Be careful about “boot camps”, and I say this as someone who teaches at one on the side (coding, not security). A lot of them are kind of like degree mills - pay money, get stamp, maybe worthwhile or maybe worthless.

If you go that route, do a lot of research. The biggest thing I’d look for is that the instructors work in the field full time and teach on the side (because they love sharing info and teaching the next generation). Hire rates for grads is also a good indicator… But take close note of where those hires are at and ask if it’s not published.

Any time I’ve come across these kind of programs where the boot camp instructors only job is teaching, the info is usually 10+ years dated and relatively useless past the absolute basics.

Currently in my first IT job. I’m over 40, and been intheis job less than a year. Computers have always been a hobby of mine. A couple years ago I started taking some classes at the local community college: networking, cyber sec, sysadmin… After 6 or 7 classes, a professor recommended I apply for this job (Helpdesk+). I think certs are a great idea, and I’m planning to get some myself as I plan to steer into infosec. You really can’t beat personal networking/connections though. I got mine through school, but also maybe there are some clubs or events like a local Linux Users Group where you can meet people and make friends.

First off, aiming to start in security is a fools errand. Security is one of the many paths that your career might take after you gain some knowledge.

Some more random thoughts before real advice. The two hardest things in IT are getting into help desk, and getting out of it. The reason is two fold: 1) help desk is the great entry point for the greater IT industry, and 2) one person in a help desk role is fairly similar to another when it’s time to move out of help desk.

Now: If you have the time, go to your local community college and take their it/networking/security program. The degree will help - you won’t skip help desk (unless your lucky), but you are better equipped for getting out of it. You will also learn a bunch of stuff, get some projects to stick on a resume, etc.

If you don’t have that time you can go the cert route. Be warned however - certs do not substitute for real experience. Do not fall for the trap of thinking that getting X cert is your ticket to Y job. You will be in for a ride awakening when your sitting across from someone like me that only asks situational, hypotheticall questions with no correct answer ( I care about how you think and approach problems over book smarts).

Ok. Last bit of advice: the 10 things I look for (in order) when interviewing entry level help desk.

1. customer service skills,
2. ability to learn,
3. customer service.
4. some mild interest in tech.
5. customer service.
6. the ability to learn troubleshooting.
7. customer service.
8. the ability to admit you don’t know…
9. customer service.
10. not being an asshole.

I can teach you how to fix a printer, design a network, or spin up infrastructure in the cloud. I can’t teach you how to act around people.

Get certified in something. CCNA, RED HAt, whatever. Then take the shittiest L1 help desk job you can find. Get more certs while working and do the linked in and constantly look for a new job. You got this.

I’ve got some college but no official degree as well. I did a bootcamp for a CCNA with 0 experience in 2012. It was like learning a foreign language. I had to buy the official cert guide and studied hard for a year, I eventually got the CCNA cert in 2014. After that I kept getting additional Cisco certs, CCNA - security, CCNA - cyberops, and now am working on the CCNP. Once I got my CCNA I was able to get into a help desk position, and have moved up to analyst, and engineer. With each job jump have increased salary 30-50%. Honestly in tech I’d recommend moving around every 1-3 years to get that pay bump.

If you have a good manager, they will recognize that a college degree in IT and security specifically is not really necessary.

Some certs to look at for entry level network security, Cisco cyberops associate or CompTIA security+

Get your hands on some used computers, and maybe an 8-16 port switch, then dive into the world of home lab! Setup your own servers and network stacks. Deploy services, containers etc.

Hell, you’d be surprised at how involved setting up a headless Linux Minecraft server can be if You’ve never done it. Little projects add up to a lot of hands on experience you just don’t get from a book.

Without a degree or any IT experience, I’d say try to get one basic IT certification from CompTIA (A+, Sec+, or Network+), then apply for a HelpDesk job just to get in. You can try going straight to a SOC analyst role if you’re confident in your knowledge/skills. Those are basically the entry points for IT and Security for someone without a lot of experience. Once you’re in, you can start leveling up with experience or move laterally to your desired role. You’ll also be able to get your employer to pay for training and certifications.

Plenty of good suggestions in this thread. I’ll add on that I recommend you read Alyssa Miller’s “Cybersecurity Career Guide”. It will answer many of your questions and provide you a roadmap to land your first job. https://www.manning.com/books/cybersecurity-career-guide?ar=true&lpse=A

Hiring manager here, the best thing you can do is work on certifications. Microsoft Learn has a ton of info and the certs are reasonably cheap. There is also a ton of stuff on YouTube, for example Professor Messer’s Security+. There is also a great demand for VMware admins.

If you can setup some computers at home and make yourself a lab, build VMs on hypervisors of your choice and talk about that during your interviews that’s big bonus points too.

If you want to have a taste of the basics you should check out the OWASP juice shop, basically a game-ified insecure web application to poke holes into. It has tutorials, an achievement system and the different challenges all have a difficulty rating.

https://owasp.org/www-project-juice-shop/

Start at a temp agency

Learn Terraform. It’s easy and in very high demand right now.

I’m a SOC Analyst in my mid 20s.

I did a boot camp, it got me a job. BUT I already had a degree, though in a completely unrelated field. For people just out of college age like me, that degree requirement was much more about showing you’re capable of committing to something than it was about specific knowledge.

You’re going to need to get certifications no matter what you do. My boot camp prepared me for Sec+ and CySA+, but you could 100% do that on your own.

At the end of the day, it’s going to come down to how much time/money you’re willing to invest. If you’re able to get a degree without significant hardship, I’d do that. There’s so much value to education, no matter the subject.

If you’ve got less money and time than that, consider a boot camp. I had an amazing time in mine, and the schedules are often designed for working adults. My class had people of all ages, though the ones with some previous interests/hobbies in IT definitely got the most out of it.

Feel free to DM me, mentoring and networking is a huge part of cyber!