[Daryl Pope]
[Diwakar Yalpi]
[CYSE 201S]
[11/24/2024]


Career Paper


Throughout the world of cyber security, there are countless amounts of different procedures and
pathways that cyber professionals can pursue. Almost to the point where there seems to be no
limit to the different careers that they can choose. Today, I have taken the time to research the
most important careers in the field of cyber security and critically analyze them to gain more
understanding. While I was researching these different careers I came across jobs such as
malware analysts, security engineers, and many more. But the one that I found to be the most
interesting and important was the career of a penetration tester.


What is a Penetration Tester?


So, what actually is a Penetration Tester? To keep it as simple as possible, penetration testers are
cyber security professionals that simulate cyberattacks on their own companies networks and
systems in order to identify and fix security vulnerabilities. In a way, a penetration tester could
be classified as a “hacker”, but they are doing it for the benefit of their own company. This
procedure is what you would call “ethical hacking”. A method used nowadays by any company
that you could think of.


What are the Methods of a Penetration Tester?


With something as complicated as computer software you would think you will need someone
experienced enough to take on the job. And in that right, you would be correct, but the methods
of penetration testers aren’t so easy to obtain. While researching penetration testers, I found that
there are different courses that they can take in order to learn the methods of pen testing or
“ethical hacking”. A source that I found on the official page of the University of Tulsa explained
a different method that pentesters find their way into the field. They said “To become a
penetration tester , a bachelor’s degree in cybersecurity or a related field is recommended
because it provides foundational tech skills.” (University of Tulsa). An advanced degree in
cybersecurity would definitely make sense to obtain for a job to the scale of a pen tester. I have
been talking a lot about pentesting broadly, but there are specifics when it comes to the type of
pentesting. In an article I found through Ironhack.com, they explain that “Pentesting is split into
three main types of tests. These are referred to as white box, black box, and gray box. These
three methods examine various potential scenarios that a criminal hacker may be in, depending
on how much they know about a company’s computer network” (Ironhack). All of these different
types of pentests are learned through labs by aspiring pentesters before they become certified.


Why are Pentesters So Important?


Pentesters are extremely important to the security of companies for many different reasons.
Having pentesters on your team conducting research, by itself, adds an extra layer of security to
your company. Having someone that understands how your company’s security works, providing
regular tests allows for your company to highlight mistakes and patch needed holes within the
systems. Investing in regular penetration testing can also save organizations money in the long
run. This is by preventing costly data breaches, system downtime, or financial penalties that can
all happen if hackers are able to infiltrate.


How does Pentesting Affect Marginalized Groups?


Penetration testing can be important for marginalized groups by ensuring their digital spaces are
secure from exploitation and harm. These marginalized groups can include people who may not
be as familiar or comfortable with technology, especially those who lack access to digital
education or resources. Pentesters are able to create a barrier between unethical hackers and the
marginalized to keep them safe from different cyber attacks.


How does Pentesting Apply Social Sciences?


In class we have discussed different social sciences before, and how they apply to cyber security.
And in this case, I believe that cyber security applies to social sciences in a unique way. In class
we talked about Maslow’s hierarchy of needs and how each different level corresponds to a
different need. Penetration testing contributes to Maslow’s hierarchy of needs, particularly in the
“safety” and “belonging” levels. This is by securing digital spaces and protecting personal
information, pentesting ensures individuals’ safety in online environments. Without someone to
test social media outlets for mistakes, there could be a data breach and everyone using the social
media with their personal information on there would become viable for their information to be
stolen.


Conclusion


To conclude, penetration testers are one of the most valuable, yet challenging career paths within
the field of cybersecurity. Pentesters maintain balance and structure within the integrity of the
system’s security.


Sources


Ironhack. “What Is Penetration Testing and How to Get Started.” Ironhack, 23 Nov. 2023,
www.ironhack.com/us/blog/what-is-it-and-how-to-get-started-in-pentesting.


University of Tulsa. “Benefits of Penetration Testing.” University of Tulsa Online,
www.online.utulsa.edu/blog/benefits-of-penetration-testing/.


Kaplan-Moss, Jacob. “The Ethics of Social Engineering Tests.” Jacobian.org, 27 June 2017,
https://jacobian.org/2017/jun/27/social-engineering-pentests/. Accessed 24 Nov. 2024.