You are familiar with security designs for computer software, how to locate bugs and loopholes in the code, and how to take advantage of them.
You know how to run scripts someone else wrote (Script Kiddie). You think rootshell.org is 'kewl' and '3l33t'. You know what port 139 is for; and how to abuse it. You could make a living finding security flaws in corporate software. Your idea of fun is checking new releases of bind and sendmail for security flaws... and fixing them.