I am in my early 30s and living in Europe and I am considering to switch over to a position in IT security, maybe as a security analyst, consultant, forensics or similar.
Mostly, I have been working in the field of Business Intelligence and Data Analytics in various industries since years, so I am fairly analytical, have a good business acumen and I am a bit more than just tech-savvy (programming – mostly python, linux shell, networking, databases, container, cloud services). In my free-time I love playing around with all kinds of tech (e.g., building my own NAS, a raspberry vpn router, turning a 12yrs old macbook into a kali machine and more).
My plan was to follow the typical CompTIA pathway to get the necessary certificates, in order to get a foot into the door: **Network+ > Security+ > CySa/PenTest+ > CASP+**
Of course, I would also have to learn the policies and laws, which are mostly country-specific, and gain real hands-on experience, which will come at the cost of earning less than now.
The only worry that I have is that I might be “too old” and that my skill-set will be too niche. Furthermore, I might not be able to leverage that in a way to get a salary that is not too far away from my current one.
So any thoughts or advice would be greatly appreciated. 🙃