Has anyone here made a transition from a different role in infosec into pentesting or red team work?
I currently do security systems engineering (I help build COTS/FOSS tools/SOC apparatus) and am working towards my OSCP in my limited spare time. I have an interest in giving the offensive side a shot after I can pass the OSCP exam, but I would be going from a relatively lucrative position to a complete know-nothing noob. I’ve learned that I do better when I work with a team of people that I can speak to and bounce questions off of. However, I don’t have any idea how I would get my foot in the door even if I were able to find an entry point without taking too much of a salary cut. It kind of seems that I’m possibly at the point in my career where I’m better off just doing CTFs for fun.
I’d appreciate any guidance you may have in how to approach this.