Unless you have a good connection to an inside source, I would reccomend you get your certification and update your resume. Then go online and google all the security companies out there. Many will have info for how to apply for employment on their site. Send out your info to every place you can. The down side is some companies are not that ethical in their pentesting. I know of one that just has someone go to a site and run a Nessus report and submit it along with a big bill. Such a place may not be too demanding on who they hire, but it might still get your foot in the door for better things down the road. If you do end up in such a place, try and get them to be better about their tests or leave them if they are not interested.
The best way is to attend every security funtion you can and try and network with people. The sad thing is some Admins have greta network skills with computers but when it comes to people they are really lacking!
I have met some great people at events have had some very interesting doors opened for me in the past.
Last edited by Kev on Wed Sep 27, 2006 12:44 pm, edited 1 time in total.