- This topic has 6 replies, 7 voices, and was last updated 11 years, 9 months ago by
Anonymous.
-
AuthorPosts
-
-
April 20, 2009 at 1:10 pm #3708
hackernovice
ParticipantHello There
Im nearing the end of a Masters Degree in Ethical Hacking and Computer Security.
Im finding getting work in Pen Testing a bit of a challenge due to the chicken and the egg situation of not having experience and no one wanting to give me experience by hiring a newbee. How do you break into the industry if no-one will hire you raw? I am not arrogant enough to think I know it all and want to work closely and be mentored on the job, but no one seems interested unless you have 5 plus years experience.
Does anyone know a comapny that would be interested in hiring someone and shaping and moulding them into an experienced pen tester? Or are other newbees finding the same problem?
Thanks
Graeme Stevens
MSc Ethical Hacking
University of Abertay Dundee
Scotland -
April 20, 2009 at 3:59 pm #23804
impelse
ParticipantIf I was you I would try to do a normall IT job, like Network Administrator, Network Engineer, Field Tech, etc, etc.
I do not know your exp but they normally look for if you have exp with different system (OS, network devices, etc) and if you know them well, after you know how the technology works, you will able to hack them (that’s the way how many people think before hire you).
This is my 2 cents
-
April 20, 2009 at 4:02 pm #23805
jason
ParticipantOr for that matter, any job in security, not just pen testing. Anything relevant that you can get on your resume will help you in the future…
-
April 20, 2009 at 5:17 pm #23806
crk
ParticipantMy security job came from doing routine IT work for a small company. Just start at the bottom and work your way up.
-
April 21, 2009 at 1:43 am #23807
-
April 21, 2009 at 12:38 pm #23808
Jhaddix
Participant@hackernovice wrote:
Hello There
Im nearing the end of a Masters Degree in Ethical Hacking and Computer Security.
Im finding getting work in Pen Testing a bit of a challenge due to the chicken and the egg situation of not having experience and no one wanting to give me experience by hiring a newbee. How do you break into the industry if no-one will hire you raw? I am not arrogant enough to think I know it all and want to work closely and be mentored on the job, but no one seems interested unless you have 5 plus years experience.
Does anyone know a comapny that would be interested in hiring someone and shaping and moulding them into an experienced pen tester? Or are other newbees finding the same problem?
Thanks
Graeme Stevens
MSc Ethical Hacking
University of Abertay Dundee
ScotlandThis is where many argue that certification bridges a gap. If have something like SANS, or your OSCP, its supposed to show something akin to experience.
When looking for a steady job, wording is sometimes the tricky part. I would look for local auditing and pentesting companies close to you, and see if they have an jr level positions open.
Pentesting falls into the hands of all kinds of different positions though, look for:
Jr. Security Engineer
Jr. Systems Auditor
Jr. Security Operations Engineeror look for openings in the NOC/Security Operations, Systems Engineering, and other IT/NOC departments in PCI compliant workspaces.
Tell them you can save them a bundle on PCI testing…
or was that car insurance? … damn Gieco…
-
April 25, 2009 at 7:40 pm #23809
Anonymous
Participanti would:
1. try to volunteer anywhere that would let you do anything remotely related to pentesting…even being a scanner monkey or do pro bono work for anyone that will let you, churches, charities, etc standard be careful you need to have half a clue warning applies
2. get involved with a local security group, it really is a “who you know” business
3. volunteer with an open source project
4. if your school or local universities do any CTF exercises participate.
you can make up that 5 years of experience if yo get “creative”
also you’re probably going to have to bite the bullet and take a junior position to get your foot in the door.
-
-
AuthorPosts
- You must be logged in to reply to this topic.