I have been a Pen Tester going on ten years, I was doing it when it was not popular, or even paid that much. Of course today that has all changed, the money is better than it has ever been and I get constant job offers ever day via LinkedIn.
To start in the business you need to learn how to hack, and there are a couple of options, books or training. The Blackhat events held every year in Vegas offer unparalleled chance to attend training around pen testing, hacking or breach response, expensive but well worth the money. The second option is books, there are plenty out there, I would recommend the following article on Best Hacking Books, which is what I used for reference.
I have also attached an article I wrote on hacking basics.Browser Exploits and Drive
And this one on Decrypting SSL traffic so that you can inspect the content. Decrypt SSL Traffic to Look for Hackers
You will need to do this if you want to inspect payloads, especially if it is malware as there payloads will most likely always be encrypted.