Some background on me, I have a master's in information security, a great GPA, and over 10 years of IT and software development experience. My security-related experience is limited to one internship, and my current position of doing part-time, unpaid website pentesting for a small startup company. My resume is good enough that I receive callbacks for 80% of the jobs I apply for, but my problem is actually passing the subsequent interview rounds as I don't know the answers to certain technical questions due to my lack of experience. So my idea for the past year has been to work on various certifications and classes like eCPPT and HackingDojo to try to gain knowledge so I can pass the technical parts of the interview.
As a result, I haven't really considered these audit or policy positions as I don't think they'll provide me with the answers to questions like "How many IPs are on a /23 network?" or "Where is Libc located in Linux?" I'd rather work on certifications and teach myself various things instead of working on policy stuff I don't care about. Are there any types of contract positions (besides the obvious like network security, intrusion analysis, etc), that I should be on the look out for that would help me start a career as a pentester?