what I want to.

636-555-3226 wrote: »

also pentesting is a lot of fun so i'd definitely recommend sticking to it and pursuing it further.

I think that's what draws me to it. The little bit I've been able to pick up from gathering oscp resources and reading about it really interests me.

aderon

Anyone else have any other thoughts on the options I'm looking towards?