{"id":369,"date":"2025-04-30T02:41:21","date_gmt":"2025-04-30T02:41:21","guid":{"rendered":"https:\/\/sites.wp.odu.edu\/cyse201s-indiap\/?page_id=369"},"modified":"2025-04-30T02:41:21","modified_gmt":"2025-04-30T02:41:21","slug":"career-paper","status":"publish","type":"page","link":"https:\/\/sites.wp.odu.edu\/cyse201s-indiap\/career-paper\/","title":{"rendered":"Career Paper"},"content":{"rendered":"\n

Title:<\/strong> The Career as a Penetration Tester in Cyber Security
<\/p>\n\n\n\n

BLUF<\/strong>
A career as a penetration tester involves knowledge of human behaviors and
technology to collectively mitigate attacks and find any vulnerabilities before they are
exposed to cyberattacks. They not only protect networks and systems, but they also
defend marginalized groups in which they bridge the gap in the digital divide.<\/p>\n\n\n\n


Introduction<\/strong>
Cybersecurity is known to be deeply rooted in social science as well, because
the role of a penetration tester is a very important career in cybersecurity. The role of a
penetration tester involves imitating hackers to discover vulnerabilities within a network
or a system and assisting with improvements to strengthen those vulnerabilities. I plan
to elaborate on the role that a penetration tester plays in cybersecurity, including
education requirements and mindset, as well as how it relates to hacker subculture, the
use of honeypots, and challenges.<\/p>\n\n\n\n


Education, Experience, and Mindset<\/strong> <\/p>\n\n\n\n

The role of a penetration tester requires multifaceted skills and expertise, not just
technical ones. As mentioned in module 5 of the course, \u201cA good cybersecurity
professional must have a rich and diverse skillset.\u201d They must have a strong
background in technology and cybersecurity. They may also be required to achieve
multiple certifications, such as PenTest+ and Certified Ethical Hacker (CEH), which will
show understanding of the skills needed to perform in this role. This provides a great
foundation for professional development. It is also recommended to have some
hands-on experience in the field as well, This can be done through Capture the Flag
Competitions and internships.
Penetration testers must think like criminals or attackers. Mindset is very
important, and they must be detail-oriented, problem solvers, and tenacious. They must
handle each incident with a strategic mindset and understand that although they must
think like a hacker, they also need to follow the law. There must also be a willingness to
learn; technology is changing every day, and new threats will continue to emerge. It is
important to keep your skills sharp through lifelong learning.<\/p>\n\n\n\n


Understanding of Hacker Subculture<\/strong>
Penetration testers are often referred to as \u201cethical hackers\u201d, meaning that they
explore vulnerabilities within a network or a system that could be exploited. They would
use the same hacker techniques to be able to test a system, the only difference is that
they have been given consent to do so. According to Merriam-Webster, a hacker is defined as \u201ca person who illegally gains access to and sometimes tampers with
information in a computer system\u201d and as \u201can expert at programming and solving
problems with a computer.
In Module 9 of the course, we explored a little of hacker subculture. “Hacker
culture emerged from a fusion of intellectual curiosity, counterculture and a hate-on for
any technology that you couldn\u2019t easily get access to or tamper with.” (Quora, 2017)
Comprehending hacker subculture plays an important part in the career of a penetration
tester; they are required to act and think like a hacker, but they also must follow the law.
With the use of simulations, they are also able to reenact attacks themselves, within a
controlled environment. This allows penetration testers to explore safely without putting
any assets or information at risk.<\/p>\n\n\n\n


Use of Honeypots<\/strong>
Penetration testers utilize honeypots. “Honeypots are used to lure cybercrooks
into a controlled environment, allowing threat experts and businesses to learn more
about complex cyber-attacks and how cybercriminals operate.” (Nemchick, 2024)
Module 3 further elaborated on honeypots, along with their advantages and
disadvantages. Advantages include the ability to study hacks and system trespassing in
real-time and grant the ability to apply changes to the honeypot to see how the hacker
responds. Some disadvantages include the difficulty of understanding motives, and that
sometimes the attacker isn\u2019t carried out by an individual, but via an automated attack or script. “Set up a honeypot, and you can lure hackers into a research environment. You’ll
watch everything an attacker does, and those insights can help you build an even
stronger system for your company.” (Okta, 2024)<\/p>\n\n\n\n


Human Factors & Interaction With Marginalized Groups<\/em><\/strong>
Module 7 emphasized the role that human factors play in cybersecurity. Human
factors According to Hasib (2018), \u201cPeople are not the weakest link in cybersecurity;
they are the strongest weapon. The real problem is the failure of leadership to provide
appropriate support, education, and empowerment. According to the National Institutes
of Health (NIH, 2019), marginalized groups are those who face exclusion and
disadvantage across social, political, and economic systems. Often, they may
experience digital exclusion, which can come from the absence of technology and
resources. The role as a penetration tester requires them to protect all, as well as
marginalized groups that are severely affected by cyber-attacks. They can collaborate
with these groups and determine what vulnerabilities they face and how to prevent
them.<\/p>\n\n\n\n


Conclusion<\/em><\/strong>
The career of a penetration tester is very complex. You must understand the
mind of a hacker as well as human behavior. They expose vulnerabilities before they
can be exploited as well as defend marginalized communities by reducing digital exclusion. With a foundation in technology, ad hands-on experience, they can recreate
attacks in controlled environments and learn from them.<\/p>\n\n\n\n


