[throwaway48491]

Thanks for those resources; I'll check them out.

I've been wary about going into security because I've heard that in order to be moderately successful you have to be naturally paranoid, disable telemetry on everything, lock down your computer and phone with super complicated passwords, never use your name on anything on the internet, etc. How true is that? I try to take precautions but I have a social media account with my real name so am I done for?

[eswat]

It depends on your threat model[0]. Keep in mind that InfoSec people that do the things you mentioned are doing it either out of necessity (see [0]), they see it as a fun hobby or are taking things to an unecessary extreme. There are plenty of nothworty contributors to InfoSec that have relevants things in public and don't go overboard locking down their devices.

[0] https://ssd.eff.org/en/module/your-security-plan

[shyn3]

Half the people at my office in security are on LinkedIn FWIW