The prospect of working as a penetration tester (also called ‘professional hacker’) can be very enticing to IT professionals and new graduates – and it’s easy to see why. IT security can seem like an exciting industry to be in. But what exactly does it take to become a penetration tester? Here are all the basics you need to know.
Where Do You Start?
One of the main prerequisites to qualifying for a penetration testing job (at any level) is exposure to hacking, IT security, and computer science. This is a highly specialised job, after all. Some of the common starting points to penetration testing careers include the following:
• Existing IT professionals (system administrators, network engineers, developers)
• Graduates of courses like computer science, ethical hacking, and cyber security
• IT students who hack as a hobby
If you have a similar background, try your luck applying as a penetration tester online. The best place to find postings in this industry is a specialised job site that posts only IT security jobs.
What Characteristics and Skills Make a Good Penetration Tester?
Beyond raw technical knowledge, a good tester also has the following:
1. Passion for IT security. The best penetration testers are genuinely, deeply interested in IT security and technology in general. They are constantly up to date with the latest news and developments in the field.
2. Ability to self-learn. The IT industry is one of the most dynamic, so constant up-skilling and personal development is required. A good tester has to be autodidactic because knowledge in this field becomes outdated very quickly.
3. Good fundamental knowledge. Though it’s possible for a very good hacker without formal training to become a penetration tester, having an IT related degree can certainly provide grounding. This is why many companies look for experienced systems administrators, developers, and network architects when they post penetration tester jobs. The best candidates are those with a comprehensive understanding of enterprise infrastructures.
4. Technical abilities. Penetration testing requires technical knowhow of the latest versions of software as well as hardware as they are released. Coding or scripting skills are an advantage; that said, some testers can’t write code but are able to break very well.
5. Writing skills. Clients expect penetration testers to document their findings, so the ability to write coherent sentences is certainly necessary. Penetration testing companies are always looking for testers with the ability write and read English well.