| I'm going to assume you're interested in network penetration testing in large traditional-IT enterprises: It's very common for folks to enter the security testing field mid-career with a background in something else. This is almost preferable. The domain knowledge you have from your other experiences will serve you well when trying to understand [and find] security issues in related areas. 1. A potential path forward: Don't try to sell yourself as a penetration tester. Sell yourself as a developer who can support penetration testers/red teamers. Modern ethical hacking requires a lot of coding to write new tools and customize existing ones. Even if you don't know much about how to get domain admin, escalate privileges, etc.--you can provide a lot of value just by the ability to ferret through MSDN and turn around C or .NET code that reproduces someone else's research or techniques for a team's internal use. Rewriting existing stuff is really important as a lot of defenses are developed and tuned to public POCs or samples without much imagination for how the technique can vary with a little effort. 2. The Red Team Ops and Adversary Simulation community has a great culture of open research and code. Contribute to an existing project or start your own collection of interesting stuff to demonstate you have the chops to contribute as a developer. 3. If you're looking for the right "foot in the door" qualification, get the Offensive Security Certified Professional (OSCP) certification. It's hands-on and very well respected by the practitioners in this field. While the course will not turn you into a penetration tester, it demonstrates you can tackle the types of technical problems and concepts required to succeed in this work. https://www.offensive-security.com/ 4. Daniel Duggan's Red Team Ops course is good exposure to the concepts and workflows a lot of red teamers/penetration testers work with today: https://www.zeropointsecurity.co.uk/red-team-ops |
I am more on the IT side of things, and want to also transition to infosec. I have taken some CEH labs in college, but didn't get the cert, and I have the training materials for OSCP but didn't study it. I have CS&Engr, & Digital Forensics. My IT background mainly is on network/sysadmin with some *nix. What do you suggest in terms of what I should look for? Titles I've been applying to are security engineer, and SoC analyst and such with no luck. Or do you think OSCP is something I should dig into and get on my own?