rethrowawayMZ

I spend 90% of my day reverse engineering malware most of it is mass distributed common shit behind custom packers, but every now and then we find an interesting targeted attack and some custom stuff targeting big oil, or government's (Nkorea v Skorea earlier this year). I assume you guys take care not to leave your tools around. I also assume you aren't on the level of a laughable pen tester using loltrack or scriptkiddy metasploit so how does recruiting for this position work? I would think most of the talent would have to come from someone with a similar background to mine, but of all the recruitment emails I've received over the years from different AV companies trying to snipe me I've never once received a recruitment email for this line of work.

TL;DR - How to make the jump from malware / vulnerability researcher to e-mercenary.

Thanks for the response, a few further questions that might be asking to much specific information:

Do you have teams developing and banking 0 days for different ops? What % of your attack vectors would you say are technical intrusion vs. social engineering. Have you ever 'framed' other agencies or groups with noisy callbacks to known group / agency cnc? Would you agree that most "protection" is essentially useless vs a targeted attack?