I am looking at pentesting as a potential next step. Based on my initial research it seems doable and might lead to good opportunities down the road...