Is middle age wrong time to make a career move to Information Security?

infosecsinfosecs Posts: 48Registered Members ■■□□□□□□□□
I have noticed a clear trend among employers to hire young people and specially new Grads for grooming in Information Security. On the other hand I have also seem some old folks still sticking around in management and senior positions.
However, does it mean that the chances of IT professionals with 12-15 years experience and (2-3 years experience in Information Security in the same company) don't stand a chance of entering mainstream Infosec market?
I hope we do have some examples on this board who defied age bias but somehow I beginning to suspect that age does play a major negative role in this industry specially when one is trying to move from IT.
What do you think?

Comments

  • Tekn0logyTekn0logy Posts: 85Registered Members ■■■□□□□□□□
    Middle age is the wrong time to transition if you don't have fresh skills. Some employers are realizing that mature employees are well grounded and look to employ them. Keep your skill set up to date with verifiable certs appropriate for your career, maybe get a new degree and you shouldn't have trouble. Also, I think that it is also important that you have "connections" either with insiders or reputable staffing company.
  • nathandrakenathandrake Posts: 48Registered Members ■■□□□□□□□□
    While I'm not middle age, I think I'm pretty close (39), so I figured I'd give my story.

    I've been working in IT since 2001. A few years in help desk, then a lot of time spent in desktop support. This was mostly due to a combination of my employer at the time paying for my bachelor’s and master’s degree, and a little bit of procrastination from my end as I got too comfortable with my job flexibility, duties, and seniority.

    About 3 years ago, I took a new position as an "Engineer", but the position was more of a system admin (SCCM administration, application packaging/integration, group policies, AD administration). During that time, I really wanted to transition more into a security role that would align more with the master's degree and certs I obtained. I just felt at the time that I needed to pad my resume with more than just help desk and desktop support before any company would take me serious.

    I started looking for a job in the info sec field about 3 months ago. I accepted a position as a Security Analyst II about 2 months ago. Within 5 weeks, I was promoted to Security Engineer that's going to be focusing an web application security. I did not find it too difficult to make the transition at my age. Employers didn't seem to find my age an issue either during the interview process. Before I accepted the position where I'm at now, I went on 3 other interviews. One I got to the final round of interviews (4th round), one I turned down the offer due to the compensation, and then the other one I pulled out of consideration due to the offer I did accept. My only regret is not getting into this field sooner.
  • infosecsinfosecs Posts: 48Registered Members ■■□□□□□□□□
    While I'm not middle age, I think I'm pretty close (39), so I figured I'd give my story.

    I've been working in IT since 2001. A few years in help desk, then a lot of time spent in desktop support. This was mostly due to a combination of my employer at the time paying for my bachelor’s and master’s degree, and a little bit of procrastination from my end as I got too comfortable with my job flexibility, duties, and seniority.

    About 3 years ago, I took a new position as an "Engineer", but the position was more of a system admin (SCCM administration, application packaging/integration, group policies, AD administration). During that time, I really wanted to transition more into a security role that would align more with the master's degree and certs I obtained. I just felt at the time that I needed to pad my resume with more than just help desk and desktop support before any company would take me serious.

    I started looking for a job in the info sec field about 3 months ago. I accepted a position as a Security Analyst II about 2 months ago. Within 5 weeks, I was promoted to Security Engineer that's going to be focusing an web application security. I did not find it too difficult to make the transition at my age. Employers didn't seem to find my age an issue either during the interview process. Before I accepted the position where I'm at now, I went on 3 other interviews. One I got to the final round of interviews (4th round), one I turned down the offer due to the compensation, and then the other one I pulled out of consideration due to the offer I did accept. My only regret is not getting into this field sooner.
    kudos. Cant read a better post than yours on a Friday. Cheers:)
  • scaredoftestsscaredoftests Posts: 2,559Registered Members ■■■■■■□□□□
    I have defied it (I am 59). Just keep the skill set up to snuff and all will be fine..
    Never let your fear decide your fate....
  • Jon_CiscoJon_Cisco Posts: 1,521Registered Members ■■■■□□□□□□
    There are lots of reasons for age discrimination. Employers look for value and in some cases they feel the young guy that is willing to work long hard hours for little pay is a great value. Others might be looking for a little more experience and the guy in his early 60s might have handled a few more problems in his lifetime.

    What you really have to address is what will you do if you don't change careers? Is everything fine and you will coast to retirement? Are you in a dead end job and can't pay bills? Will your job exist in 2 more years?

    Be aware of possible discrimination but don't back away from the challenge. If you have decided a career change is the right move then go for it.
  • alan2308alan2308 Posts: 1,850Registered Members
    I was 32 when I went back to school and transitioned into infosec. Age probably had a hand in a few things along the way that didn't pan out, but I've been doing fine. Especially when considering where I was before making the move.

    The electronics field that I was in had all but disappeared by then. We reached the point it was cheaper to throw things away and replace them. There was a line out the door to interview for a $10/hr job fixing games at Chuck E Cheese.
  • tripleatriplea Senior Member UKPosts: 154Registered Members ■■■□□□□□□□
    Never too late to move....as others said just have some worthwhile skills and a bit of faith.

    Im 46, took the sscp last year and have been helping the infosec guys for about 4 years even though Im really a systems admin from support desk.

    I moved over into infosec this year and expect my infosec roles to see me out til retirement now. JUST KEEP YOUR KNOWLEDGE CURRENT.

    Only took me 3 interviews with different companies ( 1 I got to the final 2 on ) and Im transitioned.

    Keep plugging away and good luck.
  • Danielm7Danielm7 Posts: 2,174Registered Members ■■■■■■□□□□
    I'm not sure where the "only young people" thing is coming from but I'm not seeing it. Outside of somewhere like defcon, when I go to local events I find tons if not the average person to be 40+. I don't know what you'd consider to be middle age but if you say 12-15 years experience you could easily be mid 30s, which is not middle age. If you're hung up on ageism in mid 30s just try to get over it, that's not remotely old.
  • yoba222yoba222 Posts: 860Registered Members ■■■■□□□□□□
    Ageism is a thing, sexism is a thing, racism is a thing, honey pyramid truthism is a thing. I prefer to not be a victim, so I positioned myself as best as possible to not appear to be too old as well as inexperienced from the perspective of those reviewing resumes and hiring. It worked.
    2018: CySA+ | PenTest+ | CCNA Cyber Ops
    2019: eCPPT &/or OSCP | CISSP
Sign In or Register to comment.