Anyways here is a little guide sam dhillon on what you should learn to be a Ethical Hacker (Also called pen tester).
1) You must have dedication. Just like with programming you need to stick with it and contribute a good amount of time to learning it. It won't come over night
2) You will have to know how "Malicious people work". In order to be able to do pen testing you have to know everything that the Malicious person knows.
3) Obviously learn a programming language or three.
4) Know how the computer works. You must be willing to learn both hardware and software and be able to know how most of it works.
5) To be honest you must get off of Windows and move to Linux. Windows will be just way to restrictive for this type of thing. I would highly highly recommend downloading BackTrack http://www.backtrack-linux.org/.
That is the all time best for pen testing I have found.
6) Get Certified. Search google for words like "CEH", "OSCP", or even just "security certifications". It will help greatly if you want to do this for your job.
7) Join pen testing forums, play around with your computer, join newsgroups about computers, read anything about technology and just learn and do. That is all you can do really. Read about something then test it out.
Hope that helps a little.