I started as part time without any experience durring my college. I was studying gamedev software engineering, but we had one voluntary class about Ethical Hacking.

I just asked my professor if he can reffer me to someone in the field, followed OWASP Web App Testing guide to the letter when testing the interview homework website, and landed the job without much prior experience (I did attend a few CTF competitions, though).

Just following the checklist in OWASP testing guide made my results comparable to, or even better to some of my colleagues, and I’ve slowly learned the rest (especially internal domain pentesting) from our internal documentation or shadowing seniors during pentests, and simply being interrested in the field, having initiative and looking up new tools and exploits eventually got me to a Red Team Lead role (not a very good RT, though, but it did improve eventually).

The pay was pretty good compared to what’s usuall here in Czech, too. I could comfortably pay rent and get by even with part-time, during college.