Would never say no to more. Could probably make more at same level. But am mostly happy / feel fortunate for where I’m at.

I wrote this up a while ago and you may find it useful - https://shellsharks.com/getting-into-information-security.

Congrats! Getting some momentum is usually the hardest part. I’ve been pretty regularly going to the gym since last October and I can safely say I have a decent groove now. Plus the results have been pretty good so far. You didn’t ask, but here’s what I’ve been doing for the most part - https://shellsharks.com/notes/2023/08/08/current-training-splits

Honestly. All of the above. If you have time for OSCP. Swing for it. It’s definitely a good one to have on the resume. When you’re ready to look for gigs, apply to both pentesting roles and really anything security-related. Breaking in is the hardest part but once you have some XP it’s easier to move about.

Interesting, this is something I’ve yet to do. I’ve been seeing some interesting news about Asahi Linux for M1 macs im interested in trying out though.

Maybe some HM’s would think that. I wouldn’t tbh. Your entrepreneurial spirit might even be a benefit. If they like you as a candidate but are worried about any conflicts of interest they will just ask you. You’ll just need a confident response to allay any potential fears.

Before I moved into big tech space I wasn’t familiar with the role grade of security architect, and neither was my prior company. They had an architecture team where those within it were enterprise/security architects. I think that’s perfectly fine tbh, but I suppose could be confusing if you come from tech world.

Check this out https://taggartinstitute.org/p/the-homelab-almanac. (Shoutout to @mttaggart@infosec.town .)

I share this link a lot but it’s really the best advice I have for getting into the field. https://shellsharks.com/getting-into-information-security. It takes some persistence for sure but the industry needs new blood. You CAN absolutely do it. Start small and build up core skills. Being able to “code malware” is something you can worry about much later down the road. Work on coding smaller projects, learn networking and OS basics, etc… Good luck and come back here as you have more questions!

I’ve captured a bunch of training sites you can peruse https://shellsharks.com/online-training. If you’re into OSINT, familiarize yourself with some more OSINT tools, I’ve captured some here https://shellsharks.com/infosec-tools.