Moving from a large company with a retinue of pentesters, to a start-up with far fewer resources, can be a strain. It may be just you. While you're performing services, your new company may also need you to be flexible -- move to supporting some IR or blue team-related functionality. You won't be able to do both sides of a purple team, but you can help things meet for your clients. This talk will have my story, as well as some ideas when having to reach across a spectrum of needs with limited (or no) defense-focused personnel.
Leslie is a network-focused penetration tester (learning about OT/ICS in their downtime). Relatedly, they're a perpetual Linux sysadmin and frequent conference volunteer and attendee. Typically you’ll find them scoping out WAPs, wiggling ATM card readers, and hiding in a corner with MP3s, a 3DS (playing JRPGs), or CTFs.