Too many options...want to avoid pigeonholing

awcmondudeawcmondude Registered Users Posts: 1 ■□□□□□□□□□
Hello all,

tl;dr - What's more future proof? Best option? Caveats? Traditional Network Pentesting vs Only Web Assessments?

So just to give a bit of background. I'm under 30 and am currently employed as an IT security person doing mostly Splunk stuff at an extremely large corporation. Pay is ok for now and so is the work environment. A bit dull as it's corporate, but I can't complain. The oncall shift is a week every month, so not that often but can suck when it does roll around. I have a good rapport here and have done well with all of the projects I've been handed. Awards, raises, excellent performance reviews, etc...

I'm not unhappy but am bored with investigations and building alerts. Never was a big fan of responding to things. Think I'd like to try work outside the operational groups. I've thought about getting into the assessment side of things and started talking to people. Two different departments are willing to work with me and give me a shot at a mentor-ship into their teams. One does more traditional network pentesting and the other is purely web assessments (manual web assessments, not automated).

There is also a team supporting and designing Splunk infrastructure that I could probably get into without much trouble. Also other opportunities to delve more into python/django.

None of these would require me to re-locate. So basically I have these 3 options presented to me:

1. Web Assessments (manual web assessments, not automated)
2. Network Pentesting
3. Splunk infrastructure

I have the SANS GWAPT certification and have taken Offsec's PWK course as well (didn't take exam). So no "professional" pentesting experience but I can limp by.

I've done some research and it seems that doing Splunk infrastructure stuff can be quite lucrative. If I just wanted money I'd probably go this route, but I'm worried that will restrict my future options a bit as it's Splunk specific. I think I'd rather try the assessment stuff but thought I'd throw this one out there for the heck of it.

I think the Web assessment team would be the easiest to get into as they're hurting for assessors. I know people who've moved from the web team to the network pentesting team as they got burned out with such narrow scope. That was kind of my thinking. Stick around for a year or two until you're sick of web then move on. By that time though I'd be much better at web than if I just started with a broader scope. So start narrow then broaden.

I know most of pentesting is paperwork and writing reports, but at least I'm mostly left alone. (That's what everyone on both teams tell me) I like being able to focus on a task without constant interruptions like investigations.

I want the position where I'll learn the most and become more valuable, but both look capable of that. It comes down to what do I want to do, but I'm looking for any sage words or suggestions if anyone has any.

Thank you for your time,

icon_study.gif
Sign In or Register to comment.