Starting my career as a Software Developer was great but I found my true passion once I was introduced to cyber security. In 2010 I was asked to reproduce a Proof of Concept (POC) from ICS-CERT about a product that was created by my employer. I knew nothing about Cross Site Scripting (XSS), SQL injection (SQLi), or anything security related. That one task started my thirst for knowledge about this great ocean called Cyber Security. I did my research and reproduced five of the six items on the POC, the sixth was not real and I had them remove it. Next I worked with the developer responsible for fixing or mitigating these issues. That was my first time to be involved in anything really security related and I loved it.
I moved around a little to find that perfect fit and I think I have it right now. I stepped into a management role for a few years, still pen testing at the same time, and found that is not for me. I spent 80% of my time dealing with my lowest performer(s) and ignoring my stars as they knew what to do and how to research.
Eight years later I specialize in ICS/DCS/SCADA and Mobile Application Penetration Testing. I am constantly learning and growing my skills like the vast majority of the professionals in this area. I hope to have a practical Web Application Penetration Testing certification any day now.
I spend most of my days doing Mobile Application and API penetration testing.