Re: Requesting Informational Interview

["Rob" <wia () ignoranceisbliss info>]

Here is a response that I received.  The sender information was cleaned,
per their request.

---

> My questions:
> I am trying to discover the best path, to get me from here to there.
What
> was it that you did to get there?
A passion and mindset for the job.
> What do you think are the good parts of the job?
The amount of learning required to stay on top of things.
> What do you think are the bad parts of the job?
Paperwork.
> What is it about pentesting that keeps you coming back?
The 'YES' feeling after gaining access to xyz. As an child of an
ultraconservative mother and authoritative police officer, I naturally
developed a desire to outfox them, but within limits. Being able to
'outfox' a program, system, or network of computers is naturally
fulfilling.
> Do you have any recommendations on what to watch out for?
Certifications.
> If you were able to do it all over again, would you go back into
pentesting?
>
Yes. But I didn't start this way. I got here by bouncing around numerous
positions and learning the hows of the technology, not just the whats. You
can't just jump into penetration testing and be very effective. First you
have to have the mindset, second you have to have the passion, third you
have to have the skillset.

---


> Hello all.
>
> I am sure you all have seen many of these questions posed on this list,
as
> well as others.  I am aware of the typical answers of, write a program,
compile a new LiveCD, etc.  But I was hoping to try something a little
bit
> different.
>
> I have found myself in a precarious situation.  I have been in between
jobs since October and am now finding myself able to attend some
schooling.  On this path to schooling, I was posed with a very
interesting
> question.
>
> "How did the others that do what I want to do, get there?"
>
> I want to be a pen-tester.
>
> I have been working with computers for over fifteen years - eight of
those
> professionally (Help Desk, SysAdmin, InfoSec Admin).  I am fluent in
Windows and can get done what I need to in Linux.  I am good at just
about
> everything, with the exception of databases, coding and routing.  I am
almost entirely self-taught and simply have not done that type of work,
yet...  I did attend a class at a school that I will not name (they have
earned no plugs through me), though many of you have heard of it.  I
also
> certified afterwords.  It is a certification that is very similar to a
CISSP, though is is more technically based.
> So, to all of you pen-testers out there, if I could please ask you for
10-15 minutes of your valuable time.  If you could either reply
privately
> to the questions below - allowing me one reply with any questions that
you
> may have invoked.  Or if you would prefer to be contacted via phone - a
private message with a number and the best time to be contacted, would
be
> appreciated.  If unsure, please choose the first choice.
>
> My questions:
>
> I am trying to discover the best path, to get me from here to there.
What
> was it that you did to get there?
>
> What do you think are the good parts of the job?
>
> What do you think are the bad parts of the job?
>
> What is it about pentesting that keeps you coming back?
>
> Do you have any recommendations on what to watch out for?
>
> If you were able to do it all over again, would you go back into
pentesting?
> --
>
> Thank you so much for your time.  It is very much appreciated.
>
> Rob Thompson
>
>
> ------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review
Board
> Prove to peers and potential employers without a doubt that you can
actually do a proper penetration test. IACRB CPT and CEPT certs require
a
> full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------





------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------