I’m hoping there’s some Australians in the industry on reddit who might be able to assist.

Quick background: I’m turning 40 and for the past 20 years have worked in an industry I don’t care much for, but it pays well, I’m good at it. As a wee teenager, circa 1997-2004 (roughly) I did some fun things like use my local ISP’s unsecure telnet to relay SMTP messages to my school teachers, from other school teachers (sorry DragNET admin, wherever you are), and crack some software protection by editing executables. Nothing much else.

I did learn programming though, good enough to make games and graphics engines from scratch in C++ (which I still do today). Then I’ve got a lot of experience in my job with websites, Web applications, API junk and a whole lot of SASS messes and databases. I’m fairly well versed in modern corporate information systems, how they connect and communicate, and what sorts of systems have access to what bits of info.

Long story short, I know some stuff and I’ve always liked mucking around on computers.

I’ve just started going through HackTheBox.com and I love it, and I thought, shit, I could do this for a job. Seems pretty sweet, being a computer hacker and getting paid. But of course, reality would be different…

So questions:

1. What is the day to day like in Pen Testing?
2. What’s the best part of the job in security?
3. What’s the worst part of the job?
4. Are their specific certifications that would make me look good?
5. Is there any particular experience I could gain (without working in the industry) that would look good?
6. Anything else I could do to get a job in this field?
7. What’s the pay like? At what level would I enter, and how quick is promotion generally?
8. Can I wear a tshirt and hoodie to work like I do now?

Thanks in advance if anyone wants to help me out.