Penetration testing — aka pen testing — is the practice of testing a computer system, network, or Web application to find vulnerabilities that an attacker could exploit. Many organizations hire professional services or consulting firms to assess the security posture of specific systems. People can start out by working as system administers or programmers, becoming so knowledgeable about how their systems work that finding flaws becomes second nature to them. People who are good at pen testing have always had an interest in understanding how things work, says Deral Heiland.”]
Source: https://www.darkreading.com/careers-and-people/so-you-want-to-be-a-penetration-tester