As a professional penetration tester, there’s one thing that rarely if ever gets discussed. Is it that the common image of a hacker, the lone wolf pounding away on a keyboard in a dark room only taking breaks for caffeine and cold pizza and, of course, doing nefarious things all while wearing a hoody, is not true? Not really. Those of us doing (or looking to do this) as a living know better. Is it that a penetration tester is often asked to wear many hats and perform all different types of assessments? Is it that we are asked to be technically minded but also to be proficient in the soft-skills such as interacting with clients and delivering well-written reports? Or that we make great salaries and can perform all of this work remotely from the comforts of our homes? Nope. With as many courses as I’ve taken (and written), all of the certifications I’ve earned, and all of the research I’ve done on the occupation of ethical hacking, there’s still one thing that they rarely cover. As professional penetration testers, we almost always work in a team pentesting environment.
Because of this group aspect, it is important to think about the ways that we can effectively, and efficiently, be a team player. In this article, we’ll cover a range of topics from what a typical day as a penetration tester might look like to the pros and cons of working remotely and finally to advice on being a team pentesting player once you’re working in the field. So, congratulations on getting that job you’ve always wanted. If you want to stay there and progress, keep reading!