[bashwizard]

What I can share is my roadmap how I manage to break into the field without any prior professional IT experience.

1) Linux. Learn it and live in it.

2) Linux servers and databases.

3) CompTIA Network+ (only for the knowledge, didn't bother getting the cert)

4) CompTIA Security+ (same as above)

5) OSCP certification (not a golden ticken by any means but it helps to bypass HR)

That's basically it. While going down that road I focused on hands-on practice by actually hacking into machines with the help of following resources:

A) Hack The box (hackthebox.eu)

B) PentesterLab (pentesterlab.com)

I also really like Portswigger's Web Security Academy (portswigger.net) and Try Hack Me (tryhackme.com) but they weren't around when I was starting out but I would definitely check them out, especially if I was completely new to security today.

All in all it took me roughly a year but get comfortable enough to start applying to junior pentesting positions and eventually I got hired.

There are probably better and easier ways to do it but that's how I did it at least.

[dencodev]

Hey thanks for this! I'm a senior dev and I just left my job. I'm going to be learning and studying full time but hopefully it doesn't take an entire year before I can get a job

[1qazxsw23edc]

Not OP but did you got a remote position after learning and practising all this because I'm interested in only remote positions.

[bashwizard]

I did not get a remote position. I eventually left the company though and started do consulting instead so I'm mostly working remote (and 100% at this point due to covid).

[1qazxsw23edc]

ok, thanks.

[thatcodingdude]

Thanks a lot !