EH-Net

Hi All

Although I have been in security field for some time now (2 years) but still can't break into security asessment (penetration testing/security reviews) field. Can you please advise me on how to get such job.

FYI, I have been involved in security auditing for my organization, security code reviews for my previous projects, OWASP local chapters and writing articles on penetration testing.

But still I am unable to break through coz of lack of penetration testing experience

maybe u should have a LPT ( Licenced Pen Tester) Certification for that.
U havent mentioned your qualifications like what certifications u have achieved.
If you do ECSA or CISSP, u'll definately get a job as pen tester.

Hope that helps !
 :)

you dont need an LPT to get into pen-testing.

where are you posting your articles, that always helps.

are those articles in your resume to show prospective employers?

not sure where you are located, but have you considered volunteering?  you need to actually "know" the people you are helping but an audit is an audit and you gain experience.  standard, get your permission, get out of jail card, and make sure the person you are helping knows you may be breaking things disclaimer applies.

are you posting to full disclosure, pen-test, security-basics, etc to get your name out there as somehow may know a thing or two.  use caution with that though, google archives go pretty far back  :-\ if you are trying to get known as someone in the field i would be careful about what you stick out there on the net with your name on it, that includes forum posts, mailing lists, and blogs.

i dont appreciate the reply. What do u mean to say ?
Please be precise.

I don't think the comment was directed to you. He was just implying to everyone that what happens on the net, lives on for eternity

Getting an LTP cert can only help. More then that just keep networking the best you can and maybe try getting in touch with some recruiters in your area.

As a side note, are you at least getting interviews? If not, you might work with a resume expert to polish it up a little.

Not sure where you live, but if you live in a smaller city like me, its really hard to land a high paying security job, because there's not many of them. And often times, its already decided that a friend is getting the job before its even posted.

boney, that post was for the orginial poster not you and it certainly wasnt a shot at anyone.

nainsandeep, I agree with Boney that you should (if not already have) study for and obtain your LPT, ECSA or CISSP certification. I wish I could go for the CISSP or CEH as I also want to get into pen-testing but it looks like I'm not allowed to write the exams since I don't even have general IT security experience yet.