How to Become a Penetration Tester

Penetration testing is a hot cyber security job and demand continues to grow as companies focus more on security. Penetration testers are legal hackers working for a cyber security or IT company to test network, application, and physical security among others. They are often called ethical hackers or White Hats. Job titles in this profession vary, making a job search somewhat difficult. Other titles might include variations of security analyst, red team engineer, and security specialist. Starting out, you can expect to make in the range of $60,000-$80,000 annual salary depending on the metro area you will be working in. Once you have some experience the pay can go up to about $120,00 for a senior level Penetration Tester (adjusted for more expensive areas like California, NY, DC). Demand for director and executive level positions with a security background is skyrocketing right now, so the potential growth is enormous in this field. Here is the framework for landing your first penetration testing job:

1.      Get a technical degree

It is not absolutely required to have a technical degree or any degree at all, but it becomes much more difficult to prove your value and experience without any degree. Many job postings say a degree is required but if you are technically competent and have some experience you can overcome this with a little bit of persuasion. If you have any connections in the industry a referral can often go further than a pedigree. See #4 below for tips on expanding your network. If you plan to go to school, or are already in school a major in computer science or MIS is a great start. If you know you want to go into cyber security go for a school with a cyber security program, or if you already have an unrelated degree you might consider a cyber security program as a post-bachelor option. I am located in Florida, and all of the Florida state schools have a program due to a state-wide government initiative. Make sure to talk with current professors and students to understand the scope of the Cybersecurity Program.

There is a lot of hesitation to hire people without a degree mostly due to stigma, but don’t lose hope if you don’t have one. A four-year degree can be very costly and many hackers are self-taught. You can learn pretty much everything online today so consider your options before taking on a ton of debt to go to a traditional college.

2.      Get security/penetration testing certifications

Having security related certifications will get you more interviews and will result in a higher salary level. However, getting a security certification does not guarantee you a job as a pentester. Below are some certifications you will want to investigate if you haven’t already:

EC-Council (CEH, ECSA/LPT) -

SANS Institute (GPEN) -

COMPTIA Security+ -

Offensive Security – (OSCP) -

Good penetration testers also have a strong foundation in networking, OS, and programming so technical certifications related to these areas will be beneficial and will vary based on the specific company. Exposure to web application security/pentesting will also be of benefit due to the growing demand in this area.

3.      Get training/experience

Look for a company or internship that will hire you without experience or volunteer on opensource projects which you can add to your resume. GitHub is one place you can go to find opensource projects to work on. You could also try non-profit organizations - even better if they support a cause you are into yourself. Maybe your church or animal shelter needs network security. The takeaway is to keep looking and taking action and something will work out. Luck is only for those that are taking action! Check with cyber security companies for internships, even if they are unpaid this can pay off in the long run with a job offer or at the very least that first step to getting real experience. You can also try freelance work after you have a little experience with projects. Most states allow you to form an LLC online for a small fee, usually not over a couple hundred. There are numerous websites dedicated to freelance work, but you might also be able to find your own leads through your network or if you hear about companies with security issues in the news. Check out our article Why consulting should be your next career move.

4.   Use your network

If you are introverted or have social anxiety you can do this! Remember, a lot of people in this industry feel the same way, that’s part of how they ended up in this career path. Unfortunately, if you get the job you will need some people skills, and the ability to communicate is often a deciding factor when candidates are closely tied with technical ability. Practice is key. Go on and find a hacker group for example. There are groups on LinkedIn, Twitter, Facebook that might have local events. There are also local chapters of ISSA (Information Security Systems Assoc.) you could check out for networking opportunities.

5.  SELL Yourself in an interview

When interviewing for a pentesting job think “What value can I bring this employer?” or "What value can I bring the company’s customers?" The mistake many people make is thinking only about what’s in it for you and what your demands are. While you clearly need to consider those things, seeing it from the prospective company’s view will help you sell yourself. How are you going to fulfill the needs of the company? Good penetration testers are a little creative and come up with new ways of testing security that the company may not have thought up. Show your creative side, and if you have experience, explain how you’ve used that to solve security problems in the past. Thinking through this will help you answer those dreaded situational interview questions that all start out ‘tell me about a time when…’. I also suggest practicing before the interview as much as possible. A recruiter will help you do this, but the more practice the better. Grab a friend, roommate, or a fellow pentester and you will appear more confident when the big day comes. Glassdoor is a great place to check for interview questions for a specific employer.

6.  Call a recruiter that focuses on security roles

I do mean call, not email. Recruiters get bogged down with tons of great candidates, so a phone call can help you stand out. If you already have experience and are looking for the next challenge, a recruiter that is focused in the security space can get you in with companies. I don’t suggest using a large generalist recruiting firm for such a technical role as a penetration tester - the recruiter just won’t have the knowledge or connections to properly help you. CSOonline has a list of cyber security recruiters and is a great place to start. Go with your instinct on choosing who will represent you. If you are unemployed and really need a paycheck, find a recruiter who can contract you out. This will help you to start earning money and paying back those school loans, and also will get you health insurance and a retirement plan if done through an employee leasing company. Don’t get discouraged if the recruiter doesn’t find something right away, it’s sometimes like getting the stars to align with the right job and right location. Stay present and check in every few weeks or months.

If you are ready to become a penetration tester, or already are, email to see what opportunities we have for you. Stratus Search is a cyber security recruiting firm that places professionals nationwide.