Pen testing is a viable alternative in the same way that driving a car is an alternative to designing an engine.

When your specialty is in finding novel exploits, there's not much of a market for you outside the government-o-sphere. In practical terms, pen tests are typically not focused on finding novel exploits.

Nevermind the vast difference in career expectations between salaried government work and consulting.

That is a good point.

Ex military often have trouble finding jobs that match their skillsets as well. Not many civilian jobs encourage you to annihilate the denizens of under-developed, resource rich regions.

There's actually quite a lot of value in finding and fixing exploits. It's just that many companies prefer the illusion that $1k is a reasonable bounty for SQLi.

In the same way that being a local cop is an alternative to being in the Special Forces.