References<\/em><\/strong>
\u201cBridging Digital Divides: Expanding Cybersecurity in Underserved Communities –
NASCIO.\u201d
NASCIO, 25 Apr. 2017,
www.nascio.org\/resource-center\/resources\/bridging-digital-divides-expanding-cy
bersecurity-in-underserved-communities\/. Accessed 15 Apr. 2025.
Chamlou, Nina. \u201cWhy Diversity in Cybersecurity Matters | CyberDegrees.org.\u201d
Www.cyberdegrees.org, 28 Feb. 2022,
www.cyberdegrees.org\/resources\/diversity-in-cybersecurity\/. Accessed 12 Apr.
2025.
Hasib, Mansur.
Cybersecurity as People Powered Perpetual Innovation. Academia.edu,
2018,
https:\/\/www.academia.edu\/74480255\/Cybersecurity_as_People_Powered_Perpe
tual_Innovation.
Irwin, Luke. \u201cEthical Hacking vs Penetration Testing: What\u2019s the Difference?\u201d IT
Governance Blog En, 4 Feb. 2020,
www.itgovernance.eu\/blog\/en\/ethical-hacking-vs-penetration-testing-whats-the-di
fference. Accessed 9 Apr. 2025.<\/p>\n\n\n\n

Lane, Patrick. \u201cPenetration Testing and Vulnerability Assessment: Working Together.\u201dDefault, 8 Sept. 2021,
www.comptia.org\/blog\/penetration-testing-and-vulnerability-assessment.
Accessed 12 Apr. 2025.
National Association of State Chief Information Officers. Cybersecurity in Underserved
Communities. NASCIO, Nov. 2024,
www.nascio.org\/wp-content\/uploads\/2024\/11\/NASCIO_Cybersecurity-in-Underse
rved-Communities_2024_a11y.pdf.
National Institute on Minority Health and Health Disparities. \u201cOverview.\u201d NIMHD, 2018,
www.nimhd.nih.gov\/about\/overview\/. Accessed 12 Apr. 2025.
Nemchick, Emily. \u201cWhat Is a Honeypot? Cybersecurity Traps Explained.\u201d What Is a
Honeypot? Cybersecurity Traps Explained, 7 Jan. 2024,
www.avg.com\/en\/signal\/what-is-a-honeypot. Accessed 13 Apr. 2025.
NICCS. \u201cWorkforce Framework for Cybersecurity (NICE Framework) | NICCS.\u201d
Niccs.cisa.gov, 28 Aug. 2023,
niccs.cisa.gov\/workforce-development\/nice-framework. Accessed 13 Apr. 2025.
\u201cOkta, Inc.\u201d Okta.com, 31 Aug. 2024, www.okta.com\/identity-101\/honeypots\/. Accessed
10 Apr. 2025.<\/p>\n\n\n\n

Quora. \u201cWhere Did Hacker Culture Come From?\u201d Forbes, 7 Sept. 2017,
www.forbes.com\/sites\/quora\/2017\/09\/07\/where-did-hacker-culture-come-from\/.
Accessed 13 Apr. 2025.
University of Michigan. \u201cPenetration Testing (Ethical Hacking) \/
Safecomputing.umich.edu.\u201d Safecomputing.umich.edu,
safecomputing.umich.edu\/protect-the-u\/protect-your-unit\/vulnerability-manageme
nt\/ethical-hacking. Accessed 11 Apr. 2025.
\u201cVulnerability Assessment Analyst | CISA.\u201d Www.cisa.gov,
www.cisa.gov\/careers\/work-rolesvulnerability-assessment-analyst. Accessed 12
Apr. 2025.<\/p>\n","protected":false},"excerpt":{"rendered":"

Title: The Career as a Penetration Tester in Cyber Security BLUFA career as a penetration tester involves knowledge of human behaviors andtechnology to collectively mitigate attacks and find any vulnerabilities before they areexposed to cyberattacks. They not only protect networks and systems, but they alsodefend marginalized groups in which they bridge the gap in the… <\/p>\n

Read More<\/a><\/div>\n","protected":false},"author":30517,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"_links":{"self":[{"href":"https:\/\/sites.wp.odu.edu\/cyse201s-indiap\/wp-json\/wp\/v2\/pages\/369"}],"collection":[{"href":"https:\/\/sites.wp.odu.edu\/cyse201s-indiap\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/sites.wp.odu.edu\/cyse201s-indiap\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/cyse201s-indiap\/wp-json\/wp\/v2\/users\/30517"}],"replies":[{"embeddable":true,"href":"https:\/\/sites.wp.odu.edu\/cyse201s-indiap\/wp-json\/wp\/v2\/comments?post=369"}],"version-history":[{"count":1,"href":"https:\/\/sites.wp.odu.edu\/cyse201s-indiap\/wp-json\/wp\/v2\/pages\/369\/revisions"}],"predecessor-version":[{"id":370,"href":"https:\/\/sites.wp.odu.edu\/cyse201s-indiap\/wp-json\/wp\/v2\/pages\/369\/revisions\/370"}],"wp:attachment":[{"href":"https:\/\/sites.wp.odu.edu\/cyse201s-indiap\/wp-json\/wp\/v2\/media?parent=369"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}