I think its important to be aware of both the good things and some of the bad things that are involved in being a pentester. Some schools make it seem like all you do is try and break into a system using some cool hacks and then you get paid and go off to your next client and hack his network, all the while wowing them with your amazing hacking genius. Well, its not like that.
First of all, you need to be good at paperwork. Sometimes lots of paperwork! Corporations respond only to very well constructed reports. I have seen really good pentesters get hurt by this. On the other hand I have seen poor testers impress their clients with some very well done reports.
Also, you need to be a very skilled diplomat. If the client you are dealing with has their own Admin, it can be a little uncomfortable sometimes. Often they are scared to death you are going to make them look bad and don’t want you there. It can be a little stressful if you are conducting an onsite security audit and have all the Admin glaring at you and trying to sneak and see what you are doing. The trick is getting them to feel you are not against them and anything presented will be done in a way as to not make them look bad. You are there to “tweak” the security. If you do find someone has been terribly incompetent, then you need to be prepared for the possibility you have just caused that person to lose their job. Are you comfortable with that? You need to be, because often there is a lot at stake.
So why would someone want to have to deal with all that? For 2 reasons. One is it does give you the chance to legally hack! The other reason is if you feel what you are doing is positive. You sometimes are helping to protect a lot of innocent people from things like identity theft, etc...