“I honestly don’t know that there’s any one best way to get a red team job. Penetration testing and red teaming are more about your ability to think creatively than a certain sort of education or background.”

Twitter: @jaredhaight

Jared has been in information security for five years now and is currently a consultant specializing in adversary simulation-style engagements. Before entering InfoSec he spent time in the operations side of IT, working in help-desk and desktop support before spending a decade as a systems administrator. Over the years he’s released a couple of open source tools that have been well received, including PS>Attack, and he is a core developer behind the Faction C2 Framework. He’s given talks and training at cons like Troopers, DerbyCon, CarolinaCon, and numerous BSides events.

How did you get your start on a red team?

I had what I feel is a pretty traditional path into red teaming. I’ve been in IT for about 14 years now; I started as help desk, then desktop support, and eventually systems administration. One day the company I was working for told me they were starting a security team in IT, and they wanted me on it. I’d always been a generalist, and I enjoyed that. It was cool to work on networking one day and virtualization the next, bouncing around various aspects of IT operations. I’d always been security-minded in my IT roles, probably ...