Changing Career Path

sodump

Hi , I have been thinking to change my career path as a pentester . I am CS graduate and working as Full stack web developer for 2 years. I have work with both mobile app and web app. I have always interested in cyber security . As there are few opportunities to start career as Pentester in my country I decided to not choose this path. As I said , I am passionate about cyber security . Now I want to make a change to my career and start as a Pentester. I would really appreciate your valuable suggestion . TREAT me as a NOOB. I want career guidance from where to start . Which exam to go for ? any suggestion you think will add value in my learning path. Thank You

JDMurray

Welcome to TE! 

What is your background in pentesting and what have you already done to learn more? Have you looked at the pentesting certifications (PenTest+, eJPT, OSCP), or worked on any of the pentesting elearning sites (TryHackMe, HackTheBox), or subscribed to any Bug Bounty programs (HackerOne) for practice? As a developer, you can also contribute volunteer work to many Open Source pentesting projects.

sodump

Thank you for Warm Welcome. 
I am linux enthusiast . Working with it around 5 years. Just out of excitement tried few tool in kali . Having some udemy course . But not proper determinate as now.  Now I wanna go proper certified way with exam . Which exam preparation should take first and next way to move up ?

JDMurray

You should consider the eJPT and PenTest+ exams.

Coincidentally, Humble Bundle just released a No Starch Press hacking and pentesting bundle.

UnixGuy

Welcome to the forums

fantastic advice from JD as always! Pentesting will be right up your alley

I always recommend cloud certs for people wanting to get into security, I believe they give you a skill thats in demand and helps build your foundation

sodump

Thanks @JDMurray
Thanks @UnixGuy

Moon Child

sodump said:

Hi , I have been thinking to change my career path as a pentester . I am CS graduate and working as Full stack web developer for 2 years. I have work with both mobile app and web app. I have always interested in cyber security . As there are few opportunities to start career as Pentester in my country I decided to not choose this path. As I said , I am passionate about cyber security . Now I want to make a change to my career and start as a Pentester. I would really appreciate your valuable suggestion . TREAT me as a NOOB. I want career guidance from where to start . Which exam to go for ? any suggestion you think will add value in my learning path. Thank You

just as a word of warning...everyone wants to get into Security You face tough competition. I have met a lot of people who wanted to do Security in IT, but they are doing something else instead. It is the words I have commonly heard out of many co-workers mouths at IT Jobs I have had "I want to get into Security".

I guess where to start? Well I had passed the Security+ exam... maybe you  can start there for certification exams.

UnixGuy

Moon Child said:

I have commonly heard out of many co-workers mouths at IT Jobs I have had "I want to get into Security".

I hear that, but when I follow that with "What have you done to get into security?", I hear crickets.

JDMurray

I hear stuff like, "I want to get into Cyber Forensics!" I then ask, "What do you think Cyber Forensics is?" Then I hear crickets.