Hi
Mid life career change on the cards. Does anyone work in the field? If so, I’d appreciate a chat/email.
I’ve a few questions about the field please.
Thanks
I'm not in the field but I have friends who do and I work with people who are. I need to know OWASP fairly well for my line of work and I often get solutions pen tested.
It can be hard to break into but if you land as a security consultant then it is a good career. Lots of documentation though.
I'd recommend getting a CISSP certification book and seeing how you get on. I found it hard reading and it put me off doing the exam. TLS and encryption were a lot easier to read than the legislative stuff. Ultimately the good guys I know manage the confidentiality / integrity / availability mix well and make sensible business decisions. If you already work in IT I'd expect it to be easier to cross train into security as technical or consultancy depending on current skills.
Good luck!