Title: Pen Testing Track
Post by: DrivinTin on December 15, 2010, 10:10:36 PM
I know the exact same questions are asked on here, with about every different prospective, and even though I don't post much I have read about all of them. I guess I am just honestly asking for personal recommendations.
I currently have a full time non computer job that allows me to pretty much control every aspect of my schedule, and can drop it down enough that I can transition over to another job.
So what I really want to do is contract pen testing. I have been using computers since I was a kid. Been involved in security about the entire time. I have ran my own computer company on the side specializing in network security, mostly doing vulnerability testing.
I realize that a lot of people want to see certs, so this last few months I did the Net+, Sec+, C|EH. I plan on doing the ECSA/LPT and the CISSP next. Really I am looking for how other have gotten there start in the field. Such as where do I find contracts? Does anyone have the LPT through EC-Council? What are others view of it.
Thanks for any input you guys have, I really do appreciate it.
Title: Re: Pen Testing Track
Post by: ajohnson on March 11, 2011, 11:19:04 PM
I'd recommend the book Million Dollar Consulting.
You seem to already be beyond the point where you're getting certs that few people are going to recognize. Most of the people you will be selling yourself to are not going to be that savvy. If you're pursuing certs to gain knowledge, great. However, I don't think they're going to provide the ROI you're specifically looking for in this scenario. Hit the big ones for show (CISSP, GPEN if you want the SANS/GIAC name backing you up, etc.), and then focus on marketing yourself and keeping up-to-date.