Title: Life as a penetration tester
Post by: themadhatter on August 11, 2007, 09:01:59 PM
I just have a question concerning what to expect for the salary range of a Network Security professional.
To give you an idea of what my qualifications are going to be, at the time of my graduation I will have a BS in Computer Science, as well as A+, Networking+, Security+, and OSCP certifications.
What would a starting salary be for a Network Security position for someone with those type of qualifications?
Title: Re: Life as a penetration tester
Post by: don on August 11, 2007, 10:00:10 PM
First of all, welcome to EH-Net and congratulations on your accomplishments.
As for a salary range, that's very hard to say without knowing in what area of security you want to be. I know the title of your thread reads Pen Tester, but are you going to the networking side, the programming side or the management side. What type of company do you want to work for (small or Fortune 500)... and where is a big issue when it comes to pay scale. San Francisco pays much more than Champaign, IL for obvious reasons.
If you don't mind me asking, from where did you graduate and what experience and/or activities did you do while in college? This may also play a part. There are plenty of sites that give you ranges such as CertMag's Salary Survey (http://search.certmag.com/sp?keywords=salary+survey).
Always keep in mind that experience is what brings the most pay. Your credentials are good, but it is just the starting point in a lifelong career. So don't be disappointed when you end up in the lower end of the spectrum. Also, don't be surprised if you don't get a pen testing job right off the bat. Many smart people took years to get there. It doesn't mean that it can't happen, but the odds are against you as experience is king.
With this in mind, may I be so bold as to offer advice? Figure out what you want your life to look like 15 - 20 years from now. Picture everything, job, experience, family, hobbies, friendships, etc. Then plan backwards on how to get there with a 20 plan, then a 10, 5, 1 year and 6 month plans. Then figure out what you need to do right now to reach your first goal in 6 months. After every 6 month period, review your backwards 20 year plan and make adjustments accordingly. You may find some things took longer or your career aspirations have changed. Or you may not like the predominance of paperwork that most pen testers have to do. Either way, this is a great way to visualize your future to make it happen.
Main point of this exercise is to figure out what you want and what career move makes you the happiest and balance that with the rest of your life goals. Make you career decisions based on that and not what job offers the best starting salary. If you're good and work hard, the money will come. Also, you may find that after doing this, money is less of a priority than you thought... or maybe not. ;)
Either way, I hope this helps start the conversation,
PS - I'm moving this to the career section.
Title: Re: Life as a penetration tester
Post by: themadhatter on August 12, 2007, 09:22:21 AM
Well just so you know I do not have all these qualifications yet.
I am currently in my junior year at The Richard Stockton College of New Jersey pursuing my BS in computer science. I recently obtained my A+ certification and am planning on taking my N+ test before my next semester starts which is the end of this month. As for Security+ and OSCP, I plan on taking them either during my winter break or next summer.
Basically the reason I posted here was just to get exactly what you gave, which is advice as to how to plan out a career path. I often find that I accomplish goals easier and faster if I have a written plan and set deadlines.
I would like to start out in the networking side of penetration testing and then move my way up to the management side. Below is some of my job experience so you can have an idea of what qualifications I have and give me advice accordingly.
As far as job experience goes I have 4-5 years in computer hardware and networking experience. I currently have a job as a POS technician where I basically solve hardware issues for coworkers over the phone. As long as I get hired full time there is a good chance I will be able to be promoted and work as a WAN technician and get some hardcore networking experience. So I think that as long as I am in college this job I have is great to gain some experience.
As far as location I am in the NJ area so New York is starting to look like an option for me cause I am not sure South Jersey is the place to find a high paying job or any job in information technology for that matter.
Anyhow, I have been thinking about continuing my education and getting a Masters in Compute Science as well as obtaining the two certifications mentioned before.
So my question is, does it seem like I am on the right track to get into network security and or what can I do to improve my chances of getting a job?
I do not know how easy it is to do so but I would like to have myself as experienced as possible to improve my chances of getting into the security field directly out of college.