Penetration Testing Jobs

Hi all

I'm trying to break into penetration testing as a career and will be doing the elearnsecurity certification later this year as a follow up to my hdip in security. I have noticed however that there isn't many positions advertised for such roles, with most being for security engineers etc. Has testing become something that is done mainly outside of Ireland?

I know that one of the U.S.firms that I used to work for moved most of their testing and operations from here to Poland and I'm just wondering if this is something that is happening across the board due to the lack of jobs being posted especially entry level.

I do have network experience and webserver security experience in my current job and could look at further qualifications to move into an engineer role but I really like the penetration testing side of things.

s8n

hehehe, you said penetration

IamMetaldave

There are loads of places that do it in Ireland. I know BSI are hiring all levels across Cyber and Information Security. Just taking a quick look on LinkedIn jobs and Irish Jobs I see quite a few too.

IamMetaldave

IamMetaldave wrote: »

There are loads of places that do it in Ireland. I know BSI are hiring all levels across Cyber and Information Security. Just taking a quick look on LinkedIn jobs and Irish Jobs I see quite a few too.

Thanks been looking for a while, haven't seen many posts to be honest and all I'm finding are ones that want candidates with 3 to 5 years professional experience while I would definitely be a beginner in relation to pen testing.

IamMetaldave

Get a job in a company that does pentesting in another role and jump teams when you gain more experience. It's far easier to get those jobs internally than coming in directly to them.

IamMetaldave

IamMetaldave wrote: »

Get a job in a company that does pentesting in another role and jump teams when you gain more experience. It's far easier to get those jobs internally than coming in directly to them.

Thanks for the advice, I was thinking about this route alright.

grimeire

Cork is like the capital of IT security in the EU, not as many security roles in dublin so if your really interested and willing to move have a look at the security roles in cork and do as IamMetaldave suggested get an entry level job and move teams after you get experience.

grimeire

grimeire wrote: »

Cork is like the capital of IT security in the EU, not as many security roles in dublin so if your really interested and willing to move have a look at the security roles in cork and do as IamMetaldave suggested get an entry level job and move teams after you get experience.

Thanks but moving isn't really an option unfortunately (married, house etc). I do have a friend in Dublin who does work from home for Dell EMC down in Cork, but given I'd be new to the area I'd like to have somewhere I could be office based for a while as its easier to network and learn.

moneymad

I'm from cork,have an oscp cert. I cannot find a job in cork in "cyber security". I'm on the verge of moving to england.

moneymad

moneymad wrote: »

I'm from cork,have an oscp cert. I cannot find a job in cork in "cyber security". I'm on the verge of moving to england.

Thanks for the reply.

I'm seeing or I was at least adverts for junior and entry security engineers etc, all which required you to have 3 to 5 years experience along with certifications such as cisp that require you to have a number of years experience in security in order to sit the exam (or attend accredited training which in Dublin is prohibitively expensive for me at the moment)

Sort of reminds me of a development job advert a friend showed me just after .net was released, stating that the applicant must have 10 years .net development experience

I did find I wasn't having much look with recruitment companies, what I did was find out who they were advertising the role for and email the companies hr dept myself.
I got a couple of interviews that way but they all gave back saying that someone with more experience was selected.

zweton

moneymad wrote: »

I'm from cork,have an oscp cert. I cannot find a job in cork in "cyber security". I'm on the verge of moving to england.

Thought you would be snapped up with oscp, someone mentioned cork was the cyber capital of europe, unfortunate you cant get a break.

moneymad

DubInMeath wrote: »

Thanks for the reply.

I'm seeing or I was at least adverts for junior and entry security engineers etc, all which required you to have 3 to 5 years experience along with certifications such as cisp that require you to have a number of years experience in security in order to sit the exam (or attend accredited training which in Dublin is prohibitively expensive for me at the moment)

Sort of reminds me of a development job advert a friend showed me just after .net was released, stating that the applicant must have 10 years .net development experience

I did find I wasn't having much look with recruitment companies, what I did was find out who they were advertising the role for and email the companies hr dept myself.
I got a couple of interviews that way but they all gave back saying that someone with more experience was selected.

You're right. Mostly mid to senior level positions available. I do see plenty of soc analyst type roles in Dublin. Would you start there?

moneymad

moneymad wrote: »

You're right. Mostly mid to senior level positions available. I do see plenty of soc analyst type roles in Dublin. Would you start there?

Yeah to get the foot in the door I would.
But most I've seen are 3 years min experience in the same type of role and certs, while I cover the security modules for our companys server and client based products from a support and low level testing perspective, field service enginear and trainer experience along with a hdip in cyber sec to go with my hon degree in computing science, I don't have the qualifications such as CISP etc yet that they are looking for. But in saying this I have been busy with a few work projects lately so search time has been limited.

moneymad

DubInMeath wrote: »

Yeah to get the foot in the door I would.
But most I've seen are 3 years min experience in the same type of role and certs, while I cover the security modules for our companys server and client based products from a support and low level testing perspective, field service enginear and trainer experience along with a hdip in cyber sec to go with my hon degree in computing science, I don't have the qualifications such as CISP etc yet that they are looking for. But in saying this I have been busy with a few work projects lately so search time has been limited.

With all that knowledge I think they you will be a great asset to any companies team.

moneymad

moneymad wrote: »

With all that knowledge I think they you will be a great asset to any companies team.

No direct ethical hacking experience, or industry based certs and that my cv is over two pages long were reasons I was given just three weeks ago by a recruitment agency staff member as to why they didn't think it would be worth putting my cv forward.
I can understand points one and two! But hey you got to learn somehow and doing it yourself with metasploitable dvwa just gets you so far, but reason three just annoys me I'm in my 40s and have worked since I was 15, leaving out most of my experience before moving to IT and removing some certs that I didn't renew after the required time from my cv still has it at three pages :mad:

IamMetaldave

If you want help sorting your CV PM me and I’ll give you my email. I’ll see if I can help you with it. I’m in IT/InfoSec 14 years so have a fair idea how to focus them for roles.

IamMetaldave

IamMetaldave wrote: »

If you want help sorting your CV PM me and I’ll give you my email. I’ll see if I can help you with it. I’m in IT/InfoSec 14 years so have a fair idea how to focus them for roles.

Thanks I'm working today (sys down issue) so I'll pm you later.