Right now I’m a senior at my uni and will be graduating next spring ’22 with a degree in information systems. I currently have 2 years of IT help desk under my belt (3 once I graduate) and I got my Security+ cert last summer. This summer I have an internship lined up as a SOC analyst. When I graduate, I’d like to continue to be a SOC analyst for a couple of years whilst working on my OSCP cert to become a pentester.
So what should I be focusing on right now?
1. Coding (my python/java skills are rudimentary)
2. eJPT cert
3. Htb/ctf stuff
4. Fundamentals of security/blue team stuff?
I understand that I need to crawl before I walk, but am I getting ahead of myself with wanting to focus on pentester stuff now? I already have experience with linux, vm’s, some of the tools in kali and everything. Should I just focus on pentesting in my off time and proper blue team at work?
How should I go about this?