The Experience "Catch 22" trying to get 1st hacking Job

Viewing 6 reply threads
  • Author
    Posts
    • #3708
      hackernovice
      Participant

      Hello There

      Im nearing the end of a Masters Degree in Ethical Hacking and Computer Security.

      Im finding getting work in Pen Testing a bit of a challenge due to the chicken and the egg situation of not having experience and no one wanting to give me experience by hiring a newbee. How do you break into the industry if no-one will hire you raw? I am not arrogant enough to think I know it all and want to work closely and be mentored on the job, but no one seems interested unless you have 5 plus years experience.

      Does anyone know a comapny that would be interested in hiring someone and shaping and moulding them into an experienced pen tester? Or are other newbees finding the same problem?

      Thanks

      Graeme Stevens
      MSc Ethical Hacking
      University of Abertay Dundee
      Scotland

    • #23804
      impelse
      Participant

      If I was you I would try to do a normall IT job, like Network Administrator, Network Engineer, Field Tech, etc, etc.

      I do not know your exp but they normally look for if you have exp with different system (OS, network devices, etc) and if you know them well, after you know how the technology works, you will able to hack them (that’s the way how many people think before hire you).

      This is my 2 cents

    • #23805
      jason
      Participant

      Or for that matter, any job in security, not just pen testing. Anything relevant that you can get on your resume will help you in the future…

    • #23806
      crk
      Participant

      My security job came from doing routine IT work for a small company. Just start at the bottom and work your way up.

    • #23807
      timmedin
      Participant

      @jason wrote:

      Or for that matter, any job in security, not just pen testing. Anything relevant that you can get on your resume will help you in the future…

      I’ll second Jason’s comment.

    • #23808
      Jhaddix
      Participant

      @hackernovice wrote:

      Hello There

      Im nearing the end of a Masters Degree in Ethical Hacking and Computer Security.

      Im finding getting work in Pen Testing a bit of a challenge due to the chicken and the egg situation of not having experience and no one wanting to give me experience by hiring a newbee. How do you break into the industry if no-one will hire you raw? I am not arrogant enough to think I know it all and want to work closely and be mentored on the job, but no one seems interested unless you have 5 plus years experience.

      Does anyone know a comapny that would be interested in hiring someone and shaping and moulding them into an experienced pen tester? Or are other newbees finding the same problem?

      Thanks

      Graeme Stevens
      MSc Ethical Hacking
      University of Abertay Dundee
      Scotland

      This is where many argue that certification bridges a gap. If have something like SANS, or your OSCP, its supposed to show something akin to experience.

      When looking for a steady job, wording is sometimes the tricky part. I would look for local auditing and pentesting companies close to you, and see if they have an jr level positions open.

      Pentesting falls into the hands of all kinds of different positions though, look for:

      Jr. Security Engineer
      Jr. Systems Auditor
      Jr. Security Operations Engineer

      or look for openings in the NOC/Security Operations, Systems Engineering, and other IT/NOC departments in PCI compliant workspaces.

      Tell them you can save them a bundle on PCI testing…

      or was that car insurance? … damn Gieco…

    • #23809
      Anonymous
      Participant

      i would:

      1. try to volunteer anywhere that would let you do anything remotely related to pentesting…even being a scanner monkey or do pro bono work for anyone that will let you, churches, charities, etc standard be careful you need to have half a clue warning applies

      2. get involved with a local security group, it really is a “who you know” business

      3. volunteer with an open source project

      4. if your school or local universities do any CTF exercises participate.

      you can make up that 5 years of experience if yo get “creative”

      also you’re probably going to have to bite the bullet and take a junior position to get your foot in the door. 

Viewing 6 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?