How Do You Become A Penetration Tester

Old No Comments on How Do You Become A Penetration Tester 544

You have heard about hacking and the hacktivists that are skilled at it. You know that people hack for different reasons, some of them being ‘white hat’ penetration tester hackers, and others operate for ‘black hat’ or unethical/fraudulent reasons. You think it sounds pretty fun and want to know if you have what it takes to be a penetration tester. So where do you start?

If you don’t have computer experience already, you will want to immerse yourself in books and learn the lingo. You will want to have as much knowledge about different systems as there is to know to be an effective penetration tester. Participating in online forums is a great way to share and gain knowledge, and joining the Linux group will give you an opportunity to help build and understand programs from inception. Learning a program language is an invaluable way to get to learn the intricacies of software. As well as this, learn one or more scripting languages such as PHP and Perl. Understanding (at least) the basics of HTML web design is necessary for anyone who wants to know about setting up and tweaking websites, which is information that every penetration tester must have.

If you already have a computer and information technology background, there are certification programs you can enroll in. One of the most popular certification for penetration testers currently are the ‘Certified Ethical Hacking’ and ‘Penetration Tester’ certifications that are offered through the International Council of Electronic Commerce Consultants, otherwise referred to as the EC Council. There are plenty of job opportunities at present around the world for certified ethical hackers, with an estimated shortfall of skilled penetration testers in India of 450,000 at present. Departments of defense offices in first world countries are all clamoring to hire more penetration testers, as they are deemed an integral part of any solid computer system. As well, larger companies and even small to mid-size companies are following the lead of international corporations and are increasingly hiring penetration testers to ensure their systems are hack proof.

In a way the job of penetration tester is like that of a locksmith. People trust them to gain access to their property without causing damage or stealing anything. As there is such a fine line between a penetration tester and a criminal hacker, companies who employ penetration testers usually hire them through another company whose role is sending on penetration hackers to clients when needed. In this way the companies can take some comfort in the fact that any pentester sent to them would have been properly vetted, and if any past criminal hacking had been found to be committed by the potential penetration tester, the company’s extensive background checks would uncover that.

There are 3 general paths a person takes to become a penetration tester. The first path is to develop from a general enterprise security practitioner and move to penetration testing. The second path is to start by working for a company that focuses on penetration testing. If you are employed in information technology already, you could try getting shifted internally from a systems or administrators role into vulnerability assessment or penetration testing. The third path is to break out on your own. You could always form your own company and begin offering vulnerability assessments to local businesses, building up a clientèle. If you are going to work for yourself it is worth having a Statement of Intent drafted up by a lawyer to limit your liability. Be sure to get liabilities and errors and omissions insurance for penetration testing. This can be expensive, costing up to $3000 annually, but it is a vital part of working for yourself in this field.

Interesting Fact:

– Penetration testers can expect to make between $50,000 and $100,000 their first year and as much as $120,000 per year once a few years experience has been gained.


Michael Mulcreevy

Michael Mulcreevy is a writer and researcher and studied sustainability. He has special interests in technological advancements in the computer age and writes on all things current and future based such as systems for community resilience.

Related Articles

Leave a comment

Back to Top